From 321de979d8734d87629933fa37e6db6416ff3132 Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Tue, 28 Oct 2014 18:31:09 -0400 Subject: [PATCH 1/3] reference: note the existence of UnsafeCell --- src/doc/reference.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/doc/reference.md b/src/doc/reference.md index 11bf895341b..1a3365a86b7 100644 --- a/src/doc/reference.md +++ b/src/doc/reference.md @@ -1152,7 +1152,7 @@ exposing an API making it possible for it to occur in safe code. * Data races * Dereferencing a null/dangling raw pointer -* Mutating an immutable value/reference +* Mutating an immutable value/reference without `UnsafeCell` * Reads of [undef](http://llvm.org/docs/LangRef.html#undefined-values) (uninitialized) memory * Breaking the [pointer aliasing From 768a7e1a4a891191f3653cebc223dfad0e8b875c Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Tue, 28 Oct 2014 18:36:43 -0400 Subject: [PATCH 2/3] reference: slices are now regular types --- src/doc/reference.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/doc/reference.md b/src/doc/reference.md index 1a3365a86b7..cfa69cdfd49 100644 --- a/src/doc/reference.md +++ b/src/doc/reference.md @@ -1165,7 +1165,7 @@ exposing an API making it possible for it to occur in safe code. * Using `std::ptr::copy_nonoverlapping_memory` (`memcpy32`/`memcpy64` instrinsics) on overlapping buffers * Invalid values in primitive types, even in private fields/locals: - * Dangling/null pointers in non-raw pointers, or slices + * Dangling/null references or boxes * A value other than `false` (0) or `true` (1) in a `bool` * A discriminant in an `enum` not included in the type definition * A value in a `char` which is a surrogate or above `char::MAX` From 8a719255589bcbc82c961e051f09678b524f4149 Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Tue, 28 Oct 2014 18:46:27 -0400 Subject: [PATCH 3/3] reference: document unwinding unsafety issues --- src/doc/reference.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/doc/reference.md b/src/doc/reference.md index cfa69cdfd49..7f410b7fd93 100644 --- a/src/doc/reference.md +++ b/src/doc/reference.md @@ -1170,6 +1170,9 @@ exposing an API making it possible for it to occur in safe code. * A discriminant in an `enum` not included in the type definition * A value in a `char` which is a surrogate or above `char::MAX` * non-UTF-8 byte sequences in a `str` +* Unwinding into Rust from foreign code or unwinding from Rust into foreign + code. Rust's failure system is not compatible with exception handling in + other languages. Unwinding must be caught and handled at FFI boundaries. ##### Behaviour not considered unsafe