Unsafe Abstractions


I wrote a blog post about unsafe abstractions in Rust. It’s a way to look at different facilities for creating abstractions in Rust that require unsafe to apply (such as unsafe functions and unsafe traits):


If anyone’s interested, here’s some context for the controversy over “not unsafe to call but unsafe to implement”.


I’d say that this isn’t a Rust-specific article, it’s valid for most languages which do manual memory management or give you low level access, Rust just makes things explicit by using the unsafe keyword.

Too often I’ve been working on a C++ or Delphi project where the “applicative” component (to steal the blog post’s terminology) fails to uphold an invariant my “assumptive” component relies on, leading to hours of time spent in a debugger trying to track down the problem.

Either way I can’t +1 this enough!


Looks like we have found a collision in blog-post titles! This means that there are quite a few Rust blog-posts out there, even if we account for birthday paradox :slight_smile: