| > Are 100% of those exploitable? This single ended statistic is simply not useful. Some more links/statistics (including on 0-days exploited in the wild) here: https://www.memorysafety.org/docs/memory-safety/#how-common-... > You have proof of this? One class of non-memory-safety bugs that safe Rust entirely prevents is data races: https://doc.rust-lang.org/nomicon/races.html > That's not how these measurements work. In particular, modern C++ has many of the same advantages you just cited, so this claim is dubious in two ways. Are the advantages in those cases (option/result) properly realized when it's just piled on top as something you could do? I still have to be wary that, for instance, std::strchr could return a nullptr which I might pass on without handling. Plus even with std::optional<T> it's on me to remember to check val.has_value(), else it's undefined behavior to access. Whereas in Rust, s.find() must return an Option<usize> because there's no null for it to return otherwise, and accessing the inner value (`match`, `if let`, ...) requires handling the Option::None case. > And you've entirely failed to address the largess of Rust, which, again, for a "systems language" is entirely mismatched. Large compared to C or Zig, but not compared to C++. |