Imported document about undefined behavior and safe api in LLD

[pellico]

No description provided.

[PLeVasseur]

Hi @pellico -- I gave this an initial read today, found a few suggestions. I'd like to read through it again and review.

I'd suggest posting a link to this PR into the Zulip to see if we can have further review by others as well 🙂

[vapdrs]

Interesting read. I left some comments, mostly grammar related.

[vapdrs]

My thought here would be that because as you defined for the unsafe block,

the contract necessary to call the operations inside the block has been checked by the programmer and is guaranteed to be respected

Any calls made via C API should be considered default unsafe until a programmer checks to ensure the contract of the API is fulfilled and Rust's safety guarantees will be met.

[pellico]

Sorry but I don't fully understand this comment.
I am trying to explain that there is a contradiction between the statement:

Rust`s safety guarantees only cover what the program itself can do, and
not what entities outside the program can do to it.

and the fact that FFI (external word) are considered unsafe by the compiler.
Moreover the definition of unsafe block is copied from here

Are you proposing a change in the text ?

[vapdrs]

I was not proposing a change in the text. I just didn't understand that you were setting up a contradiction there.

I understand what you are saying now, after reading your reply. Perhaps you could consider making that section more explicit, or you could just leave it as is.