(this seems to be getting fresher by the day, I guess the more people use rust in production the more that'll be clear? there are _lots_ of ways to make most programs in most languages -- memory safe languages! -- halt with a fatal error. we know this right? we do not write in total languages with functional correctness proofs. like basically anyone at all. it'd be great if we did but the set of people who get paid to do that is extremely small and they produce code at a rate that would make your manager fall out of their chair laughing. because it is extremely super duper hard. that was 100% not the target niche rust was aiming for.)
(like y'all remember java has NPE right? null pointer exception? java is memory safe. it's great. java or C# with null split out into its own type like option so you can mostly statically exclude it is even better. we're just trying to get systems programmers to that point. the crash is the good case. the bad case is "someone takes over your computer". that's why Fil-C was describing itself correctly as a memory-safety system last week. because it turns all the bad cases into crashes. the crash is the good case.)
If you have a fediverse account, you can quote this note from your own instance. Search https://types.pl/users/graydon/statuses/115574640636464969 on your instance and quote it. (Note that quoting is not supported in Mastodon.)