Motivations
We know that writing code without the guarantees that Rust provides …
“Use-after-free (UAF), integer overflows, and out of bounds (OOB) reads/writes comprise 90% of vulnerabilities with OOB being the most common.”
–— Jeff Vander Stoep and Chong Zang, Google. “Queue the Hardening Enhancements”
… so why is unsafe part of the language?
This segment should take about 20 minutes. It contains:
| Slide | Duration |
|---|---|
| Motivations | 1 minute |
| 互操作性 | 5 minutes |
| Data Structures | 5 minutes |
| Performance | 5 minutes |
This slide should take about 1 minute.
The unsafe keyword exists because there is no compiler technology available today that makes it obsolete. Compilers cannot verify everything.