[pizlonator]

Ish.

It really depends!

Fil-C is memory-safe down to the libpizlo POSIXish syscall layer, and then even those syscalls do memory safety checks (so you can't read(2) into an OOB area of a buffer, for example).

So, some safe code is built on a crapton of unsafe code, while other safe code is built on a tightly controlled TCB. There's a big spectrum there.

[steveklabnik]

You’re describing exactly what I am describing: you still call out into a syscall that is not safe. You prevent that by checking things in the wrapper. Very standard.

[btown]

And even in the lowest level assembly code imaginable, sometimes the syscall called by your assembly is really unsafe code: https://github.com/chrislgarry/Apollo-11/blob/master/Luminar...

[pizlonator]

You’re disingenuously conflating calling into a pile of userland unsafe code that does crypto using arrays and ptr math, which also does unsafe syscalls, with making all that memory safe except the syscall.

They’re not the same thing.

If they were the same thing then there would be no point to memory safety at all.

[steveklabnik]

> You’re disingenuously

Cool man. Reaching for insults isn’t a good way to have a conversation. Good luck on your project.

[pizlonator]

Using disingenuous arguments will get you to nothing but bad ideas. I'm just trying to help you out.