Ladybird adopts Rust, with help from AI

Original Article ↗ Hacker News Discussion ↗

Swift vs Rust vs C++ for Ladybird

  • Ladybird previously tried Swift for memory safety but ran into real-world compiler/interop bugs (e.g. Swift failing to import some C++/Clang modules with no workaround) and weak non-Apple platform support.
  • Rust–C++ interop is acknowledged to be basic (via C ABI, cxx.rs, Crubit, opaque pointers), but seen as reliable and battle‑tested (Firefox cited as example of mixed Rust/C++).
  • Some are uneasy about language churn: Jakt → Swift → Rust feels volatile; others argue pre‑alpha is exactly when to pivot.
  • Several comments note the choice of C++ in 2018 was understandable; Rust maturity and tooling are much stronger now.

Memory Safety and Language Debates

  • Many argue browsers are the prime case for memory‑safe languages: they execute untrusted code and historically suffer from UAFs/overflows.
  • Pro‑Rust side: “modern C++” plus guidelines still leaves many memory bugs; large C++ codebases (browsers, Android components) show measurable gains when pieces move to Rust.
  • Skeptical side: modern C++ plus discipline can be safe; Rust is complex, slow to compile, and brings dependency bloat. Some advocate Go, Zig, D, or Ada/SPARK instead, but others point out Rust’s ecosystem, contributor pool, and explicit safety guarantees.
  • Several note that partial Rust adoption (only some subsystems) doesn’t magically make the whole browser secure; the benefit depends on how much unsafe remains.

AI‑Assisted Port of LibJS

  • LibJS lexer/parser/AST/bytecode generator (~25k LOC) were ported from C++ to Rust in ~2 weeks using Claude Code/Codex, guided by many small prompts.
  • Hard requirement: byte‑for‑byte identical ASTs and generated bytecode between C++ and Rust, with zero regressions across ~65k tests (test262 etc).
  • The Rust code intentionally mirrors C++ register allocation and structure, so it is correct but not idiomatic; cleanup is deferred until the C++ pipeline can be retired.
  • Many see this “bug‑for‑bug compatible” rewrite plus strong tests as the right way to use LLMs; others worry about long‑term tech debt from non‑idiomatic AI‑translated Rust.

Rewrites, Focus, and Project Trajectory

  • Classic “never rewrite” arguments are revisited: people note LLMs and strong test suites change the calculus, but warn that cleanup and future refactors can be as hard as a fresh rewrite.
  • Some commenters think energy should go to making Ladybird a daily‑driver browser before large language migrations; others argue early adoption of a safer language is strategically smart and may attract more contributors.
  • There’s broad agreement that AI here is being used in a disciplined, test‑driven, “assistant not replacement” role—but also concern about hype, “AI slop,” and the risk of endless yak‑shaving.