Language vision regarding safety guarantees
Rust Internals [Unofficial]
July 3, 2026
tczajka:
> There is no separate "safety contract", and there is no need for one.
Then what are safety requirements if not (a part of) a safety contract? They obviously differ from logic requirements otherwise all functions would be unsafe, so they obviously are not (part of) the logic contract.
Maybe you don't make a distinction because you don't write logic bugs, in which case the safety contract is indeed useless. But Rust (contrary to C) is supposed to let people write logic bugs without causing undefined behavior in their dependencies. And the topic of this thread is to figure out if Rust is supposed to let people write logic bugs without causing undefined behavior outside their unit of implementation (so both in their dependencies and in their clients).
Discussion in the ATmosphere