Skip to content

Commit be589ef

Browse files
RalfJungRalfJung
committed
UB: update the extra clause for provenance UB during const evaluation
1 parent 9753ddb commit be589ef

File tree

1 file changed

+10
-8
lines changed

1 file changed

+10
-8
lines changed

src/behavior-considered-undefined.md

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -76,13 +76,6 @@ r[undefined.asm]
7676
* Incorrect use of inline assembly. For more details, refer to the [rules] to
7777
follow when writing code that uses inline assembly.
7878

79-
r[undefined.const-transmute-ptr2int]
80-
* **In [const context](const_eval.md#const-context)**: transmuting or otherwise
81-
reinterpreting a pointer (reference, raw pointer, or function pointer) into
82-
some allocation as a non-pointer type (such as integers).
83-
'Reinterpreting' refers to loading the pointer value at integer type without a
84-
cast, e.g. by doing raw pointer casts or using a union.
85-
8679
r[undefined.runtime]
8780
* Violating assumptions of the Rust runtime. Most assumptions of the Rust runtime are currently not explicitly documented.
8881
* For assumptions specifically related to unwinding, see the [panic documentation][unwinding-ffi].
@@ -119,7 +112,7 @@ the pointer that was dereferenced, *not* the type of the field that is being
119112
accessed.
120113

121114
r[undefined.misaligned.load-store]
122-
Note that a place based on a misaligned pointer only leads to Undefined Behavior
115+
Note that a place based on a misaligned pointer only leads to undefined behavior
123116
when it is loaded from or stored to.
124117

125118
r[undefined.misaligned.raw]
@@ -221,6 +214,15 @@ r[undefined.validity.valid-range]
221214
> [!NOTE]
222215
> `rustc` achieves this with the unstable `rustc_layout_scalar_valid_range_*` attributes.
223216
217+
r[undefined.validity.const-provenance]
218+
* **In [const context](const_eval.md#const-context)**: In addition to what is described above,
219+
further provenance-related requirements apply during const evaluation.
220+
Any value that holds pure integer data (the `i*`/`u*`/`f*` types as well as `bool` and `char`, enum discriminants, and slice metadata) must not carry any provenance.
221+
Any value that holds pointer data (references, raw pointers, function pointers, and `dyn Trait` metadata) must either carry no provenance,
222+
or all bytes must be fragments of the same original pointer value in the correct order.
223+
224+
This implies that transmuting or otherwise reinterpreting a pointer (reference, raw pointer, or function pointer) into a non-pointer type (such as integers) is undefined behavior if the pointer had provenance.
225+
224226
r[undefined.validity.undef]
225227
**Note:** Uninitialized memory is also implicitly invalid for any type that has
226228
a restricted set of valid values. In other words, the only cases in which

0 commit comments

Comments
 (0)