[marvinvz]

"We have a plethora of static and memory checking tools: Valgrind, ASsan, Intel Inspector, etc." I'm not sure what to do with that argument. How is having a plethora of external tools (that you have to setup, configure and in the end not ignore) better than a compiler that prevents memory bugs?

[ncmncm]

The fact is, nothing like valgrind, asan, etc. can catch more than a fraction of memory usage faults. The only reliable way to avoid shipping them is by construction: write using contructs that can't have any. This turns out to be possible.

Rust and numerous other languages build this into the core language, but it is not the only way to get there, as much as Rust fans like to insist otherwise. But you anyway can't get there in C.