[melling]

I'm 20 minutes in and he's spending a lot of time talking about how Rust gets correctness right.

Are there any anecdotal stories about how Rust programs have fewer errors?

Facebook, for example, rewrote Messenger with ReasonML:

https://reasonml.github.io/blog/2017/09/08/messenger-50-reas...

And it had a lot fewer bugs:

"Messenger used to receive bugs reports on a daily basis; since the introduction of Reason, there have been a total of 10 bugs (that's during the whole year, not per week)! *"

[3PS]

Last year, npm rewrote a CPU-bound service in Node.js, Go, and Rust. They noted that the Rust version took the longest to write, but had basically no issues at runtime.

https://www.rust-lang.org/static/pdfs/Rust-npm-Whitepaper.pd...

Excerpt:

> npm’s first Rust program hasn't caused any alerts in its year and a half in production. "My biggest compliment to Rust is that it's boring," offered Dickinson, "and this is an amazing compliment." The process of deploying the new Rust service was straight-forward, and soon they were able to forget about the Rust service because it caused so few operational issues. At npm, the usual experience of deploying a JavaScript service to production was that the service would need extensive monitoring for errors and excessive resource usage necessitating debugging and restarts.

[papaf]

Are there any anecdotal stories about how Rust programs have fewer errors?

My hobby projects are in Rust and Go. Its personal taste, but I prefer programming in Go. I actively dislike programming in Rust.

In Go, I usually I start a debugger once a week because I need to understand the cause of a bug or panic. I have no idea how to debug Rust, because in 2 years of Rust, I haven't had that type of low level bug.

[ravloony]

anecdote incoming!

In my previous gig, we had a premium website hosting platform, and our incoming clients would usually want their old inbound links to keep working. Over time, this meant a few hundred thousand autogenerated rewrite rules in Nginx. This was causing Nginx to use about 10G of memory, so restarting it, which we had to do every time we added a redirect, was an issue.

I replaced this with a small reverse proxy written in rust that loaded all of the redirects from postgresql into a cuckoo filter. Adding a redirect was an INSERT, followed by a NOTIFY to let the proxy know to add the redirect to the filter.

Putting it all together took about 2 weeks of swearing at the compiler, but it never had an issue in production, and used about 1M of memory, while adding less than 1ms of latency, or about 4ms in case of a filter hit. Cuckoo filters can have false positives, so if a redirect was found, we still had to check in the db table before returning 301.

As far as I know it's still working fine, and I use rust whenever I can.

[mleonard]

Interesting! Any chance you can share a few tips to get started doing the same? (eg any crates to use or other tips). I'm currently looking for a rust learning project and building what you described really hits the mark!

[ohazi]

> Are there any anecdotal stories about how Rust programs have fewer errors?

My anecdote is that programming in Rust intuitively "feels" like programming in languages like OCaml or Haskell, which have a reputation for "you'll often spend a lot of time fighting the compiler, but when your program finally does compile, it's much more likely to work correctly on the first run than other languages (e.g. C, C++)."

[zamalek]

I take about 1-2 hours to hash out some major changes to C# code. It breaks for asinine reasons (of my own fault) 7 or 8 times after I try it out. I just wrapped up my learning Rust project. Day 1 was spent with about 7 hours of coding, some unit tests, first run it worked with no stupid errors. All refactorings except one (I messed up mutability, logic error) went without a hitch after running it.

It's wholesome development, if there were such a thing. I feel good and proud of the code I write in it.

[1]: https://github.com/jcdickinson/racemus

[gameswithgo]

firefox has tracked some stats on this that are very promising. rust and reason also share a lot of the key correctness features

[CapriciousCptl]

Rust certainly makes some bugs impossible. But I don't think comparing #bugs of rewrites to the original is ever fair.

[zozbot234]

ReasonML is basically Ocaml with a JS-like syntax on top, so no surprise there. The main advantage of Rust over ReasonML/Ocaml is likely to be increased performance and ease of coding multi-threaded or parallel code, as opposed to correctness per se.

[_bxg1]

I've seen anecdotes from a few projects that were rewritten (Quake was one, I think?) and some ancient bugs were found only after the translation