Skip to content

Commit

Permalink
Improve wording of unsafe proof obligations.
Browse files Browse the repository at this point in the history
Co-authored-by: Ralf Jung <[email protected]>
  • Loading branch information
gregschmit and RalfJung authored Jul 19, 2023
1 parent 3c3c084 commit 451a8e4
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/unsafe-keyword.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ By putting operations into an unsafe block, the programmer states that they have
Unsafe blocks are the logical dual to unsafe functions:
where unsafe functions define a proof obligation that callers must uphold, unsafe blocks state that all relevant proof obligations of functions or operations called inside the block have been discharged.
There are many ways to discharge proof obligations;
for example, there could be run-time checks or data structure invariants that guarantee that certain properties are definitely true, or the unsafe block could be inside an `unsafe fn`, in which case the block can use the proof obligations of that function to discharge the proof obligations of any unsafe functions called inside the block.
for example, there could be run-time checks or data structure invariants that guarantee that certain properties are definitely true, or the unsafe block could be inside an `unsafe fn`, in which case the block can use the proof obligations of that function to discharge the proof obligations arising inside the block.

Unsafe blocks are used to wrap foreign libraries, make direct use of hardware or implement features not directly present in the language.
For example, Rust provides the language features necessary to implement memory-safe concurrency in the language but the implementation of threads and message passing in the standard library uses unsafe blocks.
Expand Down

0 comments on commit 451a8e4

Please sign in to comment.