The Rust Foundation has recently released statistics indicating that out of the 127,000 significant packages available on crates.io, over 24,000 (19.11%) utilize the keyword “UNSAFE” to disable memory safety checks. Additionally, 34.35% of these packages directly call functions from other Crate packages that are in “UNSAFE” mode.
It is observed that the predominant reason for using the “Unsafe” mode is to interact with code written in other languages or to interface with libraries in C/C++. The Microsoft Crate package windows stands out as the package with the highest number of calls in the “UNSAFE” mode, serving as an abstraction over the WindowsAPI. This package has accumulated 36 million downloads. The “UNSAFE” mode is also commonly used in popular packages such as syn (470 million downloads), proc-macro2 (354 million downloads), and libc (345 million downloads).
To address potential issues in code written in “Unsafe” mode, the Rust Foundation is developing an interpreter called miri. This tool aids in detecting out-of-bounds buffer accesses, post-memory release usage, incorrect handling of uninitialized data, violations of basic type invariance (e.g., inconsistent bool values of 0 or 1), breaches of object ownership rules, race conditions, and memory leaks.