I considered doing that if I got resources. My idea was to just port the Rust compiler code directly to C or some other language. Especially one with a lot of compilers. BASIC’s and toy Scheme’s are the easiest if you want diversity in implementation and jurisdiction. Alternatively, a Forth, Small C, Tcl, or Oberon if aiming for something one can homebrew a compiler or interpreter for. Far as certifying compilers, I’d hand-convert it to Clight to use CompCert or a low IR of CakeML’s compiler to use that. Then, if the Rust code is correct and Clight is equivalent, then the EXE is likely correct. Aside from Karger-Thompson attack, CSmith-style testing comparing output of reference and CompCert’d compiler could detect problems in reference compiler where its transformations (esp optimizations) broke it.
rain1 and I got a lot more tools for bootstrapping listed here:
I don’t know much about Rust internals, but I’m wondering: if this compiler produces MIR and then compiles that to C, could it also compile MIR produced by canonical rustc into C?
One aspect of this is that rustc would have to provide a wrapper so it could be called from non-Rust code, MIR doesn’t have a canonical textual representation.
This is kinda similar to how rustc uses LLVM’s C API to call into it, even though LLVM is written in C++.
I am really excited about this. C++ was sort of my “mother-tongue” going through school, and in the past couple of years I’ve become a part of the Rust Evangelism Strike Force. This is a really cool project and it looks like they’ve put a lot of TLC into it. I’m excited to see where it goes.
Motivation seems to be insurance against a trusting trust attack: https://www.reddit.com/r/rust/comments/718gbh/comment/dn90vo1
Really awesome project!
It’ll also be generally useful for bootstrapping without needing a previous Rust binary blob.
I considered doing that if I got resources. My idea was to just port the Rust compiler code directly to C or some other language. Especially one with a lot of compilers. BASIC’s and toy Scheme’s are the easiest if you want diversity in implementation and jurisdiction. Alternatively, a Forth, Small C, Tcl, or Oberon if aiming for something one can homebrew a compiler or interpreter for. Far as certifying compilers, I’d hand-convert it to Clight to use CompCert or a low IR of CakeML’s compiler to use that. Then, if the Rust code is correct and Clight is equivalent, then the EXE is likely correct. Aside from Karger-Thompson attack, CSmith-style testing comparing output of reference and CompCert’d compiler could detect problems in reference compiler where its transformations (esp optimizations) broke it.
rain1 and I got a lot more tools for bootstrapping listed here:
https://bootstrapping.miraheze.org/wiki/Main_Page
I don’t know much about Rust internals, but I’m wondering: if this compiler produces MIR and then compiles that to C, could it also compile MIR produced by canonical rustc into C?
As I understand, the answer is yes.
One aspect of this is that
rustcwould have to provide a wrapper so it could be called from non-Rust code, MIR doesn’t have a canonical textual representation.This is kinda similar to how
rustcuses LLVM’s C API to call into it, even though LLVM is written in C++.I am really excited about this. C++ was sort of my “mother-tongue” going through school, and in the past couple of years I’ve become a part of the Rust Evangelism Strike Force. This is a really cool project and it looks like they’ve put a lot of TLC into it. I’m excited to see where it goes.