[odyssey7]

I don’t buy the economic argument favoring memory-unsafe languages. There are fast memory-safe options. Legacy codebases can eventually become more expensive to maintain than to rewrite. What is the economic cost of an Achilles’ heel when critical systems are destroyed?

There are critical systems today that are essentially Prince Rupert’s drops. Mightily impressive, but with catastrophic weaknesses in the details.

[wglb]

> Legacy codebases can eventually become more expensive to maintain than to rewrite

I'm wondering what the cost would be of rewriting Chrome, at 20 to 30 million lines of code, in Rust?

I suspect that despite the memory unsafety, the cost of maintaining it in its current form is vastly lower than this.

Plus, any rewrite will certainly introduce new bugs, some of them temporarily serious. Did you see the post years back about a Rust program that exhibited the Heartbleed bug?

These new bugs need to be taken into account when estimating the cost of rewrite.

[odyssey7]

Here is the compatibility table for ECMAScript 6 features by vendor.

https://compat-table.github.io/compat-table/es6/

Chrome is currently unable to support a feature that was added to JavaScript in 2015 for ECMAScript 6.

The reason given was something about proper tail calls being beyond the technical capabilities of the teams involved.

If the code in or surrounding Chrome and its underlying V8 engine are currently so unmaintainable that the teams cannot incorporate a JavaScript feature from 10 years ago, then the cost of merely maintaining the C++ codebase is too high.

The all-or-nothing, now-or-never framing makes the change feel more intimidating than it would be in practice. Mozilla's strategy is to incrementally use Rust more and more in their C++ codebase. I don't know what Chrome's plan is, but the fact that Mozilla is able to make progress is an indication that it isn't impossibly expensive to do better. Mozilla is a non-profit, while Google's Q1 2025 revenue was $77.3 billion.

> Did you see the post years back about a Rust program that exhibited the Heartbleed bug?

Do you remember the actual Heartbleed bug?

> 20 to 30 million lines

In my own experience, seasoned engineers often remind me that every line of code is a liability. Tens of millions of lines of C++ that work closely with the internet sounds like quite the surface area.

[wglb]

> Do you remember the actual Heartbleed bug?

Vividly. I spent a full week on remediation, even though the risk we had was traced to a single linux box exposed to the internet that had tens of kb of traffic over the last year.

Being proactive, we reissued all certificates for all of our internally deployed ssl points.

> In my own experience, seasoned engineers often remind me that every line of code is a liability. Tens of millions of lines of C++ that work closely with the internet sounds like quite the surface area.

No question. I don't question the wisdom of rewriting all of it in Rust. Having spent 60 years in the software business, I have a feeling for the size of the effort. And for what it is worth, I don't have any doubt about the competency of the teams involved.