CommunityNews

CommunityNews

Is Rust Used Safely by Software Developers?

Is Rust Used Safely by Software Developers?.
Rust, an emerging programming language with explosive growth, provides a
robust type system that enables programmers to write memory-safe and data-race
free code. To allow access to a machine’s hardware and to support low-level
performance optimizations, a second language, Unsafe Rust, is embedded in Rust.
It contains support for operations that are difficult to statically check, such
as C-style pointers for access to arbitrary memory locations and mutable global
variables. When a program uses these features, the compiler is unable to
statically guarantee the safety properties Rust promotes. In this work, we
perform a large-scale empirical study to explore how software developers are
using Unsafe Rust in real-world Rust libraries and applications. Our results
indicate that software engineers use the keyword unsafe in less than 30% of
Rust libraries, but more than half cannot be entirely statically checked by the
Rust compiler because of Unsafe Rust hidden somewhere in a library’s call
chain. We conclude that although the use of the keyword unsafe is limited, the
propagation of unsafeness offers a challenge to the claim of Rust as a
memory-safe language. Furthermore, we recommend changes to the Rust compiler
and to the central Rust repository’s interface to help Rust software developers
be aware of when their Rust code is unsafe.

Read in full here:

This thread was posted by one of our members via one of our news source trackers.

Most Liked

timClicks

timClicks

Author of Rust in Action

Thank you! Devtalk is a really wonderful space. It’s great to be part of an enthusiastic community.

DevotionGeo

DevotionGeo

There is a book from newline.co called Fullstack Rust, which teaches actix as well as WebAssembly in rust.

One more thing: I’ve seen the creator Nikolay Kim and other core contributors of actix, fighting over the usage of unsafe. Nikolay was striving for the fastest thing possible, and others were striving for the safest one.
Nikolay Kim left the project and started another library/framework called ntex. Rest of the team replaced almost all the unsafe code with safe code. And the good thing is that actix is still as fast as ntex.

AstonJ

AstonJ

Don’t forget book-hands-on-rust @dwaynebradley :smiley:

Rust in Action’s author @timClicks joined up recently too :smiley:

Ah nice! I didn’t know he started another project and that actix was ‘fixed’ :+1:

Where Next?

Popular Backend topics Top

New
First poster: bot
A short history of ReScript (BuckleScript). It takes time to write such a post for a non-native speaker like me, but I appreciate what t...
New
First poster: bot
GitHub - cshum/imagor: Fast, Docker-ready image processing server written in Go and libvips, with Thumbor URL syntax. Fast, Docker-ready...
New
First poster: OvermindDL1
GitHub - deadpixi/wasm-maze-generator: A simple WASM maze generator in Go. A simple WASM maze generator in Go. Contribute to deadpixi/wa...
New
First poster: bot
Hacking sum types with Go generics. Go doesn’t have sum types, but generics get us one step closer to a useful polyfill. If you’ve ever ...
New
CommunityNews
The History of Franz and Lisp. In 1984, while a graduate student in mathematics and in the relatively new Computer Science Department at...
New
First poster: bot
Disclaimer: I work at Uber and am partially responsible for bringing zig cc to serious internal use. Opinions are mine, this blog post is...
New
First poster: bot
Introducing Trilogy: a new database adapter for Ruby on Rails | The GitHub Blog. We’ve open sourced Trilogy, the database adapter we use...
New
First poster: bot
user-defined iteration using range over func values · Discussion #56413 · golang/go. There is no standard way to iterate over a sequence...
/go
New
First poster: KnowledgeIsPower
Released in 2024, uv is hands-down the best tool for managing Python installations and dependencies. Here’s why.
New

Other popular topics Top

brentjanderson
Bought the Moonlander mechanical keyboard. Cherry Brown MX switches. Arms and wrists have been hurting enough that it’s time I did someth...
New
DevotionGeo
I know that -t flag is used along with -i flag for getting an interactive shell. But I cannot digest what the man page for docker run com...
New
AstonJ
Do the test and post your score :nerd_face: :keyboard: If possible, please add info such as the keyboard you’re using, the layout (Qw...
New
AstonJ
We’ve talked about his book briefly here but it is quickly becoming obsolete - so he’s decided to create a series of 7 podcasts, the firs...
New
AstonJ
Was just curious to see if any were around, found this one: I got 51/100: Not sure if it was meant to buy I am sure at times the b...
New
PragmaticBookshelf
Author Spotlight Rebecca Skinner @RebeccaSkinner Welcome to our latest author spotlight, where we sit down with Rebecca Skinner, auth...
New
New
PragmaticBookshelf
Leverage Elixir and the Nx ecosystem to build intelligent applications that solve real-world problems in computer vision, natural languag...
New
New
sir.laksmana_wenk
I’m able to do the “artistic” part of game-development; character designing/modeling, music, environment modeling, etc. However, I don’t...
New