elaborate on slice wide pointer metadata #1499
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
joshlf
reviewed
May 23, 2024
tmandry
reviewed
Jun 3, 2024
src/behavior-considered-undefined.md
Outdated
| * `dyn Trait` metadata is invalid if it is not a pointer to a vtable for | ||
| `Trait` that matches the actual dynamic trait the pointer or reference points to. | ||
| `Trait` that matches the actual dynamic type the pointer or reference points to. |
There was a problem hiding this comment.
Preexisting but how can this be a requirement for wide pointers, whose data portion is allowed to dangle, I assume?
There was a problem hiding this comment.
Hm... yeah the actually implemented requirement is that the trait matches the trait given in the pointer type, i.e. a *const dyn Debug that points to a vtable for Display is UB.
|
@rust-lang/opsem / @RalfJung: In looking carefully at this on the rustdocs call, we realized it might be helpful, both to us and when the lang teams takes this up, if someone might be able annotate the changes here (e.g. using the GH review features), with some explanation for each of these (e.g. "this was incorrect because...", "this was already true because we had said...", "we're adding this guarantee here because..."). |
RalfJung
force-pushed
the
wide-ptr-meta
branch
2 times, most recently
from
46bcc6c
to
091b2f2
Compare
RalfJung
commented
Jun 19, 2024
src/behavior-considered-undefined.md
Outdated
| * Invalid metadata in a wide reference, `Box<T>`, or raw pointer: | ||
| * A reference or `Box<T>` that is [dangling], misaligned, or points to an invalid value | ||
| (using the actual dynamic type of the pointee as determined by the vtable in | ||
| the metadata in case of dynamically sized types). |
There was a problem hiding this comment.
This does not change anything, it clarifies what the pointed-to value is in case of e.g. &dyn Trait.
| (using the actual dynamic type of the pointee as determined by the vtable in | ||
| the metadata in case of dynamically sized types). | ||
| * Invalid metadata in a wide reference, `Box<T>`, or raw pointer. The requirement | ||
| for the metadata is determined by the type of the unsized tail: |
There was a problem hiding this comment.
Another piece of clarification, previously we were not very clear on what the metadata requirements are for types like (u32, [u32]): we spoke about "slice metadata" and the fact that this covered all types whose unsized tail is a slice was left implicit. Now it is explicit.
| * A reference or `Box<T>` that is [dangling], misaligned, or points to an invalid value. | ||
| * Invalid metadata in a wide reference, `Box<T>`, or raw pointer: | ||
| * `dyn Trait` metadata is invalid if it is not a pointer to a vtable for | ||
| `Trait` that matches the actual dynamic trait the pointer or reference points to. |
There was a problem hiding this comment.
"that matches the actual dynamic trait" was clearly nonsense. Also this is now moved to the "points to an invalid value" point since it's not about the metadata, it's about using the metadata to keep going recursively through the reference.
| (i.e., it must not be read from uninitialized memory). | ||
| Furthermore, for wide references and `Box<T>`, slice metadata is invalid | ||
| if it makes the total size of the pointed-to value bigger than `isize::MAX`. |
There was a problem hiding this comment.
This is the only actual change, decided in rust-lang/unsafe-code-guidelines#510.
|
Note that the PR has two commits; it may help to consider them separately. |
tmandry
approved these changes
Jul 3, 2024
|
Starting a lang RFC so it's officially approved, and we can use that to update docs elsewhere following this. @rfcbot fcp merge |
|
Team member @scottmcm has proposed to merge this. The next step is review by the rest of the tagged team members: No concerns currently listed. Once a majority of reviewers approve (and at most 2 approvals are outstanding), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up! cc @rust-lang/lang-advisors: FCP proposed for lang, please feel free to register concerns. |
|
@rfcbot reviewed |
|
🔔 This is now entering its final comment period, as per the review above. 🔔 psst @scottmcm, I wasn't able to add the |
|
@rustbot labels -I-lang-nominated +final-comment-period This is now in FCP so we can unnominate. |
|
The final comment period, with a disposition to merge, as per the review above, is now complete. As the automated representative of the governance process, I would like to thank the author for their work and everyone else who contributed. This will be merged soon. psst @scottmcm, I wasn't able to add the |
ehuss
approved these changes
Jul 13, 2024
matthiaskrgr
added a commit
to matthiaskrgr/rust
that referenced
this pull request
Jul 15, 2024
Update books ## rust-lang/book 3 commits in f1e49bf7a8ea6c31ce016a52b8a4f6e1ffcfbc64..67fa536768013d9d5a13f3a06790521d511ef711 2024-07-12 21:21:45 UTC to 2024-07-05 17:35:06 UTC - Use Rust 2021 Edition for mdBook (rust-lang/book#3974) - Backport changes to chapter 11 (rust-lang/book#3969) - Upgrade to Rust 1.79.0 (rust-lang/book#3968) ## rust-lang/edition-guide 2 commits in 941db8b3df45fd46cd87b50a5c86714b91dcde9c..5454de3d12b9ccc6375b629cf7ccda8264640aac 2024-07-14 07:06:34 UTC to 2024-07-12 06:05:29 UTC - Update timeline etc. for Rust 2024 - 2024: Add note about never_type_fallback_flowing_into_unsafe lint level. (rust-lang/edition-guide#311) ## rust-embedded/book 1 commits in b10c6acaf0f43481f6600e95d4b5013446e29f7a..019f3928d8b939ec71b63722dcc2e46330156441 2024-07-11 17:46:10 UTC to 2024-07-11 17:46:10 UTC - typo on tooling.md (rust-embedded/book#373) ## rust-lang/reference 9 commits in 1ae3deebc3ac16e276b6558e01420f8e605def08..e2f0bdc4031866734661dcdb548184bde1450baf 2024-06-29 16:59:51 +0000 to 2024-07-15 17:52:44 +0000 - Suppress type length limit test and note that it is not enforced (rust-lang/reference#1527) - elaborate on slice wide pointer metadata (rust-lang/reference#1499) - '.inst' in inline-assembly changed to '.insn' (rust-lang/reference#1453) - Clarify that `asm!` blocks can be duplicated or deduplicated by the compiler (rust-lang/reference#1441) - Add mdbook-spec (rust-lang/reference#1520) - Add note about static libraries not linking their dependencies (rust-lang/reference#1472) - more explicitly explain the UB around immutable extern statics (rust-lang/reference#1502) - Improvements to `items/functions.md` (rust-lang/reference#1458) - Enable mdbook smart-punctuation. (rust-lang/reference#1516) ## rust-lang/rust-by-example 1 commits in 658c6c27cb975b92227936024816986c2d3716fb..89aecb6951b77bc746da73df8c9f2b2ceaad494a 2024-07-11 12:33:43 UTC to 2024-07-11 12:33:43 UTC - Update option_result.md (rust-lang/rust-by-example#1864) ## rust-lang/rustc-dev-guide 6 commits in d6e3a32a557db5902e714604def8015d6bb7e0f7..0c4d55cb59fe440d1a630e4e5774d043968edb3f 2024-07-15 15:16:43 UTC to 2024-07-01 19:05:14 UTC - Improve documentation of MIR queries & passes (rust-lang/rustc-dev-guide#1434) - Bump dependencies for date-check tool (rust-lang/rustc-dev-guide#2012) - Fix typo: lists -> lints (rust-lang/rustc-dev-guide#2011) - use "bootstrap" instead of "rustbuild" (rust-lang/rustc-dev-guide#2010) - Fix grammar issue in optimize-build.md (rust-lang/rustc-dev-guide#2009) - Update name of Fuchsia builder (rust-lang/rustc-dev-guide#2008)
matthiaskrgr
added a commit
to matthiaskrgr/rust
that referenced
this pull request
Jul 15, 2024
Update books ## rust-lang/book 3 commits in f1e49bf7a8ea6c31ce016a52b8a4f6e1ffcfbc64..67fa536768013d9d5a13f3a06790521d511ef711 2024-07-12 21:21:45 UTC to 2024-07-05 17:35:06 UTC - Use Rust 2021 Edition for mdBook (rust-lang/book#3974) - Backport changes to chapter 11 (rust-lang/book#3969) - Upgrade to Rust 1.79.0 (rust-lang/book#3968) ## rust-lang/edition-guide 2 commits in 941db8b3df45fd46cd87b50a5c86714b91dcde9c..5454de3d12b9ccc6375b629cf7ccda8264640aac 2024-07-14 07:06:34 UTC to 2024-07-12 06:05:29 UTC - Update timeline etc. for Rust 2024 - 2024: Add note about never_type_fallback_flowing_into_unsafe lint level. (rust-lang/edition-guide#311) ## rust-embedded/book 1 commits in b10c6acaf0f43481f6600e95d4b5013446e29f7a..019f3928d8b939ec71b63722dcc2e46330156441 2024-07-11 17:46:10 UTC to 2024-07-11 17:46:10 UTC - typo on tooling.md (rust-embedded/book#373) ## rust-lang/reference 9 commits in 1ae3deebc3ac16e276b6558e01420f8e605def08..e2f0bdc4031866734661dcdb548184bde1450baf 2024-06-29 16:59:51 +0000 to 2024-07-15 17:52:44 +0000 - Suppress type length limit test and note that it is not enforced (rust-lang/reference#1527) - elaborate on slice wide pointer metadata (rust-lang/reference#1499) - '.inst' in inline-assembly changed to '.insn' (rust-lang/reference#1453) - Clarify that `asm!` blocks can be duplicated or deduplicated by the compiler (rust-lang/reference#1441) - Add mdbook-spec (rust-lang/reference#1520) - Add note about static libraries not linking their dependencies (rust-lang/reference#1472) - more explicitly explain the UB around immutable extern statics (rust-lang/reference#1502) - Improvements to `items/functions.md` (rust-lang/reference#1458) - Enable mdbook smart-punctuation. (rust-lang/reference#1516) ## rust-lang/rust-by-example 1 commits in 658c6c27cb975b92227936024816986c2d3716fb..89aecb6951b77bc746da73df8c9f2b2ceaad494a 2024-07-11 12:33:43 UTC to 2024-07-11 12:33:43 UTC - Update option_result.md (rust-lang/rust-by-example#1864) ## rust-lang/rustc-dev-guide 6 commits in d6e3a32a557db5902e714604def8015d6bb7e0f7..0c4d55cb59fe440d1a630e4e5774d043968edb3f 2024-07-15 15:16:43 UTC to 2024-07-01 19:05:14 UTC - Improve documentation of MIR queries & passes (rust-lang/rustc-dev-guide#1434) - Bump dependencies for date-check tool (rust-lang/rustc-dev-guide#2012) - Fix typo: lists -> lints (rust-lang/rustc-dev-guide#2011) - use "bootstrap" instead of "rustbuild" (rust-lang/rustc-dev-guide#2010) - Fix grammar issue in optimize-build.md (rust-lang/rustc-dev-guide#2009) - Update name of Fuchsia builder (rust-lang/rustc-dev-guide#2008)
tgross35
added a commit
to tgross35/rust
that referenced
this pull request
Jul 16, 2024
Update books ## rust-lang/book 3 commits in f1e49bf7a8ea6c31ce016a52b8a4f6e1ffcfbc64..67fa536768013d9d5a13f3a06790521d511ef711 2024-07-12 21:21:45 UTC to 2024-07-05 17:35:06 UTC - Use Rust 2021 Edition for mdBook (rust-lang/book#3974) - Backport changes to chapter 11 (rust-lang/book#3969) - Upgrade to Rust 1.79.0 (rust-lang/book#3968) ## rust-lang/edition-guide 2 commits in 941db8b3df45fd46cd87b50a5c86714b91dcde9c..5454de3d12b9ccc6375b629cf7ccda8264640aac 2024-07-14 07:06:34 UTC to 2024-07-12 06:05:29 UTC - Update timeline etc. for Rust 2024 - 2024: Add note about never_type_fallback_flowing_into_unsafe lint level. (rust-lang/edition-guide#311) ## rust-embedded/book 1 commits in b10c6acaf0f43481f6600e95d4b5013446e29f7a..019f3928d8b939ec71b63722dcc2e46330156441 2024-07-11 17:46:10 UTC to 2024-07-11 17:46:10 UTC - typo on tooling.md (rust-embedded/book#373) ## rust-lang/reference 9 commits in 1ae3deebc3ac16e276b6558e01420f8e605def08..e2f0bdc4031866734661dcdb548184bde1450baf 2024-06-29 16:59:51 +0000 to 2024-07-15 17:52:44 +0000 - Suppress type length limit test and note that it is not enforced (rust-lang/reference#1527) - elaborate on slice wide pointer metadata (rust-lang/reference#1499) - '.inst' in inline-assembly changed to '.insn' (rust-lang/reference#1453) - Clarify that `asm!` blocks can be duplicated or deduplicated by the compiler (rust-lang/reference#1441) - Add mdbook-spec (rust-lang/reference#1520) - Add note about static libraries not linking their dependencies (rust-lang/reference#1472) - more explicitly explain the UB around immutable extern statics (rust-lang/reference#1502) - Improvements to `items/functions.md` (rust-lang/reference#1458) - Enable mdbook smart-punctuation. (rust-lang/reference#1516) ## rust-lang/rust-by-example 1 commits in 658c6c27cb975b92227936024816986c2d3716fb..89aecb6951b77bc746da73df8c9f2b2ceaad494a 2024-07-11 12:33:43 UTC to 2024-07-11 12:33:43 UTC - Update option_result.md (rust-lang/rust-by-example#1864) ## rust-lang/rustc-dev-guide 6 commits in d6e3a32a557db5902e714604def8015d6bb7e0f7..0c4d55cb59fe440d1a630e4e5774d043968edb3f 2024-07-15 15:16:43 UTC to 2024-07-01 19:05:14 UTC - Improve documentation of MIR queries & passes (rust-lang/rustc-dev-guide#1434) - Bump dependencies for date-check tool (rust-lang/rustc-dev-guide#2012) - Fix typo: lists -> lints (rust-lang/rustc-dev-guide#2011) - use "bootstrap" instead of "rustbuild" (rust-lang/rustc-dev-guide#2010) - Fix grammar issue in optimize-build.md (rust-lang/rustc-dev-guide#2009) - Update name of Fuchsia builder (rust-lang/rustc-dev-guide#2008)
tgross35
added a commit
to tgross35/rust
that referenced
this pull request
Jul 16, 2024
Update books ## rust-lang/book 3 commits in f1e49bf7a8ea6c31ce016a52b8a4f6e1ffcfbc64..67fa536768013d9d5a13f3a06790521d511ef711 2024-07-12 21:21:45 UTC to 2024-07-05 17:35:06 UTC - Use Rust 2021 Edition for mdBook (rust-lang/book#3974) - Backport changes to chapter 11 (rust-lang/book#3969) - Upgrade to Rust 1.79.0 (rust-lang/book#3968) ## rust-lang/edition-guide 2 commits in 941db8b3df45fd46cd87b50a5c86714b91dcde9c..5454de3d12b9ccc6375b629cf7ccda8264640aac 2024-07-14 07:06:34 UTC to 2024-07-12 06:05:29 UTC - Update timeline etc. for Rust 2024 - 2024: Add note about never_type_fallback_flowing_into_unsafe lint level. (rust-lang/edition-guide#311) ## rust-embedded/book 1 commits in b10c6acaf0f43481f6600e95d4b5013446e29f7a..019f3928d8b939ec71b63722dcc2e46330156441 2024-07-11 17:46:10 UTC to 2024-07-11 17:46:10 UTC - typo on tooling.md (rust-embedded/book#373) ## rust-lang/reference 9 commits in 1ae3deebc3ac16e276b6558e01420f8e605def08..e2f0bdc4031866734661dcdb548184bde1450baf 2024-06-29 16:59:51 +0000 to 2024-07-15 17:52:44 +0000 - Suppress type length limit test and note that it is not enforced (rust-lang/reference#1527) - elaborate on slice wide pointer metadata (rust-lang/reference#1499) - '.inst' in inline-assembly changed to '.insn' (rust-lang/reference#1453) - Clarify that `asm!` blocks can be duplicated or deduplicated by the compiler (rust-lang/reference#1441) - Add mdbook-spec (rust-lang/reference#1520) - Add note about static libraries not linking their dependencies (rust-lang/reference#1472) - more explicitly explain the UB around immutable extern statics (rust-lang/reference#1502) - Improvements to `items/functions.md` (rust-lang/reference#1458) - Enable mdbook smart-punctuation. (rust-lang/reference#1516) ## rust-lang/rust-by-example 1 commits in 658c6c27cb975b92227936024816986c2d3716fb..89aecb6951b77bc746da73df8c9f2b2ceaad494a 2024-07-11 12:33:43 UTC to 2024-07-11 12:33:43 UTC - Update option_result.md (rust-lang/rust-by-example#1864) ## rust-lang/rustc-dev-guide 6 commits in d6e3a32a557db5902e714604def8015d6bb7e0f7..0c4d55cb59fe440d1a630e4e5774d043968edb3f 2024-07-15 15:16:43 UTC to 2024-07-01 19:05:14 UTC - Improve documentation of MIR queries & passes (rust-lang/rustc-dev-guide#1434) - Bump dependencies for date-check tool (rust-lang/rustc-dev-guide#2012) - Fix typo: lists -> lints (rust-lang/rustc-dev-guide#2011) - use "bootstrap" instead of "rustbuild" (rust-lang/rustc-dev-guide#2010) - Fix grammar issue in optimize-build.md (rust-lang/rustc-dev-guide#2009) - Update name of Fuchsia builder (rust-lang/rustc-dev-guide#2008)
rust-timer
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Jul 16, 2024
Rollup merge of rust-lang#127770 - rustbot:docs-update, r=ehuss Update books ## rust-lang/book 3 commits in f1e49bf7a8ea6c31ce016a52b8a4f6e1ffcfbc64..67fa536768013d9d5a13f3a06790521d511ef711 2024-07-12 21:21:45 UTC to 2024-07-05 17:35:06 UTC - Use Rust 2021 Edition for mdBook (rust-lang/book#3974) - Backport changes to chapter 11 (rust-lang/book#3969) - Upgrade to Rust 1.79.0 (rust-lang/book#3968) ## rust-lang/edition-guide 2 commits in 941db8b3df45fd46cd87b50a5c86714b91dcde9c..5454de3d12b9ccc6375b629cf7ccda8264640aac 2024-07-14 07:06:34 UTC to 2024-07-12 06:05:29 UTC - Update timeline etc. for Rust 2024 - 2024: Add note about never_type_fallback_flowing_into_unsafe lint level. (rust-lang/edition-guide#311) ## rust-embedded/book 1 commits in b10c6acaf0f43481f6600e95d4b5013446e29f7a..019f3928d8b939ec71b63722dcc2e46330156441 2024-07-11 17:46:10 UTC to 2024-07-11 17:46:10 UTC - typo on tooling.md (rust-embedded/book#373) ## rust-lang/reference 9 commits in 1ae3deebc3ac16e276b6558e01420f8e605def08..e2f0bdc4031866734661dcdb548184bde1450baf 2024-06-29 16:59:51 +0000 to 2024-07-15 17:52:44 +0000 - Suppress type length limit test and note that it is not enforced (rust-lang/reference#1527) - elaborate on slice wide pointer metadata (rust-lang/reference#1499) - '.inst' in inline-assembly changed to '.insn' (rust-lang/reference#1453) - Clarify that `asm!` blocks can be duplicated or deduplicated by the compiler (rust-lang/reference#1441) - Add mdbook-spec (rust-lang/reference#1520) - Add note about static libraries not linking their dependencies (rust-lang/reference#1472) - more explicitly explain the UB around immutable extern statics (rust-lang/reference#1502) - Improvements to `items/functions.md` (rust-lang/reference#1458) - Enable mdbook smart-punctuation. (rust-lang/reference#1516) ## rust-lang/rust-by-example 1 commits in 658c6c27cb975b92227936024816986c2d3716fb..89aecb6951b77bc746da73df8c9f2b2ceaad494a 2024-07-11 12:33:43 UTC to 2024-07-11 12:33:43 UTC - Update option_result.md (rust-lang/rust-by-example#1864) ## rust-lang/rustc-dev-guide 6 commits in d6e3a32a557db5902e714604def8015d6bb7e0f7..0c4d55cb59fe440d1a630e4e5774d043968edb3f 2024-07-15 15:16:43 UTC to 2024-07-01 19:05:14 UTC - Improve documentation of MIR queries & passes (rust-lang/rustc-dev-guide#1434) - Bump dependencies for date-check tool (rust-lang/rustc-dev-guide#2012) - Fix typo: lists -> lints (rust-lang/rustc-dev-guide#2011) - use "bootstrap" instead of "rustbuild" (rust-lang/rustc-dev-guide#2010) - Fix grammar issue in optimize-build.md (rust-lang/rustc-dev-guide#2009) - Update name of Fuchsia builder (rust-lang/rustc-dev-guide#2008)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As decided in rust-lang/unsafe-code-guidelines#510