I am always perplexed by people who write stuff like: "I don't know why people would use Rust, I simply never write code with bugs in it"

Just, lol

Like, using C or C++ is fine of course, but don't pretend you're perfect and that all of your bounds are checked, all of your allocations are freed exactly once and that you never forget to lock a mutex.

It is more a defensive reaction to the "Rust is the end all be all of programming ever why would anyone use anything else crowd." It may very well be that. But people don't like evangelists.

You can't write bugs in rust..?

@Crost of course you can. But unless you're performing the dark arts, only logic bugs will be there.

Memory safety errors are not there and neither are (most) of the multi threading errors.

So for example, the user could be shown the wrong number by accident. But at least that wrong number won't lead to a buffer overflow or something like that

@Geoxion The best Rust devs around, i.e. those developing the language, still manage to include such bugs even in their own standard library: https://cvedetails.com/vulnerabilit...

@Fast-Nop that most recent one is pretty fun to read about 😁

That one falls in the logic error catalog. Most of the other ones are from the Dark Arts (unsafe) sections of the code base which actually makes my point. Only the places where the user can (!= may) break the rules are the places where they are broken by accident. Even the people most aware of this make mistakes. So in entire codebases without these rules, of course you're gonna have bugs.

@Geoxion Sure. The other conclusions:

1) Anything non-trivial requires unsafe.

2) If deployed at scale outside of the current enthusiast audience, devs will not wrestle with the compiler for days under deadline pressure. They will slap on unsafe and ship it.

@Fast-Nop

1) Not true. Doing MMIO directly and writing custom memory and synchronization primitives requires unsafe. Most non-trivial things like writing a fast web server or creating a game engine don't require unsafe.

2) I've not seen this going on in both my enthousiast and professional work so far. My team and me have real deadlines and this has never come up as a solution.
Also, doing things in unsafe doesn't magically fix everything so often it's not even the fastest 'solution'.

Logic bugs makes up 99% of my bugs. Not touched rust before mind.

@Crost For me, it's mostly requirement bugs, partially attributed to uncaught system or hardware limitations.

The only time I had a difficult bug with a race condition, half of that happened in hardware so that Rust wouldn't have helped anyway. That fucker was a solid two weeks bug hunt.

Just language flame wars, what else is new?

What people are allergic to is dogmatism, when any language or design principle is touted as The One True Way of doing things.

But this is so dumb. Aren't memory bugs extremely hard to come by anyway? (As long as you are practicing essentially baseline standards of coding).

But what do I know, I'm just an application dev. I don't deal in the dark arts of C/C++/"bare-metal" languages

@fullstackchris I ran into a bug in code someone else wrote. I could not debug what was causing the error. It turned out it was misusing a pointer and it wouldn't fail right away. I didn't find the issue until I was looking at the code it was in. I saw a pointer was being misused. From the time I first had an issue, to fixing the bug was easily 6 months. I think if I had originally written the code I might have found it easier. I know this particular code was written by someone who was very competent. But at the time they were getting like 2 hours of sleep. So it was induced by "just getting it done" and extreme personal conditions.

@Demolishun I can read existing code and point out pointer misusage before I get any bug report. It's not even that I notice a bug - it's a gut feeling that something is off, and only then I drill down to investigate. But that's because I breathe C.

@Fast-Nop It is spidey senses. You know you are about to eat a bug.

@Fast-Nop Most of the CVEs for Rust are bugs that are so ubiquitous in C and C++ nobody would ever take the time to write a CVE for. They'd be busy till the end of time lol

@Fast-Nop That's great, but unfortunately devs at Google and Facebook -- you know, kinda unknown, small-ish companies -- don't seem to be at your godlike level

https://msrc-blog.microsoft.com/201...

https://chromium.org/Home/...

@12bitfloat Both companies have the "it compiles, ship it" approach because their customers accept the resulting quality level.

When you code needs mutexs, you should think about your approach, you are most likely overengineering something.

@Fast-Nop Must be truly humbling.