Language vision regarding safety guarantees
Rust Internals [Unofficial]
June 30, 2026
Evian-Zhang:
> What is the difference for the library author when writing the code that guarantees a stable sort for logic or for safety? Maybe figuring out this could help me understand your opinion.
The difference is whether failure to uphold that guarantee is a logic bug or a safety bug.
If a crate author wants to only write actually-safe code to avoid dealing with safety bugs, they can avoid using unsafe code and avoid providing safety guarantees. They can still provide logic guarantees. But they know that if they fail to uphold those logic guarantees (because they are usually quite complex and not worth bothering to get them completely right) they won't cause undefined behavior. That author prevents the scope of unsafe of their clients to reach their crate, essentially encapsulating it.
Discussion in the ATmosphere