mirror of https://github.com/google/comprehensive-rust.git synced 2025-05-29 21:57:42 +02:00

When teaching the class, I notice that these comments (which are
wrapped at 100 columns) cause a horizontal scrollbar which makes them
hard to read at a glance.

Here I wrapped them at 80 columns, which fits on the screen and which
avoids overly long lines.

2023-05-03 12:00:58 +02:00

1.5 KiB

Raw Blame History

Dereferencing Raw Pointers

Creating pointers is safe, but dereferencing them requires unsafe:

fn main() {
    let mut num = 5;

    let r1 = &mut num as *mut i32;
    let r2 = r1 as *const i32;

    // Safe because r1 and r2 were obtained from references and so are
    // guaranteed to be non-null and properly aligned, the objects underlying
    // the references from which they were obtained are live throughout the
    // whole unsafe block, and they are not accessed either through the
    // references or concurrently through any other pointers.
    unsafe {
        println!("r1 is: {}", *r1);
        *r1 = 10;
        println!("r2 is: {}", *r2);
    }
}

It is good practice (and required by the Android Rust style guide) to write a comment for each unsafe block explaining how the code inside it satisfies the safety requirements of the unsafe operations it is doing.

In the case of pointer dereferences, this means that the pointers must be valid, i.e.:

The pointer must be non-null.
The pointer must be dereferenceable (within the bounds of a single allocated object).
The object must not have been deallocated.
There must not be concurrent accesses to the same location.
If the pointer was obtained by casting a reference, the underlying object must be live and no reference may be used to access the memory.

In most cases the pointer must also be properly aligned.

1.5 KiB Raw Blame History

Dereferencing Raw Pointers

1.5 KiB

Raw Blame History