once_self_cell VS c2rust

This issue says "Migrate code to use self_cell instead." That page says "It has undergone community code review from experienced Rust users." Looking at the review, issues were found and fixed earlier on, but my interpretation of the end of the thread is more that folks stopped responding with concerns, so confidence is now assumed but still not proven. The same was true of most (all?) other crates trying to solve the same problem, until enough people did find the unsoundness holes unique to each crate.

I've come across the zip example bevor, and even considered adding support for mutable access to the owner here https://github.com/Voultapher/self_cell/pull/36. See the last comment why I decided not to pursue this. Looking at the specific example, really what is the purpose of storing the lazy ZipReader result? IMO that's bit of bad design on the part of the zip crate. The stdlib APIs consume reader, allowing you to abstract over creation logic. If what you need to store, needs further pre-processing, why not pull that out? Specifically here, what is the point of having a self-referential struct that contains an owner ZipArchive that you will no longer be allowed to mutate. And a lazy reader ZipReader that you can then use to really read the file? If you need to abstract over the construction logic you could return (ZipArchive, Box ZipReader>), if you want to return the content you can return (ZipArchive, Vec) allowing further use of ZipArchive.

As the author of self_cell I can attest, that writing unsafe lifetime abstractions is exceedingly tricky and you will get it wrong, repeatedly. I'm not sure these problems in owning_ref can be solved without a serious overhaul of the API. For one it tracks too little information, both ouroboros and self_cell independently reached the conclusion that you have to mark the dependent as either covariant or not_covariant over the owner lifetime, and prohibit ever leaking direct references if the dependent is not_covariant. But the fun doesn't stop there, if the owner can have a lifetime too, things get extra tricky. If you want to dive deeper take a look at this discussion https://github.com/Voultapher/self_cell/pull/29.

Grouping the source and derived AST in the same struct without leaking the lifetime is something that greatly helped keep the API sane. Shameless plug https://github.com/Voultapher/self_cell

Thanks, I'll incorporate that into https://github.com/Voultapher/once_self_cell/issues/5

A recent practical example of the former: the fish shell re-wrote incrementally from C++ to Rust, and is almost finished https://github.com/fish-shell/fish-shell/discussions/10123

An example of the latter: c2rust, which is a work in progress but is very impressive https://github.com/immunant/c2rust

It currently translates into unsafe Rust, but the strategy is to separate the "compile C to unsafe Rust" steps and the "compile unsafe Rust to safe Rust" steps. As I see it, as it makes the overall task simpler, allows for more user freedom, and makes the latter potentially useful even for non-transpiled code. https://immunant.com/blog/2023/03/lifting/

But not all transpilers are between languages where at least one of them is designed to be transpiled. For example, c2rust can transpile, as the name suggests, C to (ugly, unsafe) Rust. A while ago there was a Java -> C compiler in GCC (GCJ), but it's pretty out of date now.

I do not know about your specific issue but you may be interested by https://github.com/immunant/c2rust

You should also consider using C2Rust (they're even working on C -> safe Rust translation)

> The date at the bottom of the article is 2022-06-13. Has there been further progress?

The article links to their github repo:

https://github.com/immunant/c2rust

There's commits in the last hour, so at least some signal of life.

This is arguably already the state of things.

Rust might get compiled down through MIR, down through LLVM IR, down to assembly or wasm... which then might be JIT or AOT (re)compiled into other bytecodes... which might perhaps be decompiled back up to C... and C might be retranslated back to horrific unsafe-spamming Rust by the likes of https://c2rust.com/. We've come full circle!

The main issue is that retranslating high level languages into other high level languages isn't something that there's actually a lot of demand for, especially commercially, especially given the N x M translation matrix going on. So a lot of the projects "stabilize" (get abandoned). And automatically translating between the idioms of those languages gets even nastier in terms of matrix bloat.

Well, you've got stuff like MSIL and JVM bytecodes which are higher level, and preserve more type information, and can be compiled to / decompiled from while still preserving more structure, but they still form competing incompatible ecosystems.

That's the wrong direction. What's needed are intelligent converters which convert less-strict languages to more-strict ones.

Non-intelligent converters just make a mess. Here's c2rust.[1]

Classic C++ to modern C++, plus a compiler flag to lock out all the old unsafe stuff, would be an achievement.

[1] https://c2rust.com/

Well, technically, it's not hard to build such data structures. If you are willing to liberally use raw pointers, UnsafeCell, MaybeUninit and ManuallyDrop, then you can more-or-less write C-equivalent code in unsafe Rust. (there are even transpilers from C to Rust)

/uj This transpiles from C to unsafe Rust using an existing tool, then strips the unsafe keyword from the generated function signatures