>The development comes a little over a year after the tech giant [Google] disclosed that its transition to Rust led to a decline in memory safety vulnerabilities from 223 in 2019 to less than 50 in 2024.>The company pointed out that Rust code requires fewer revisions, necessitating about 20% fewer revisions than their C++ counterparts, and has contributed to a decreased rollback rate, thereby improving overall development throughput.>We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android's C and C++ code. But the biggest surprise was Rust's impact on software delivery," Google's Jeff Vander Stoep said. "With Rust changes having a 4x lower rollback rate and spending 25% less time in code review, the safer path is now also the faster one >With roughly 5 million lines of Rust in the Android platform and one potential memory safety vulnerability found (and fixed pre-release), our estimated vulnerability density for Rust is 0.2 vuln per 1 million lines (MLOC).>Our historical data for C and C++ shows a density of closer to 1,000 memory safety vulnerabilities per MLOC. Our Rust code is currently tracking at a density orders of magnitude lower: a more than 1000x reduction.https://thehackernews.com/2025/11/rust-adoption-drives-android-memory.html
this is 2 articles, link to the other onehttps://security.googleblog.com/2025/11/rust-in-android-move-fast-fix-things.html
>copy paste existing software>woav all the bugs that we found and fixed in C aren't there
I work with Jeets, I know KPIs are worthless and you can make them say anything you want>we audited ourselves and found no wrongdoings at all
>>107691340Static analysis and annotation in C can give you the same safety guarantees as Rust.Why not just use that and keep the mature working codebase instead of using some buggy experimental trash language like Rust to rewrite solved problems?
>>107691340>Rust leads to fewer memory bugsSo why aren't they counting memory leaks as a memory bug? That happens a lot in rust.
>>107691587>Static analysis and annotation in C can give you the same safety guarantees as Rust.>Why not just use that and keep the mature working codebase instead of using some buggy experimental trash language like Rust to rewrite solved problems?Is what you are suggesting scalable?If not well that's not what the corps want.
>>107691560> can't readGoogle primarily uses Rust on new projects. The studies explicitly state that they don't typically convert projects from one language to another as the payoff isn't as great because many of the bugs have already been found.
>>107691754> Is what you are suggesting scalable?It's just a #pragma line in front of functions for each pointer they get via arguments.This is all you need to make Rust obsolete.
>>107692213oracle dev studio did thatever heard about it?
