Rust is just a tool

> You may have never written a memory bug in your life, but I have, and that renders me completely incompetent.

This feels overly binary. Memory management bugs is just one class of bugs, and there have been many other bugs leading to security issues or defects.

If you apply the standard "has ever written a bug" → "completely incompetent" you will have to stop using software, and if you think about it most other technology too

Memory safety is a very useful trait for a language though, and as you say provided by a whole bunch of different languages nowadays

> Rust happens to be an extremely good tool. There

Sir (or ma’am), you stole literally the line I came to write in the comments!

To anyone new picking up Rust, beware of shortcuts (unwrap() and expect() when used unwisely). They are fine for prototyping but will leave your app brittle, as it will panic whenever things do not go the expected way. So learn early on to handle all pathways in a way that works well for your users.

Also, if you’re looking for a simpler experience (like Rust but less verbose), Swift is phenomenal. It does not have a GC, uses ARC automatically. I spent months building a layer on top of Rust that removed ownership and borrow considerations, only to realize Swift does it already and really well! Swift also has a stable ABI making it great for writing apps with compiled dynamic components such as plugins and extensions. It’s cross platform story is much better today and you can expect similar performance on all OS.

For me personally, this relegates rust for me to single threaded tasks - as I would happily take the 20% performance hit with Swift for the flexibility I get when multithreading. My threads can share mutable references, without fighting with the borrow checker - because it’s just a bad use case for Rust (one it was not designed for). A part of my work is performance critical to that often becomes a bottleneck for me. But shouldn’t be a problem for anyone else using RwLock<Arc<…>>. Anyway - they’re both great languages and for a cli tool or utility, you can’t go wrong with either.

> If a project in an unsafe language has ever had a memory bug (I'm looking at you, Bun), the maintainers objectively have a track record of not being capable of manual memory management

That's an interesting way to navigate the world. Do you hold this attitude towards other professionals? For example, if a lawyer ever lost a case by misinterpreting a law, they have a track record of not being capable to practice laws and should be disbarred?

There were (and most likely, still are) even memory bugs in Rust standard library[0]. By your logic the standard library maintainers objectively can't handle unsafe blocks.

[0]: https://nvd.nist.gov/vuln/detail/cve-2018-1000657

I‘ve been writing Rust for half a decade now and I‘m firmly believing that it‘s just not good for UI. Global state and a model that lends itself to inheritance just doesn‘t fit in the language.

> If a project in an unsafe language has ever had a memory bug (I'm looking at you, Bun), the maintainers objectively have a track record of not being capable of manual memory management. You wouldn't put a person who has a track record of crashing busses at the wheel of a school bus.

If you’re serious, you should stop using Rust (which happens to contain an unsafe language): https://github.com/rust-lang/rust/issues/44800

> Zed is a heroic effort, but look at the code and you'll see that we still haven't figured out how to do Rust UIs.

Only a handful of apps and frameworks have figured this out. Most of the world moved onto HTML+Javascript plus Electron. Or mobile UI.

Who is using native UI in 2026? GTK and QT don't feel great.

I'm glad Zed is trying. We need more efforts.

> you'll see that we still haven't figured out how to do Rust UIs

This is really a symptom of the horrendous desktop GUI API landscape. I'd argue that Rust is syntactically actually very well suited to writing GUI applications - and better than most given the fearless concurrency you get with it.

MacOS is committed to making sure only developers are using Mac hardware and Apple languages to write GUIs - they feel deliberately combative to the prospect of cross platform applications

Windows? How do you even make a Windows GUI these days? Win32? WinUI? Winforms? The examples on the Microsoft website don't even compile when when using the supported languages.

Linux is pretty okay, if it weren't for Linux GUI programming being a mess of DEs. GTK-rs and QT are standard - but you'll never have something that looks consistent on every environment.

The only hope is WASM, but the standards body is busy figuring out how to make web assembly replace docker containers or something. It's barely usable and I've been dying to rewrite all my web applications in Rust.

This is why Electron is everywhere, it's the best we can do without going insane.

Is there a difference between c++ and java/go/etc if you enforce at code review for C++ to use only auto memory management like smart ptrs, containers, etc? I guess the only difference would be c++ can have diamond problem that's solved in a specific way, but that's relatively easy to spot with compilers, but otherwise...

Imo the strong point of rust is compile error if you try to use an obj after move (unlike c++ with undef behavior and I guess it should be the same for java/c#), or that you can't modify a container if you hold a ref/pointer to some of it's elements/range which may cause invalidation in C++ case due to realloc

Zig would be an interesting contender back in the 1990's between Object Pascal and Modula-2, nowadays we know better.

For me while Go is definitly better than Oberon(-2), and Oberon-07, some of its design decisions are kind of meh, still I will advocate for it in certain contexts, see TinyGo and TamaGo efforts.

As old ML fanboy, you can find such tendencies on plenty of languages not only OCaml. :)

I see Rust as a great way to have made affine types more mainstream, however I rather see the mix of automatic resource management + strong type systmems as a better way forward.

Which is even being acknowledged by Rust's steering group, see Roadmap 2026 proposals.

Yes. To me personally, Rust and both its restrictions and features (ie no OOP and prevalence of sum types and hence other goodies) makes approaching the implementation of big problems differently; eventually the experience with Rust also changes (to some extent) the way you write and structure the code in other languages. One might argue that Rust is not unique here and this would also apply to languages like ocaml etc - sure, perhaps; but I can't write in any of those languages at work on daily basis since they don't fit performance-wise or for many other reasons.

> Says frustrating things like "so I can just use unsafe", because no you don't and if you do I would reject your changes immediately.

This is the kind of hostility (which is frankly toxic) that’s become associated with parts of the Rust community, and has fairly or not, driven away many talented people over time.

> claiming memory safety isn't a big deal

There are contexts where it is, there are contexts where it is not.

But suddenly everyone out there is dealing only with those context where it is.

The weird thing about this is many core Rust people agree that Rust is not the best language that could possibly ever be, even evaluated by the core principles of Rust (that is: no UB, no mutable aliasing, no memory bugs).

And if we move outside of Rust's memory model, some people have raised issues with the inconsistent syntax, and the module-based compilation model which makes compilers inherently slow, as you have to parse the whole module every time.

So there's room for improvement, and people are already working on putting ideas into practice, and some of these people who came from the Rust ecosystem itself.

And if you happen to disagree with Rust's core goals (or just place less emphasis on them), then it's obviously not the perfect language.

> But there will be other languages in the future that will continue to deliver small improvements until one day they result in another phase change. The honeymoon with Rust will be over and it will start feeling more antiquated.

That language may well be Rust itself, especially if they manage to figure out the "how to deprecate standard library features across language editions and allow reuse of their idiomatic syntax?" problem.

> But there will be other languages in the future that will continue to deliver small improvements until one day they result in another phase change

I agree, and I'm interested to see what it is in the age of LLMs or similar future tools. I suspect a future phase change might be towards disregarding how easy it is for humans to work with the code and instead focus on provability, testing, perhaps combined with token efficiency.

Maybe Lean combined with Rust shrunk down to something that is very compiler friendly. Imagine if you could specify what you need in high level language and instead of getting back "vibe code", you get back proven correct code, because that's the only kind of code that will successfully compile.

> (C is of course orders of magnitude more influential, the only language more influential is probably COBOL?)

Lisp. Which coincidentally solved memory management over a decade before C was created.

I also think ALGOL was more influential than COBOL, but measuring influence can be tricky.

Sir/Madam/Sovereign... did you hear about Prolog? ;)

If your LLM can output 10-100x the LOC output, and it's equally good at all languages, and you're not bound to an existing language choice or ecosystem, why not choose Rust?

Rust code will be faster, safer, and easier to ameliorate bugs in.

Rust seems like the best language to serialize business logic to now that LLMs are so good at it.

If the LLM makes a mistake in Javascript or Python, you literally won't know until runtime. With Rust, you'll know immediately and have really good compiler recommendations for fixes.

I think Rust is the best LLM language. I am somewhat biased: I've written Rust code for ten years, and I'm having a blast with Claude Code writing it for me instead now. But I've also used so many other tools and languages - enough to say that Rust has some unique advantages here. And also that Claude does a fantastic job emitting Rust.

LLMs emitting Python feels like building with clay. LLMs emitting Rust feels like building well-engineered steel skyscrapers.

> Rust (...) has the most toxic self-righteous community in PL.

You never dealt with C programmers, did you?

Every community has these assholes. In my experience, the Rust user base is nothing but polite, understanding and pragmatic. There's no smugness, explicit or implied. The Rust lore is just a joke that's getting less funny every day someone takes it seriously.

As someone who has only used zig a little

I've has more core dumps/seg faults than any other language I've ever used.

Skill issue? Yes, 100℅, it's definitely due to my lack of skill in the language

The only time I've ever made a rust program seg fault is when using nightly macros/"features" and being on stable, leading to rustc crashing with a nice error and then I change to nightly

and that was caught at compile time...

Skill is a huge factor in safety

"70% of vulns are..." Yes, production code written at huge companies by experts... If experts are making those mistakes, that says a lot about it IMO

That being said, I'm not a "one language for all", they have their place, embedded rust is hilarious as it's essentially a requirement to have unsafe blocks in your initialisation

Anyway rant over

Batching/arenas can get you very far. If you adopt the zig/c object model as “things that have data” most destructors become useless. Resource management also can be accomplished at the batch level (eg you can free a bunch of fd’s all at once with a management layer rather than having each File object implicitly manage its own fd). For memory management, i believe proper use of arenas and batching tends to be faster than each object managing its own memory but idrk tbh. What the author is saying is that you dont have to have raii, you can use approaches like the one i described and they can still be pretty safe if you know what youre doing, but rust’s model basically prevents this if youre using rust idiomatically

You seem to believe that Rust prevents memory leaks. It does not, and that's not what "memory safety" means.

Luckily software development is not a static crime to be solved.

It's an evergreen field to be researched forever. With languages coming and going. ;)

This is why I get turned off hearing about Rust (and I use it from time to time). You can say Rust is good without saying other languages are bad.

hah hah hah!

> religion like behaviours

That phrasing makes me imagine a cultural anthropologist studying the behavior of programmers in the wild, their tool use, rituals, magical worldviews like object-orientation. There's that classic paper about how a language is a "tool for thinking", that it both expands and limits how and what a person can think. It makes sense that it shares characteristics with religion, a conceptual system of interfacing with the world.

The horror of picking tech working in it 10 or 15 years and then it suddenly becoming obsolete or irrelevant. Is something a lot of people can relate to.

It’s useful to align groups on underlying philosophies about problem solving and what tooling we will use.

The alternative is way slower and less effective. “Just use whatever language and frameworks you want and solve the problem in a vacuum” would be a nightmare for any team trying to ship.

It's way rarer on Hacker News than people alleging an omnipresent Rust Evangelism Task Force is constantly imposing itself on people. I have seen "overly enthusiastic" comments about Rust, but I can count them on one hand. I'm not going to link them because I don't want to dogpile ob people. Note that I read many/most of the Rust threads that make it to the front page.

But I have seen thousands of comments complaining about these supposed evangelists (no exaggeration). Less often and less reliably in the past few years, the meme is petering out. But there's absolutely no comparison of the relative frequency. People complain bitterly about Rust on this forum consistently, actual Rust zealots appear very rarely.

It is simultaneously true that Rust is "just a tool" and that this is a significant fact, and that the people complaining about Rust are the bigger problem in the day to day discourse in Rust related threads on this platform and in the present day.

In this very comments section: https://news.ycombinator.com/item?id=47193361

"all others languages are flawed, Rust is the only that stands the scrutiny" sounds pretty evangelist to me.

It's not marketing. It's just unproductive and incessant.

For example in this PHP post 3 days ago, ofc someone commented about how they ditched PHP and Go for Rust.

https://news.ycombinator.com/item?id=47149752

check further down this discussion for immediately downvoted comments

https://news.ycombinator.com/item?id=47191837 https://news.ycombinator.com/item?id=47191619

Post anything negative about rust, or anything about a severe bug in some non-rust code, for examples of your own

I have nothing against rust, although the learning curve is too steep and development in rust is too slow to be a practical general purpose language for a regular company.

The culture around dependencies also means you pay for your memory safety by increased supply chain risk.

Golang or Java gets you memory safety, faster compilation, easy hiring and have better standard libraries

I think it's an old stereotype. When Rust started gaining popularity, I did see comments like that. Even felt compelled to post them sometimes. But now that we have real production Rust experience, we're a bit more nuanced in our views.

Remember Axum or the reflection drama?

IMO it's mostly people who, after being told that only bad programmers need memory management, don't immediately kiss the feet of the speaker.

I think it's just what happens when something genuinely great comes along. Some people try it and enthuse about it. Sometimes other people who haven't tried it assume that it's just like all the other average things and therefore the only explanation is irrational fanboyism.

We saw the same thing with the iPhone. It was a step change from previous phones. Loads of people were like "it's just Apple fanbois, I'll stick to my N95" without even trying it.

I started periodically asking the same question and I get 20-25 upvotes and then eat 15 downvotes some hours later. One recent example (if ~75 days is recent: https://news.ycombinator.com/item?id=46291249).

It is a very weird case of aggressors pretending to be victims.

Did I see zealous Rust comments? Sure! 4-5 on HN in the last 5 years maximum. On Reddit it could be 10-15 for the same period but the discourse there is not very civil or informative anyway so I started ignoring them and not thinking them representative.

On HN I see regular Rust hate while claiming that zealots are everywhere... and like you, I just can't see it.

Not even C/C++, only if vim and emacs are the only experience one has ever had.

See Visual C++ (with hot code reloading, incremental linking, AI integration, on the fly analysis), QtCreator, Clion (comparable with VS in many options), C++ Builder (with its RAD capabilities),....

Cargo is great as long as it is only Rust code and there is little need to interop with platform SDKs, then it is build.rs fun.

Java has over 3 decades of history, during which many IDEs were developed just for Java, and the ecosystem evolved over that long period. Rust is still way too young.

Now we just need the Zig ones acknowledging Object Pascal, Modula-2, Ada,.... as well :)

Two arbitrary picks:

https://crates.io/crates/serde

https://crates.io/crates/regex

Anything covered by Gjengset's "decrusted" series: https://youtube.com/playlist?list=PLqbS7AVVErFirH9armw8yXlE6...

Sort of on the border between toy and not-toy; Gjengset implements a concurrent hash map: https://youtube.com/playlist?list=PLqbS7AVVErFj824-6QgnK_Za1... [17hr recorded over 3 streams]

The rust standard library is excellent. Start more or less anywhere, and click "view source". Or open up the source code files on github.

There's often a lot more comments than code, which is kind of annoying. But it really is the best way to learn how a lot of good rust is written.

Vec is a good read: https://doc.rust-lang.org/src/alloc/vec/mod.rs.html

Here's the lovely slice::binary_search_by: https://doc.rust-lang.org/src/core/slice/mod.rs.html#2967-29...

> At any point, if you provide any conterpoints or fair criticism towards the language objectively, just expect lots of fans to remind you that it is the best programming language ever created and yours is "unsafe" by default.

This is mostly just a disagreement about what the word "unsafe" means in this context?

"safe" and "unsafe" in the sense Rust uses them aren't a moral judgment about a language, it's a specific (and limited in scope) feature of the language, where memory safety is enforced by the compiler.

I like Rust, though I’m not zealous about it.

Sometimes when you have a really good tool, you want to share it.

This was the case with Linux for many people over many years.

FWIW I agree that the community has some frustrating elements, and that its a lot of dogma in comments, though I actually think that’s a fringe element.

Sounds like the point of the article is that you can just use the language and keep counterpoints to yourself.

> Rust has nothing new (even the lifetime stuff is copied) really.

Rust has nothing new by academic standards, and this is an explicit goal of the project. (And that's why it has yet to support e.g. Haskell-like higher-kinded types; or dependent types for compile-time programming: the interaction with its low-level featureset is very much an open question.) It's incredibly novel as a production language, of course.

It has nothing new but they did a good job at cherry picking what what nice in other languages.

Which makes it an interesting language to learn actually. I even feel like Rust can even be a superb first language to learn for a new programmer : that’s a journey for sure but it would expose you to most of the modern programming concepts.

> [Rust is] a good language [...] but also a huge pita to work with

This is practically the elevator pitch of the language :) and I speak as one who likes it a lot!

Saying it has nothing new seems like an uncharitable take. Yes, it has influences (that rust docs dedicate a page to [0]), but PL theory has such a rich body of literature that you can make a similar claim about virtually any language. It's the whole package that matters, and I don't think there's anything "rust but earlier" to point to there. Certainly isn't Ada.

[0] https://doc.rust-lang.org/reference/influences.html

I actually don't think this is true. I do think that most programming errors are type errors, in the broader sense of one part of a system making one set of assumptions about the properties of some data, that aren't shared by another part of the system; and that would've been caught automatically by sufficiently sophisticated static correctness checking. I do not think that Rust has a maximally sophisticated type system (nor is it trying to), and while this is reasonable for Rust as a project to decide, I do expect that there will be languages in the future that do more complex things with type systems that might supplant Rust in some domains.

The Cloudflare incident was caused by a confluence of factors, of which code written in Rust was only one. I actually think that Rust code worked reasonably well given the other parts of the system that failed - a developer used unwrap() to immediately crash instead of handling an error condition they thought would never happen; when that error condition did happen the Rust program crashed immediately exactly as expected; and if Cloudflare decided that they wanted to ban not handling an error like this in their codebase, it's a pretty easy thing to lint for with automatic tooling.

If it helps finally acknowledging basic stuff like bounds checking matters, great, this from a guy that rather use system languages with automatic resource management.

"A consequence of this principle is that every occurrence of every subscript of every subscripted variable was on every occasion checked at run time against both the upper and the lower declared bounds of the array. Many years later we asked our customers whether they wished us to provide an option to switch off these checks in the interests of efficiency on production runs. Unanimously, they urged us not to they already knew how frequently subscript errors occur on production runs where failure to detect them could be disastrous. I note with fear and horror that even in 1980 language designers and users have not learned this lesson. In any respectable branch of engineering, failure to observe such elementary precautions would have long been against the law."

-- C.A.R Hoare's "The 1980 ACM Turing Award Lecture"

From 1980!

C++26 will finally have hardening on the standard library, something that I could already enjoy in 1990's with Turbo Vision, OWL, MFC, VCL, but was too much to ask for on the standard library apparently, even if compilers kept having each own their approach.

It took governments and companies to start mapping CVEs to money spent fixing them, to finally acknowledge something had to change.

Meanwhile on C land, business as usual regarding Hoare's quote.

This industry pretends to be driven by technical considerations, yet, with some exceptions, is mostly driven by fads, folk knowledge and aesthetic choices.

Folk knowledge may, and often is, grounded in reality and real experience, but let us not forget that most heated debates in programming of today are rooted mostly in tribal logic and fad chasing.

Static vs dynamic typing is a chief example. Empirical evidence that static typing makes some real difference in terms of bugs or safety is inconclusive at best. Yet it doesn't prevent some people from literally shaming those that prefer dynamic languages. Same with OOP - for years it was everywhere, now you may have an impression that it is a sin to ever use it. But now, as much as back then, there is no evidence to support claim that using or not using OOP is "one true way".

Now, memory safety is a real concern, and we can confidently say that we have found ways (exemplified in Rust) to prevent whole class of issues, but suddenly we are in the situation that every single bit of code out there is supposed to put memory safety as a chief concern, no matter if we are talking about some high perf web server, missile control logic, simple script solving Lotka-Volterra equations or simple calculator app.

Rust doesn't eliminate all bugs. But anecdotally, by the time the type checker and borrow checker have humbled me, my programs really do often work the first time I run them. Its quite remarkable.

This isn't a special thing about rust. All languages are on a spectrum of "detect all bugs statically" to "detect all bugs dynamically". Rust programs run correctly "first time" more than javascript, more than typescript. But still less than haskell.

You can still write bugs in rust, obviously. I've written plenty. As you say, so has cloudflare. But strong typing does find a lot of bugs in practice.

> Most errors are not type errors.

If you follow good strong typing principles, you can ensure that most errors are type errors. Yaron Minsky’s phrase, “Make illegal states unrepresentable”, captures this. But it doesn’t happen by accident just because you’re using a strongly typed language.

Also, if Cloudflare had run the standard Clippy linter on their Rust code, and taken the results seriously, it would have prevented the issue you referenced. Static checks don’t help if you ignore them.

I don't think your comment deserves the downvotes (upvoted to compensate) but I do think that it's questionable if "Most errors are not type errors" is true.

Rust's culture of pushing things into type checking does eliminate a huge swathe of bugs and I wouldn't be surprised if it was the majority.

The hurdle of negotiating translation between filesystem strings and unicode strings strikes me as a good example of a place where most languages don't protect you from bugs and a strongly typed one does. The downside, of course, is that you have to handle these cases (even if it's to explicitly say "I don't care").

I still create dumbass bugs in Rust, but they are usually simple logical errors that are pretty obvious when debugging.

> Most errors are not type errors.

With a sufficiently strong type system all errors are type errors! Rust doesn't have that of course, but it does have quite a strong type system so this is a very bold assertion with no evidence.

Rust does have an "if it compiles it works" feel. Nobody means that literally (this should be really obvious). They just mean that once you get it to compile the chance that it works first time is quite high (like 20% maybe?) compared to most other languages where it's more like 1%.