Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

And Rust has and will make those breaking changes, while Zig will likely not. In fact there are documented and blessed ways to break memory safety in Zig, and no one is calling them soundness bugs!

I really don’t see how you can claim with a straight face that the two approaches are the same.



"In fact there are documented and blessed ways to break memory safety in Zig" - just as there are in Rust... even the Rust standard library makes liberal use of them (thereby making any program which invokes those parts of the standard library transitively unsafe by definition).

Look, I'm not saying the Zig and Rust approaches are the same. I explicitly stated that Rust is more memory safe than Zig (which is in turn more memory safe than C/C++).

This is because Rust has clearly delineated a "safe" subset of Rust which you have to explicitly opt out of that is mostly sound (and has a goal of eventually being entirely sound), has a culture of encouraging the use of the safe subset, and has taken a good approach to the interfacing of safe and unsafe code (i.e. if unsafe code is properly written and satisfies the exposed contract - despite the compiler being unable to verify this - then safe code can safely be linked with it).

All of this results in extremely low risk of memory corruption for Rust programs in practice (far lower than any other commonly used non-GC language with the sole exception of SPARK).

What you can't do though is reject the notion of memory safety being a sliding scale and draw a binary distinction between languages that are 100% perfectly memory safe and languages that are memory unsafe. Well you can, but Rust will fall on the side of memory unsafe for many years to come. Java (ignoring vendor-specific extensions) falls on the safe side though - the language semantics as specified are sound and it doesn't even have an unsafe subset.


On this sliding scale you insist on, I think most would agree with if we’re insisting on being pedantic which isn’t a great place to have informal discussion. Regardless, correct me if I’m wrong - on the sliding scale Zig isn’t actually that far away from C/C++ whereas Rust is more like C#/JS/Java etc. it also broadens the definition of memory safety to include race conditions whereas Zig is still like C/C++ there (and indeed I can’t think of another language that provides the safety against races that Rust does). Moreover it does this without sacrificing any performance.

Look, Zig has neat ideas. No disputing that. But on the sliding scale there’s a threshold where people are comfortable classifying something as being memory safe to avoid perfect being the enemy of good. And by that classification criteria, Zig falls well below the bar and Rust clears it easily.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: