From 669d225e4f2747e78524f43c9932f23094d0ab4d Mon Sep 17 00:00:00 2001 From: Havvy Date: Wed, 27 Sep 2017 03:45:17 -0700 Subject: [PATCH] Improve verbiage of Behavior Considered Undefined * Add periods to the end of all list items, even sentence fragments * Remove the majority of parenteticals and improve flow. * Add moar links. * std::ptr::offset doesn't seem to exist? * Change link structure so all URLs are at bottom. * 80 character word wrap except for links. --- src/behavior-considered-undefined.md | 48 +++++++++++++++------------- 1 file changed, 25 insertions(+), 23 deletions(-) diff --git a/src/behavior-considered-undefined.md b/src/behavior-considered-undefined.md index 9fb3d7414829f..0c0972822d4b3 100644 --- a/src/behavior-considered-undefined.md +++ b/src/behavior-considered-undefined.md @@ -4,32 +4,34 @@ The following is a list of behavior which is forbidden in all Rust code, including within `unsafe` blocks and `unsafe` functions. Type checking provides the guarantee that these issues are never caused by safe code. -* Data races -* Dereferencing a null/dangling raw pointer -* Reads of [undef](http://llvm.org/docs/LangRef.html#undefined-values) - (uninitialized) memory -* Breaking the [pointer aliasing - rules](http://llvm.org/docs/LangRef.html#pointer-aliasing-rules) - on accesses through raw pointers (a subset of the rules used by C) +* Data races. +* Dereferencing a null or dangling raw pointer. +* Reads of [undef] \(uninitialized) memory. +* Breaking the [pointer aliasing rules] on accesses through raw pointers; + a subset of the rules used by C. * `&mut T` and `&T` follow LLVM’s scoped [noalias] model, except if the `&T` - contains an `UnsafeCell`. Unsafe code must not violate these aliasing - guarantees. -* Mutating non-mutable data (that is, data reached through a shared reference or - data owned by a `let` binding), unless that data is contained within an `UnsafeCell`. + contains an [`UnsafeCell`]. +* Mutating non-mutable data — that is, data reached through a shared + reference or data owned by a `let` binding), unless that data is contained + within an [`UnsafeCell`]. * Invoking undefined behavior via compiler intrinsics: - * Indexing outside of the bounds of an object with `std::ptr::offset` - (`offset` intrinsic), with - the exception of one byte past the end which is permitted. - * Using `std::ptr::copy_nonoverlapping_memory` (`memcpy32`/`memcpy64` - intrinsics) on overlapping buffers -* Invalid values in primitive types, even in private fields/locals: - * Dangling/null references or boxes - * A value other than `false` (0) or `true` (1) in a `bool` - * A discriminant in an `enum` not included in the type definition - * A value in a `char` which is a surrogate or above `char::MAX` - * Non-UTF-8 byte sequences in a `str` + * Indexing outside of the bounds of an object with [`offset`] with + the exception of one byte past the end of the object. + * Using [`std::ptr::copy_nonoverlapping_memory`], a.k.a. the `memcpy32`and + `memcpy64` intrinsics, on overlapping buffers. +* Invalid values in primitive types, even in private fields and locals: + * Dangling or null references and boxes. + * A value other than `false` (`0`) or `true` (`1`) in a `bool`. + * A discriminant in an `enum` not included in the type definition. + * A value in a `char` which is a surrogate or above `char::MAX`. + * Non-UTF-8 byte sequences in a `str`. * Unwinding into Rust from foreign code or unwinding from Rust into foreign - code. Rust's failure system is not compatible with exception handling in + code. Rust's panic system is not compatible with exception handling in other languages. Unwinding must be caught and handled at FFI boundaries. [noalias]: http://llvm.org/docs/LangRef.html#noalias +[pointer aliasing rules]: http://llvm.org/docs/LangRef.html#pointer-aliasing-rules +[undef]: http://llvm.org/docs/LangRef.html#undefined-values +[`offset`]: https://doc.rust-lang.org/std/primitive.pointer.html#method.offset +[`std::ptr::copy_nonoverlapping_memory`]: https://doc.rust-lang.org/std/ptr/fn.copy_nonoverlapping.html +[`UnsafeCell`]: https://doc.rust-lang.org/std/cell/struct.UnsafeCell.html \ No newline at end of file