A question came up at work whether I can quantify the safety benefits of Rust and back them up with actual data. Turns out I can:
I just found a related paper: https://arxiv.org/pdf/2003.03296.pdf
I feel conflicted about this paper. On one hand, the legwork is praise-worthy and the conclusions on ways to prevent this are super interesting. On the other, it makes some rather strong claims without backing them up - like "Such issues are very common in third-party Rust libraries." and states that Rust is no better at preventing memory safety issues than "other languages", which is not a conclusion you can derive from the data presented. The "Implication to Potential Users" section is much more correct but almost reads like it contradicts the rest of the paper.
the conclusions on ways to prevent this are super interesting
Are you referring mainly to section 5.3 Implication to Compiler Developers or something else?
Mostly 5.2 Implication to Program Developers because I don't understand 5.3 Implication to Compiler Developers well enough to tell how feasible it is