Anybody know of any good resources on when it's ok to mark @rustlang functions that use unsafe code as safe? I feel like while there's been some good highly technical analysis, there's not a ton of resources of how to think about `unsafe`.
-
-
You might ask, "why don't existing COM wrapper libraries like direct2d-rs and dwrote expose unsafe?" I'd argue it's because they're riddled with safety bugs. There are other people who might argue "it's only technical UB," but I'd say they're wrong.
-
I agree with you completely. We tried to generate safe wrappers for COM. I don’t believe it’s possible unless you’re methods take only Copy arguments and you assume that IUnknown is implemented properly
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.