Content deleted Content added
m →Unsafe: double space |
→Unsafe: adding another ref for doubly linked lists, this one says impossible. (FWIW the most famous is the learning Rust one which does show that it's possible, but only by adding dynamic overheads and leaking some of the implementation details in the interface. Don't think we can get into that in the article though without adding TMI and OR.) |
||
Line 558:
Rust's memory safety checks may be circumvented through the use of {{code|unsafe}} blocks. This allows programmers to deference arbitrary raw pointers, call external code, or perform other low-level functionality not allowed by safe Rust.{{sfn|Klabnik|Nichols|2023|pp=420-429}} Some low-level functionality enabled in this way includes [[Volatile (computer programming)|volatile memory access]], architecture-specific intrinsics, [[type punning]], and inline assembly.{{sfn|McNamara|2021|p=139, 376–379, 395}}
Unsafe code is sometimes needed to implement complex data structures.<ref name="UnsafeRustUse">{{Cite journal |last1=Astrauskas |first1=Vytautas |last2=Matheja |first2=Christoph |last3=Poli |first3=Federico |last4=Müller |first4=Peter |last5=Summers |first5=Alexander J. |date=2020-11-13 |title=How do programmers use unsafe rust? |url=https://dl.acm.org/doi/10.1145/3428204 |journal=Proceedings of the ACM on Programming Languages |language=en |volume=4 |issue=OOPSLA |pages=1–27 |doi=10.1145/3428204 |issn=2475-1421|hdl=20.500.11850/465785 |hdl-access=free}}</ref> A frequently cited example is that it is difficult or impossible to implement [[doubly linked list]]s in safe Rust.<ref>{{Cite journal |last=Lattuada |first=Andrea |last2=Hance |first2=Travis |last3=Cho |first3=Chanhee |last4=Brun |first4=Matthias |last5=Subasinghe |first5=Isitha |last6=Zhou |first6=Yi |last7=Howell |first7=Jon |last8=Parno |first8=Bryan |last9=Hawblitzel |first9=Chris |date=2023-04-06 |title=Verus: Verifying Rust Programs using Linear Ghost Types |url=https://dl.acm.org/doi/10.1145/3586037 |journal=Software Artifact (virtual machine, pre-built distributions) for "Verus: Verifying Rust Programs using Linear Ghost Types" |volume=7 |issue=OOPSLA1 |pages=85:286–85:315 |doi=10.1145/3586037}}</ref><ref>{{Cite journal |last=Milano |first=Mae |last2=Turcotti |first2=Julia |last3=Myers |first3=Andrew C. |date=2022-06-09 |title=A flexible type system for fearless concurrency |url=https://dl.acm.org/doi/10.1145/3519939.3523443 |journal=Proceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation |series=PLDI 2022 |___location=New York, NY, USA |publisher=Association for Computing Machinery |pages=458–473 |doi=10.1145/3519939.3523443 |isbn=978-1-4503-9265-5}}</ref><ref>{{Cite web |title=Introduction - Learning Rust With Entirely Too Many Linked Lists |url=https://rust-unofficial.github.io/too-many-lists/ |access-date=2025-08-06 |website=rust-unofficial.github.io}}</ref><ref>{{Cite journal |last=Noble |first=James |last2=Mackay |first2=Julian |last3=Wrigstad |first3=Tobias |date=2023-10-16 |title=Rusty Links in Local Chains✱ |url=https://doi.org/10.1145/3611096.3611097 |journal=Proceedings of the 24th ACM International Workshop on Formal Techniques for Java-like Programs |series=FTfJP '22 |___location=New York, NY, USA |publisher=Association for Computing Machinery |pages=1–3 |doi=10.1145/3611096.3611097 |isbn=979-8-4007-0784-1}}</ref>
Programmers using unsafe Rust are considered responsible for upholding Rust's memory and type safety requirements, for example, that no two mutable references exist pointing to the same ___location.<ref name=IsRustSafely>{{Cite journal |last=Evans |first=Ana Nora |last2=Campbell |first2=Bradford |last3=Soffa |first3=Mary Lou |date=2020-10-01 |title=Is rust used safely by software developers? |url=https://doi.org/10.1145/3377811.3380413 |journal=Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering |series=ICSE '20 |___location=New York, NY, USA |publisher=Association for Computing Machinery |pages=246–257 |doi=10.1145/3377811.3380413 |isbn=978-1-4503-7121-6}}</ref> If programmers write code which violates these requirements, this results in [[undefined behavior]].<ref name=IsRustSafely/> The Rust documentation includes a list of behavior considered undefined, including accessing dangling or misaligned pointers, or breaking the aliasing rules for references.<ref>{{Cite web |title=Behavior considered undefined - The Rust Reference |url=https://doc.rust-lang.org/reference/behavior-considered-undefined.html |access-date=2025-08-06 |website=doc.rust-lang.org}}</ref>
| |||