On Tue, Jun 23, 2026 at 11:49 AM Philipp Stanner <[email protected]> wrote: > > But it would be interesting to know more about how in general Rust's > unsafe comments are related to problems beyond UAF issues, and to what > degree we want to document context requirements.
I am confused by the UAF there. Did you mean UB? Rust's `unsafe` is about way more than just use-after-free -- it is about all potential undefined behavior. At the same time, it is not about merely "dangerous" things. If you cannot possibly cause UB, then it is not in scope. Otherwise, it is very much in scope and the safety preconditions/requirements need to be clearly documented (`# Safety`) or justified (`// SAFETY:`). Now, sometimes it may not make a lot of sense to duplicate a ton of information, so sometimes we lift text to the Rust module docs and refer to it; and sometimes it may also make more sense to refer to external docs. One way or another, the goal is to document the requirements and what is going on as clearly as possible. Cheers, Miguel
