Skip to content

Commit c0c2fb2

Browse files
RalfJungRalfJung
committed
UB: update the extra clause for provenance UB during const evaluation
1 parent 9753ddb commit c0c2fb2

File tree

1 file changed

+9
-7
lines changed

1 file changed

+9
-7
lines changed

src/behavior-considered-undefined.md

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -76,13 +76,6 @@ r[undefined.asm]
7676
* Incorrect use of inline assembly. For more details, refer to the [rules] to
7777
follow when writing code that uses inline assembly.
7878

79-
r[undefined.const-transmute-ptr2int]
80-
* **In [const context](const_eval.md#const-context)**: transmuting or otherwise
81-
reinterpreting a pointer (reference, raw pointer, or function pointer) into
82-
some allocation as a non-pointer type (such as integers).
83-
'Reinterpreting' refers to loading the pointer value at integer type without a
84-
cast, e.g. by doing raw pointer casts or using a union.
85-
8679
r[undefined.runtime]
8780
* Violating assumptions of the Rust runtime. Most assumptions of the Rust runtime are currently not explicitly documented.
8881
* For assumptions specifically related to unwinding, see the [panic documentation][unwinding-ffi].
@@ -221,6 +214,15 @@ r[undefined.validity.valid-range]
221214
> [!NOTE]
222215
> `rustc` achieves this with the unstable `rustc_layout_scalar_valid_range_*` attributes.
223216
217+
r[undefined.validity.const-provenance]
218+
* **In [const context](const_eval.md#const-context)**: In addition to what is described above,
219+
further provenance-related requirements apply during const evaluation.
220+
Any value that holds pure integer data (the `i*`/`u*`/`f*` types as well as `bool` and `char`, enum discriminants, and slice metadata) must not carry any provenance.
221+
Any value that holds pointer data (references, raw pointers, function pointers, and `dyn Trait` metadata) must either carry no provenance,
222+
or all bytes must be fragments of the same original pointer value in the correct order.
223+
224+
This implies that transmuting or otherwise reinterpreting a pointer (reference, raw pointer, or function pointer) into a non-pointer type (such as integers) is Undefined Behavior if the pointer had provenance.
225+
224226
r[undefined.validity.undef]
225227
**Note:** Uninitialized memory is also implicitly invalid for any type that has
226228
a restricted set of valid values. In other words, the only cases in which

0 commit comments

Comments
 (0)