From 2826ff51609e77eb9ba5cc397105f8c00fed1a07 Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Fri, 17 Jul 2020 16:14:11 +0200 Subject: [PATCH 1/4] clarify when reading uninititalized memory is allowed --- src/behavior-considered-undefined.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/behavior-considered-undefined.md b/src/behavior-considered-undefined.md index d2488591c..07390941b 100644 --- a/src/behavior-considered-undefined.md +++ b/src/behavior-considered-undefined.md @@ -57,6 +57,11 @@ code. > **Note**: `rustc` achieves this with the unstable > `rustc_layout_scalar_valid_range_*` attributes. +Note that uninitialized memory is also implicitly invalid for any type that has +a restricted set of valid values. In other words, the only cases in which +reading uninitialized memory is permitted is inside `union`s, and between the +fields of a compound type (in the "padding"). + A reference/pointer is "dangling" if it is null or not all of the bytes it points to are part of the same allocation (so in particular they all have to be part of *some* allocation). The span of bytes it points to is determined by the From 2275cde5e9de0c5984a055d66d36d14b52ff00ad Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Tue, 1 Sep 2020 14:45:30 +0200 Subject: [PATCH 2/4] Apply suggestions from code review Co-authored-by: Ryan Scheel --- src/behavior-considered-undefined.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/behavior-considered-undefined.md b/src/behavior-considered-undefined.md index 07390941b..65890f639 100644 --- a/src/behavior-considered-undefined.md +++ b/src/behavior-considered-undefined.md @@ -57,9 +57,9 @@ code. > **Note**: `rustc` achieves this with the unstable > `rustc_layout_scalar_valid_range_*` attributes. -Note that uninitialized memory is also implicitly invalid for any type that has -a restricted set of valid values. In other words, the only cases in which -reading uninitialized memory is permitted is inside `union`s, and between the +**Note:** Uninitialized memory is also implicitly invalid for any type that has +a restricted set of valid values. In other words, the only cases in which +reading uninitialized memory is permitted is inside `union`s and between the fields of a compound type (in the "padding"). A reference/pointer is "dangling" if it is null or not all of the bytes it From 26211c4c198d53ef5f2c5d394428e6e7a411b5ed Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Tue, 1 Sep 2020 14:48:25 +0200 Subject: [PATCH 3/4] explain 'padding' differently --- src/behavior-considered-undefined.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/behavior-considered-undefined.md b/src/behavior-considered-undefined.md index 65890f639..79ea99161 100644 --- a/src/behavior-considered-undefined.md +++ b/src/behavior-considered-undefined.md @@ -59,8 +59,8 @@ code. **Note:** Uninitialized memory is also implicitly invalid for any type that has a restricted set of valid values. In other words, the only cases in which -reading uninitialized memory is permitted is inside `union`s and between the -fields of a compound type (in the "padding"). +reading uninitialized memory is permitted is inside `union`s and in "padding" +(the gaps between the fields/elements of a type). A reference/pointer is "dangling" if it is null or not all of the bytes it points to are part of the same allocation (so in particular they all have to be From 8aa6f0f5471a23621f52d16e823c6316fda2b904 Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Wed, 2 Sep 2020 08:58:18 +0200 Subject: [PATCH 4/4] fix grammar Co-authored-by: Ryan Scheel --- src/behavior-considered-undefined.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/behavior-considered-undefined.md b/src/behavior-considered-undefined.md index 79ea99161..f1ad30ada 100644 --- a/src/behavior-considered-undefined.md +++ b/src/behavior-considered-undefined.md @@ -59,7 +59,7 @@ code. **Note:** Uninitialized memory is also implicitly invalid for any type that has a restricted set of valid values. In other words, the only cases in which -reading uninitialized memory is permitted is inside `union`s and in "padding" +reading uninitialized memory is permitted are inside `union`s and in "padding" (the gaps between the fields/elements of a type). A reference/pointer is "dangling" if it is null or not all of the bytes it