Bun's Rust rewrite ships undefined behavior, fails basic Miri checks

A bug report against Bun’s in-progress Rust rewrite shows the codebase fails fundamental Miri checks, exposing undefined behavior reachable from safe Rust. The reproducer constructs a PathString from a boxed byte slice, drops the backing allocation, then calls a slice() method that hands back a reference built via core::slice::from_raw_parts on a dangling pointer — exactly the kind of use-after-free the borrow checker is supposed to prevent, smuggled past it by an unsafe block that doesn’t tie the returned lifetime to the owning buffer.

The issue is small in lines of code but structurally serious: PathString’s API contract is unsound, so any caller of slice() can trigger UB without writing a single unsafe keyword. That’s the worst class of Rust bug, since it means the unsafety isn’t contained at the point where it was introduced. The reporter pointedly blames AI-assisted coding and urges the project to bring in an experienced Rust developer, framing this as a symptom rather than an isolated mistake.

The broader signal for anyone tracking the JavaScript-runtime arms race is that Bun’s Rust port — pitched as a correctness and performance upgrade over the existing Zig implementation — is shipping the exact memory-safety failures Rust is supposed to make impossible, suggesting the rewrite needs human review of every unsafe boundary before it can claim the safety story.