Unsafe Rust

What is unsafe Rust

Unsafe Rust is dual to the safe part of the language and exists because computer hardware is inherently unsafe

The unsafe superpowers are turned on for specific blocks of code using the unsafe keyword.

Note that none of the previous safe features of the language are disabled inside unsafe, we simply unlock new ones

Doesn't it kinda defeat the point?

unsafe is only a problem if everything in a program is wrapped inside it

We must keep unsafe blocks as close and isolated as possible, this way:

1. We can throughly review the unsafe code and test every possible bit flip
2. If a memory error will happen, it must be inside one unsafe block

Unsafe superpowers

unsafe gives us the ability to:

• Dereference a raw pointer
• Call an unsafe function or method
• Access or modify a mutable static variable
• Implement an unsafe trait
• Access fields of unions
• Calling C functions through the FFI

Foreign Function Interface

The Foreign Function Interface (FFI for friends) is a feature that allows our code to call/be called from other languages (link C or C++)

Foreign code is always unsafe

The FFI allows us to integrate Rust into other projects in other languages. Some small projects that do this are:

• The Linux kernel
• The Firefox browser
• And many others...

The dark arts

Our quick trip into unsafe stops only at the surface

For those who want to risk their soul and venture into the void, there is the Rustonomicon