Unsafe in Rust

by Guillaume Gomez

Who am I?

Rust language reviewer and contributor. Member of:

rustdoc team (team leader)
docs.rs team
tools team

I am a Huawei engineer.

### What is unsafe Rust? Quoting: > Code or interfaces whose memory safety cannot be verified by the type system.

### What does unsafe allow? * Dereference raw pointers * Implement unsafe traits * Call unsafe functions * Mutate statics (including external ones) * Access fields of unions

### What is "FFI"? "FFI" stands for "Foreign Function Interface". In short: declaring items from a C library in your Rust code to use them.

### NonNull doesn't solve all issues! * You can still have concurrent access to the data pointed by the pointer. * You still have to free the memory yourself. * You still need to initialize the memory you allocated to the pointer. * You can still have dangling pointers.

### Wrapping pointers is the key

If your type implements Drop, don't implement Clone!

### -sys or not? When and why creating **-sys** crates. * Breaking change in **-sys** without breaking change in non **-sys** * Lighter if you don't care about non **-sys**

Thank you for listening!

More advanced explanations on
< blog.guillaume-gomez.fr >

< guillaume1.gomez@gmail.com >

@GuillaumeGomez

@imperioworld_

@imperio@fosstodon.org