[nicce]

> If interactions through safe abstractions leak unsafety into your code, that's a bug in the abstractions.

This isn't much different than saying that C safe language if you write it perfectly.

> definition of writing a safe abstraction

That definition is not guaranteeing safety, because that is usually not possible. It just about limiting risky areas.

[lilyball]

> This isn't much different than saying that C safe language if you write it perfectly.

The difference is in C, the entire language is unsafe, whereas in Rust only the bits marked `unsafe` are unsafe. Most Rust code does not need to use `unsafe` at all, and by extension most Rust developers don't need to touch `unsafe`. And for those developers who do use `unsafe`, instead of having to prove every single line of the program is safe like you do in C, you only have to prove that the tiny subset of the program contained within `unsafe` is safe.

[saagarjha]

No, not quite. If the abstractions leak then it's Rust's fault. If you write buggy C then it's your fault.

[nicce]

> If the abstractions leak then it's Rust's fault

It is the fault of the one who wrote the abstraction.

[saagarjha]

Which is one of the Rust people yes