• Myths and Legends about Integer Overflow in Rust

    The primitive integer types supported by CPUs are finite approximations to the infinite set of integers we’re all used to. This approximation breaks down and some computations will give results that don’t match real integers, like 255_u8 + 1 == 0. Often, this mismatch is something the programmer didn’t think about, and thus can easily result in bugs.

    Read more
  • Memory Leaks are Memory Safe

    Memory unsafety and memory leaks are arguably the two categories of bugs that have received the most attention for prevention and mitigation. As their names suggest, they are in the same part of “bug space”, however they are in some ways diametric opposites, and solving one does not solve the other. The widespread use of memory-safe managed languages hammers this point home: they avoid some memory unsafety by presenting a “leak everything” model to programmers.

    Read more