Skip to content

Commit 5e9d38e

Browse files
brsonbrson
committed
Remove 'unchecked' from docs
1 parent 76c8b83 commit 5e9d38e

File tree

1 file changed

+17
-16
lines changed

1 file changed

+17
-16
lines changed

doc/rust.md

Lines changed: 17 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -222,7 +222,7 @@ pure
222222
return
223223
struct
224224
true trait type
225-
unchecked unsafe
225+
unsafe
226226
while
227227
~~~~~~~~
228228

@@ -1035,23 +1035,24 @@ pure fn nonempty_list<T>(ls: List<T>) -> bool { pure_length(ls) > 0u }
10351035

10361036
*TODO:* should actually define referential transparency.
10371037

1038-
The effect checking rules previously enumerated are a restricted set of
1039-
typechecking rules meant to approximate the universe of observably
1040-
referentially transparent Rust procedures conservatively. Sometimes, these
1041-
rules are *too* restrictive. Rust allows programmers to violate these rules by
1042-
writing pure functions that the compiler cannot prove to be referentially
1043-
transparent, using an escape-hatch feature called "unchecked blocks". When
1044-
writing code that uses unchecked blocks, programmers should always be aware
1045-
that they have an obligation to show that the code *behaves* referentially
1046-
transparently at all times, even if the compiler cannot *prove* automatically
1047-
that the code is referentially transparent. In the presence of unchecked
1048-
blocks, the compiler provides no static guarantee that the code will behave as
1049-
expected at runtime. Rather, the programmer has an independent obligation to
1050-
verify the semantics of the pure functions they write.
1038+
The effect checking rules previously enumerated are a restricted set
1039+
of typechecking rules meant to approximate the universe of observably
1040+
referentially transparent Rust procedures conservatively. Sometimes,
1041+
these rules are *too* restrictive. Rust allows programmers to violate
1042+
these rules by writing pure functions that the compiler cannot prove
1043+
to be referentially transparent, using "unsafe blocks". When writing
1044+
code that uses unsafe blocks, programmers should always be aware that
1045+
they have an obligation to show that the code *behaves* referentially
1046+
transparently at all times, even if the compiler cannot *prove*
1047+
automatically that the code is referentially transparent. In the
1048+
presence of unsafe blocks, the compiler provides no static guarantee
1049+
that the code will behave as expected at runtime. Rather, the
1050+
programmer has an independent obligation to verify the semantics of
1051+
the pure functions they write.
10511052

10521053
*TODO:* last two sentences are vague.
10531054

1054-
An example of a pure function that uses an unchecked block:
1055+
An example of a pure function that uses an unsafe block:
10551056

10561057
~~~~
10571058
# use std::list::*;
@@ -1065,7 +1066,7 @@ fn pure_foldl<T, U: Copy>(ls: List<T>, u: U, f: fn(&&T, &&U) -> U) -> U {
10651066
10661067
pure fn pure_length<T>(ls: List<T>) -> uint {
10671068
fn count<T>(_t: T, &&u: uint) -> uint { u + 1u }
1068-
unchecked {
1069+
unsafe {
10691070
pure_foldl(ls, 0u, count)
10701071
}
10711072
}

0 commit comments

Comments
 (0)