`unsafe` the keyword vs unsafe the concept. Lots of `unsafe` code is safe when used through a safe wrapper. Verifying that is the duty of the programmer. The compiler can't prove it, but quite often the programmer can.
IMO it's good practice to provide a comment with such proof for every `unsafe` block.
So `unsafe` does not imply unsound, but unsound does imply `unsafe`.
IMO it's good practice to provide a comment with such proof for every `unsafe` block.
So `unsafe` does not imply unsound, but unsound does imply `unsafe`.