![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Why is Google writing Fuchsia?
Mar. 26th, 2019 01:15 pmA poorly-worded question on Quora links to a rather interesting (if patchily-translated) Chinese discussion of the Fuchsia OS project.
It suckered me into answering.
But so as to keep my answer outside of Quora...
Fuschia is an incomplete project. It is not yet clear what Google intends for it. It is probably intended as a replacement for Android.
Android is a set of custom layers on top of an old version of the Linux kernel. Android apps run on a derivative of the Java virtual machine.
This means that Android apps are not strictly native Linux applications.
Linux is a Unix-like OS, written in C. C is a simple programming language. It has many design defects, among which are that it does not have strong typing, meaning that it is not type-safe. You can declare a variable as being a long floating-point number, and then access one byte of it as if it were a string and replace what looks like the the letter “q” with the letter “r”. But actually it wasn’t a “q”, it was the value 80, and now you’ve put 81 in there. What was the number 42.37428043 is now 42.37428143, all because you accidentally treated a floating point number as a string.
[Disclaimer: this is a very poorly-described hypothetical instance and I am aware it wouldn't really work like that. Consider it figurative rather than literal.]
Better-designed programming languages prevent this. C just lets you, without an error.
It also does little to no checks on memory accesses. E.g. if you declare an array of 30 numbers, C will happily let you read, or worse still write, the 31st entry, or the 32nd, or the 42nd, or the 375324564th.
The result is that C programs are unsafe because of the language design. It is essentially impossible to write safe programs in C.
However, all Unix-like OSes are written in C. The entire kernel is in C, and all of the tools, from the “ls” command to the text editors to the programs that read and write configuration files and set up the computer, all in C. All in a language that has no way to tell if it’s reading or writing text or integer numbers or floating point numbers or hexadecimal or a binary-encoded image file. A language which won’t tell you if you slip up and accidentally do the wrong thing.
A few geniuses can handle this. A very, very few. People like Dennis Richie and Ken Thompson, who wrote Unix.
Ordinary humans can’t.
But unfortunately, Unix caught on, and now most of the world runs on it.
Later derivatives of the Unix operating system gradually fixed this. First Plan 9, which imposed much stricter limits on how C worked, and then tried to replace it with a language called Alef. Then Plan 9 led to Inferno, which largely replaced C with a safer language called Limbo.
But they didn’t catch on.
One of the leading architects of those operating systems was a programmer called Rob Pike.
He now works for Google, and one of his big projects is a new programming language called Go. Go draws on the lessons of Plan 9, Alef and Limbo.
Fuschia is written in Go instead of C.
Thus, although it has many other changes as discussed in the article you link to, it should in theory be fundamentally safer than Unix, being immune to whole categories of programming errors that are inherent to Unix and all Unix-like OSes.
It suckered me into answering.
But so as to keep my answer outside of Quora...
Fuschia is an incomplete project. It is not yet clear what Google intends for it. It is probably intended as a replacement for Android.
Android is a set of custom layers on top of an old version of the Linux kernel. Android apps run on a derivative of the Java virtual machine.
This means that Android apps are not strictly native Linux applications.
Linux is a Unix-like OS, written in C. C is a simple programming language. It has many design defects, among which are that it does not have strong typing, meaning that it is not type-safe. You can declare a variable as being a long floating-point number, and then access one byte of it as if it were a string and replace what looks like the the letter “q” with the letter “r”. But actually it wasn’t a “q”, it was the value 80, and now you’ve put 81 in there. What was the number 42.37428043 is now 42.37428143, all because you accidentally treated a floating point number as a string.
[Disclaimer: this is a very poorly-described hypothetical instance and I am aware it wouldn't really work like that. Consider it figurative rather than literal.]
Better-designed programming languages prevent this. C just lets you, without an error.
It also does little to no checks on memory accesses. E.g. if you declare an array of 30 numbers, C will happily let you read, or worse still write, the 31st entry, or the 32nd, or the 42nd, or the 375324564th.
The result is that C programs are unsafe because of the language design. It is essentially impossible to write safe programs in C.
However, all Unix-like OSes are written in C. The entire kernel is in C, and all of the tools, from the “ls” command to the text editors to the programs that read and write configuration files and set up the computer, all in C. All in a language that has no way to tell if it’s reading or writing text or integer numbers or floating point numbers or hexadecimal or a binary-encoded image file. A language which won’t tell you if you slip up and accidentally do the wrong thing.
A few geniuses can handle this. A very, very few. People like Dennis Richie and Ken Thompson, who wrote Unix.
Ordinary humans can’t.
But unfortunately, Unix caught on, and now most of the world runs on it.
Later derivatives of the Unix operating system gradually fixed this. First Plan 9, which imposed much stricter limits on how C worked, and then tried to replace it with a language called Alef. Then Plan 9 led to Inferno, which largely replaced C with a safer language called Limbo.
But they didn’t catch on.
One of the leading architects of those operating systems was a programmer called Rob Pike.
He now works for Google, and one of his big projects is a new programming language called Go. Go draws on the lessons of Plan 9, Alef and Limbo.
Fuschia is written in Go instead of C.
Thus, although it has many other changes as discussed in the article you link to, it should in theory be fundamentally safer than Unix, being immune to whole categories of programming errors that are inherent to Unix and all Unix-like OSes.
