diff --git a/src/behavior-considered-undefined.md b/src/behavior-considered-undefined.md index 89c318a04..d2488591c 100644 --- a/src/behavior-considered-undefined.md +++ b/src/behavior-considered-undefined.md @@ -44,14 +44,13 @@ code. * A value in a `char` which is a surrogate or above `char::MAX`. * A `!` (all values are invalid for this type). * An integer (`i*`/`u*`), floating point value (`f*`), or raw pointer obtained - from [uninitialized memory][undef]. + from [uninitialized memory][undef], or uninitialized memory in a `str`. * A reference or `Box` that is dangling, unaligned, or points to an invalid value. * Invalid metadata in a wide reference, `Box`, or raw pointer: * `dyn Trait` metadata is invalid if it is not a pointer to a vtable for `Trait` that matches the actual dynamic trait the pointer or reference points to. * Slice metadata is invalid if the length is not a valid `usize` (i.e., it must not be read from uninitialized memory). - * Non-UTF-8 byte sequences in a `str`. * Invalid values for a type with a custom definition of invalid values. In the standard library, this affects [`NonNull`] and [`NonZero*`]. @@ -63,8 +62,8 @@ points to are part of the same allocation (so in particular they all have to be part of *some* allocation). The span of bytes it points to is determined by the pointer value and the size of the pointee type (using `size_of_val`). As a consequence, if the span is empty, "dangling" is the same as "non-null". Note -that slices point to their entire range, so it is important that the length -metadata is never too large. In particular, allocations and therefore slices +that slices and strings point to their entire range, so it is important that the length +metadata is never too large. In particular, allocations and therefore slices and strings cannot be bigger than `isize::MAX` bytes. > **Note**: Undefined behavior affects the entire program. For example, calling