elaborate on slice wide pointer metadata #1499
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -71,12 +71,16 @@ Please read the [Rustonomicon] before writing unsafe code. | |
| * A `!` (all values are invalid for this type). | ||
| * An integer (`i*`/`u*`), floating point value (`f*`), or raw pointer obtained | ||
| from [uninitialized memory][undef], or uninitialized memory in a `str`. | ||
| * A reference or `Box<T>` that is [dangling], misaligned, or points to an invalid value | ||
| (in case of dynamically sized types, using the actual dynamic type of the | ||
| pointee as determined by the metadata). | ||
| * Invalid metadata in a wide reference, `Box<T>`, or raw pointer. The requirement | ||
| for the metadata is determined by the type of the unsized tail: | ||
|
There was a problem hiding this comment. Another piece of clarification, previously we were not very clear on what the metadata requirements are for types like |
||
| * `dyn Trait` metadata is invalid if it is not a pointer to a vtable for `Trait`. | ||
| * Slice (`[T]`) metadata is invalid if the length is not a valid `usize` | ||
| (i.e., it must not be read from uninitialized memory). | ||
| Furthermore, for wide references and `Box<T>`, slice metadata is invalid | ||
| if it makes the total size of the pointed-to value bigger than `isize::MAX`. | ||
|
There was a problem hiding this comment. This is the only actual change, decided in rust-lang/unsafe-code-guidelines#510. |
||
| * Invalid values for a type with a custom definition of invalid values. | ||
| In the standard library, this affects [`NonNull<T>`] and [`NonZero*`]. | ||
|
|
||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"that matches the actual dynamic trait" was clearly nonsense. Also this is now moved to the "points to an invalid value" point since it's not about the metadata, it's about using the metadata to keep going recursively through the reference.