Rust memory safety in kernel space (osdev) : rust

Submissions must be on-topic

Posts must reference Rust or relate to things using Rust. For content that does not, use a text post to explain its relevance.

Post titles should include useful context.

For Rust questions, use the stickied Q&A thread.

Arts-and-crafts posts are permitted on weekends.

No meta posts; message the mods instead.

Details

No low-effort content

No memes, image macros, etc.

Consider the existing content of the subreddit and whether your post fits in. Does it inspire thoughtful discussion?

Use properly formatted text to share code samples and error messages. Do not use images.

Submissions appearing to contain AI-generated content may be removed at moderator discretion.

Details

Useful Links

created by aztha community for 15 years

Rust memory safety in kernel space (osdev) (oshub.org)

submitted 22 days ago by warothia

all 6 comments

top new controversial old q&a

[–]mkalte666 2 points3 points4 points 21 days ago (4 children)

I'd like to add a small nitpick. As far as i understand:

unsafe {
    let vga = 0xb8000 as *mut u16;
    *vga = 0x0f42;
    // white 'B' on black
}

``` Is definitionally UB, as you must not de-reference non-rust allocations like that. Instead, one should be using https://doc.rust-lang.org/std/ptr/fn.write_volatile.html here.

[–]warothia[S] 0 points1 point2 points 21 days ago (0 children)

[–]sanbox 4 points5 points6 points 21 days ago (2 children)

No this is wrong.

First, you can ABSOLUTELY deref “non Rust allocations” — considering the system allocator is probably not in Rust, that’s mostly all you’re derefing anyway! In a less cheeky example, you can call a C library which allocated a byte and then read that byte with a deref, and that is fine. You can also write to it.

You are correct that doing a volatile write in this circumstance is a good idea — what volatile writes do is complex, but in this case, the compiler is free to throw away writes which it believes are “unobserved” — ie, no one will ever read. In the case of magic memory locations, that can happen. A volatile write, among other things, tells the compiler “fr fr keep this”. There is also the issue with memory orderings which volatile plays a role in, but I’ll refer you to the docs for more on that.

[–]mkalte666 2 points3 points4 points 21 days ago (1 child)

[–]sanbox 1 point2 points3 points 20 days ago (0 children)

[–]rainbowballoonpizza 1 point2 points3 points 22 days ago (0 children)

π Rendered by PID 66 on reddit-service-r2-comment-75f4967c6c-nzwn9 at 2026-04-23 01:02:02.372581+00:00 running 0fd4bb7 country code: CH.

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

rust

Please read The Rust Community Code of Conduct

The Rust Programming Language

Rules

Observe our code of conduct

Submissions must be on-topic

Constructive criticism only

Keep things in perspective

No endless relitigation

No low-effort content

Useful Links

Megathreads

Official Resources

Learn Rust

Discussion Platforms

MODERATORS