Primitive bit validity and padding guarantees#1292
Primitive bit validity and padding guarantees#1292joshlf wants to merge 2 commits intorust-lang:masterfrom
Conversation
Also fix a few typos.
|
Thanks for the PR! Can you say more about why it seems that this should be part of the layout chapter? My perspective is that the layout chapter is relevant to the alignment and padding of fields within a nominal type (and a few other circumstances), but the internal representation of a type is not relevant here. The types chapters defines what the valid bit patterns are (and by extension, the UB chapter explains invalid values and safety). I'm reluctant to define this multiple times, or go into details about what kind of transmutes are sound within the layout chapter. |
|
|
||
| ### Primitive Bit Validity and Padding | ||
|
|
||
| For each primitive type, `T`, in the preceding table other than `char`, any |
There was a problem hiding this comment.
| For each primitive type, `T`, in the preceding table other than `char`, any | |
| For each primitive type, `T`, in the preceding table other than `char` and `bool`, any |
| `transmute::<[u8; size_of::<T>()], T>(...)` is guaranteed to be sound. | ||
|
|
||
| Similarly, for each primitive type, `T`, in the preceding table (including | ||
| `char`), `T` contains no padding or otherwise uninitialized bytes. In other |
There was a problem hiding this comment.
| `char`), `T` contains no padding or otherwise uninitialized bytes. In other | |
| `char` and `bool`), `T` contains no padding or otherwise uninitialized bytes. In other |
| Similarly, for each primitive type, `T`, in the preceding table (including | ||
| `char`), `T` contains no padding or otherwise uninitialized bytes. In other | ||
| words, `transmute::<T, [u8; size_of::<T>()]>(...)` is guaranteed to be sound. | ||
|
|
There was a problem hiding this comment.
| #### `bool` Bit Validity | |
| A `bool`'s numerical value is guaranteed to be either 0x00 or 0x01, | |
| It is undefined behavior to construct a `bool` with a value outside | |
| this range. See the [`bool` docs][bool-docs] for more information. | |
| [`Sized`]: ../std/marker/trait.Sized.html | ||
| [`Copy`]: ../std/marker/trait.Copy.html | ||
| [dynamically sized types]: dynamically-sized-types.md | ||
| [char-docs]: ../std/primitive.char.html |
There was a problem hiding this comment.
| [char-docs]: ../std/primitive.char.html | |
| [bool-docs]: ../std/primitive.bool.html | |
| [char-docs]: ../std/primitive.char.html |
|
|
||
| Most primitives are generally aligned to their size, although this is | ||
| platform-specific behavior. In particular, on x86 u64 and f64 are only | ||
| platform-specific behavior. In particular, on x86, `u64` and `f64` are only |
There was a problem hiding this comment.
Hm, this phrasing struck me as potentially confusing, since "x86" is often used as a shorthand to refer to "x86-64". (I did a brief double take, at least.) Per Wikipedia's chronology, "IA-32" might be a more appropriate term:
| platform-specific behavior. In particular, on x86, `u64` and `f64` are only | |
| platform-specific behavior. In particular, on IA-32, `u64` and `f64` are only |
...but I think you're referring to target_arch value "x86" (which is distinct from x86_64). Rust inherits this shorthand from LLVM:
x86, // X86: i[3-9]86
...so you could instead disambiguate this by writing:
| platform-specific behavior. In particular, on x86, `u64` and `f64` are only | |
| platform-specific behavior. In particular, on `target_arch = x86` (which has a word size of 32 bits), `u64` and `f64` are only |
3 participants
Also fix a few typos.
Resolves #1291