Why Is SQLite Coded In C

Original Article ↗ Hacker News Discussion ↗

C as Implementation & Interface Language

  • C is seen as the “lingua franca”: virtually every platform and language can call C libraries with a stable ABI and tiny runtime.
  • Several commenters note you can implement in C++/Rust and expose a C API, but others complain that C++ and Rust often drag in large runtimes, unstable ABIs, and packaging/tooling headaches (e.g., distro security workflows, libstdc++ versioning).
  • SQLite’s minimal dependencies (basically mem* and str* plus optional malloc and syscalls) are praised; this keeps it easy to embed, especially on obscure or bare‑metal targets.

Safe Languages, Bounds Checks, and Testing Strategy

  • The SQLite doc’s argument about safe languages inserting bounds checks that can’t be 100% branch‑tested sparks a long debate.
    • Supporters stress SQLite’s philosophy: test the compiled binary with complete branch coverage, including for corrupted data, bit‑flips, and embedded/aviation use; hidden compiler‑inserted branches undermine that strategy.
    • Critics say this is largely a tooling problem: compilers often optimize checks away, tooling could exempt panic paths, or fault‑injection could exercise them; they argue a well‑defined panic is preferable to C’s UB.
    • Some point out that C compilers already insert invisible control flow via optimizations; SQLite’s response is that they systematically re‑test binaries whenever compiler/flags/platform change.

Rust (and Others) as Alternatives

  • The SQLite page lists conditions before a Rust rewrite: slower change rate, mature cross‑language FFI story, embedded support without OS, binary coverage tooling, better OOM handling, and no significant speed loss.
  • Commenters suggest many of these are partly or fully met today, especially for no‑std embedded Rust and C‑ABI libraries, but acknowledge OOM ergonomics and MSRV/tooling remain rough edges.
  • There’s extensive discussion of Rust’s unsafe blocks (get_unchecked), trait soundness bugs, and dependency sprawl versus C’s tendency to re‑implement instead of reuse.
  • Zig is praised for explicit allocation and composable std, but considered too immature for something like SQLite; Go is criticized for lack of assert‑style conditional compilation and GC pauses.

Rewrites, Turso, and “Future of SQLite”

  • Many argue rewriting SQLite in any language would introduce more bugs than it removes and discard enormous existing test investment; they see SQLite as “done” and C as fine in that context.
  • Others say the right answer is new projects: Turso’s Rust reimplementation (Limbo) is cited as an ambitious, feature‑adding, SQLite‑compatible engine, though much larger and not yet production‑ready.
  • Several emphasize that even if Rust implementations thrive, the existing C SQLite remains a success and shouldn’t be retrofitted solely for language fashion.