In the proposal, @trusted code is actually considered the same as @safe, but allows @system escapes.
But that can't work:
@trusted_is_safe { auto tmp = get_hardware_config(); @system{ mess_up_hardware_config(); }// now this unsafe call is called in a @safe context, but is unsafe...
// DMD does not catch this, so "@trusted_is_safe" is broken call_safe_code_that_now_is_messed_up(); @system{ restore_hardware_config(tmp); } }