I am always perplexed by people who write stuff like: "I don't know why people would use Rust, I simply never write code with bugs in it"

Just, lol

Like, using C or C++ is fine of course, but don't pretend you're perfect and that all of your bounds are checked, all of your allocations are freed exactly once and that you never forget to lock a mutex.

You can't write bugs in rust..?

@Crost of course you can. But unless you're performing the dark arts, only logic bugs will be there.

Memory safety errors are not there and neither are (most) of the multi threading errors.

So for example, the user could be shown the wrong number by accident. But at least that wrong number won't lead to a buffer overflow or something like that

@Geoxion The best Rust devs around, i.e. those developing the language, still manage to include such bugs even in their own standard library: https://cvedetails.com/vulnerabilit...

@Fast-Nop that most recent one is pretty fun to read about 😁

That one falls in the logic error catalog. Most of the other ones are from the Dark Arts (unsafe) sections of the code base which actually makes my point. Only the places where the user can (!= may) break the rules are the places where they are broken by accident. Even the people most aware of this make mistakes. So in entire codebases without these rules, of course you're gonna have bugs.

@Geoxion Sure. The other conclusions:

1) Anything non-trivial requires unsafe.

2) If deployed at scale outside of the current enthusiast audience, devs will not wrestle with the compiler for days under deadline pressure. They will slap on unsafe and ship it.

@Fast-Nop

1) Not true. Doing MMIO directly and writing custom memory and synchronization primitives requires unsafe. Most non-trivial things like writing a fast web server or creating a game engine don't require unsafe.

2) I've not seen this going on in both my enthousiast and professional work so far. My team and me have real deadlines and this has never come up as a solution.
Also, doing things in unsafe doesn't magically fix everything so often it's not even the fastest 'solution'.

Logic bugs makes up 99% of my bugs. Not touched rust before mind.

@Crost For me, it's mostly requirement bugs, partially attributed to uncaught system or hardware limitations.

The only time I had a difficult bug with a race condition, half of that happened in hardware so that Rust wouldn't have helped anyway. That fucker was a solid two weeks bug hunt.

Just language flame wars, what else is new?

What people are allergic to is dogmatism, when any language or design principle is touted as The One True Way of doing things.

But this is so dumb. Aren't memory bugs extremely hard to come by anyway? (As long as you are practicing essentially baseline standards of coding).

But what do I know, I'm just an application dev. I don't deal in the dark arts of C/C++/"bare-metal" languages

@Demolishun I can read existing code and point out pointer misusage before I get any bug report. It's not even that I notice a bug - it's a gut feeling that something is off, and only then I drill down to investigate. But that's because I breathe C.

@Fast-Nop Most of the CVEs for Rust are bugs that are so ubiquitous in C and C++ nobody would ever take the time to write a CVE for. They'd be busy till the end of time lol

@Fast-Nop That's great, but unfortunately devs at Google and Facebook -- you know, kinda unknown, small-ish companies -- don't seem to be at your godlike level

https://msrc-blog.microsoft.com/201...

https://chromium.org/Home/...

@12bitfloat Both companies have the "it compiles, ship it" approach because their customers accept the resulting quality level.

When you code needs mutexs, you should think about your approach, you are most likely overengineering something.

@Fast-Nop Must be truly humbling.