Hacker News new | past | comments | ask | show | jobs | submit login

Yes, it's possible to write unsafe code that exhibits undefined behavior in Rust in general (not just through FFI and bindings such as this).



Sure, but this isn't unsafe code. Code using this library isn't written in an unsafe block, right? You just use it like any other Rust library?


It's unsafe to Rust. Rust has defined safety to mean a certain thing. In order to support FFI in general the Rust compiler must assume nothing about the safety guarantees of the other language, and therefore that it should be considered "unsafe" according to Rust.


If you're asking about gtk-rs, yes you use it just like a library. The only reason the unsafe block is there is because it does FFI. The Rust compiler inherently doesn't trust ffi calls. That doesn't mean necessarily that the call is actually unsafe.


If you write code that can be called without 'unsafe' then you are required to make that code safe. Whether you implement it using unsafe underneath is irrelevant.

The unsafe block is there because it does FFI, which hasn't actually been verified to be safe.


You're rephrasing exactly what I said:

> The Rust compiler inherently doesn't trust ffi calls. That doesn't mean necessarily that the call is actually unsafe.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: