doc: correction of purpose for unsafe code

[alfiedotwtf]

I think the opposite is what was meant.

[reem]

@Alfie Actually what is written there is exactly what is meant - the behavior listed there is behavior that can never occur in any Rust code, as it invokes the dreaded "undefined behavior." The compiler ensures that none of these things can ever occur in safe code, but unsafe code is responsible for ensuring that none of these things happen itself.

This section should probably be renamed to "Behavior considered undefined" instead of "Behavior considered unsafe" due to the clash with the naming of unsafe.

[alfiedotwtf]

@reem Thanks for the heads up :)

This is a bit confusing then as "6.1.3.2.2 Unsafe blocks" says:

"A block of code can also be prefixed with the unsafe keyword to permit calling unsafe functions or dereferencing raw pointers within a safe function"

Then in "6.1.3.2.3 Behavior considered unsafe", one of the behaviors is "Dereferencing a null/dangling raw pointer".

[reem]

@Alfie Sure. I agree it could be worded more clearly.

Just for clarification, the undefined behavior comes from dereferencing a null pointer which even unsafe code is not allowed to do. unsafe code is allows to dereference raw pointers, which might not be valid, the point being that the unsafe code does additional work that the compiler can track to ensure that it does not dereference a raw pointer which might be null or dangling.

The idea with unsafe is that it is possible to shoot yourself in the foot and invoke undefined behavior, but you must not do so - unsafe is meant to signify that you are doing something safe* but the compiler cannot verify that it is safe for you.

* I recognize the irony ;)

[alfiedotwtf]

@reem Awesome. Thanks again for the explaination.

My poor brain. Hopefully it will make more sense in the morning after some coffee ;)

[steveklabnik]

Yes, @reem is correct. Another pull request to make the wording more clear might be good, but this one is incorrect. :)