Google Git
Sign in
fuchsia / third_party / github.com / rust-lang / rust / ab9e0a72ef51122a1b0bbf88b7e738baaccf68d6
commitab9e0a72ef51122a1b0bbf88b7e738baaccf68d6[log] [tgz]
authorLeón Orell Valerian Liehr <me@fmease.dev>Wed May 22 23:41:11 2024 +0200
committerGitHub <noreply@github.com>Wed May 22 23:41:11 2024 +0200
treed70f08cc26aa14bb0cdf2000a0f84236d583073f
parent22f5bdc42b06e0719eda6e3e23f28fe5493b2305 [diff]
parent7c76eec30ff6cdb00b234896f6e0c5b76ef7143f [diff]
Rollup merge of #125043 - RalfJung:ref-type-safety-invariant, r=scottmcm

reference type safety invariant docs: clarification

The old text could have been read as saying that you can call a function if these requirements are upheld, which is definitely not true as they are an underapproximation of the actual safety invariant.

I removed the part about functions relaxing the requirements via their documentation... this seems incoherent with saying that it may actually be unsound to ever temporarily violate the requirement. Furthermore, a function *cannot* just relax this for its return value, that would in general be unsound. And the part about "unsafe code in a safe function may assume these invariants are ensured of arguments passed by the caller" also interacts with relaxing things: clearly, if the invariant has been relaxed, unsafe code cannot rely on it any more. There may be a place to give general guidance on what kinds of function contracts can exist, but the reference type is definitely not the right place to write that down.

I also took a clarification from https://github.com/rust-lang/rust/pull/121965 that is orthogonal to the rest of that PR.

Cc ```@joshlf``` ```@scottmcm```
tree: d70f08cc26aa14bb0cdf2000a0f84236d583073f
  1. .github/
  2. .reuse/
  3. compiler/
  4. library/
  5. LICENSES/
  6. src/
  7. tests/
  8. .editorconfig
  9. .git-blame-ignore-revs
  10. .gitattributes
  11. .gitignore
  12. .gitmodules
  13. .mailmap
  14. Cargo.lock
  15. Cargo.toml
  16. CODE_OF_CONDUCT.md
  17. config.example.toml
  18. configure
  19. CONTRIBUTING.md
  20. COPYRIGHT
  21. INSTALL.md
  22. LICENSE-APACHE
  23. LICENSE-MIT
  24. README.md
  25. RELEASES.md
  26. rust-bors.toml
  27. rustfmt.toml
  28. triagebot.toml
  29. x
  30. x.ps1
  31. x.py
README.md

Website | Getting started | Learn | Documentation | Contributing

This is the main source code repository for Rust. It contains the compiler, standard library, and documentation.

Why Rust?

  • Performance: Fast and memory-efficient, suitable for critical services, embedded devices, and easily integrate with other languages.

  • Reliability: Our rich type system and ownership model ensure memory and thread safety, reducing bugs at compile-time.

  • Productivity: Comprehensive documentation, a compiler committed to providing great diagnostics, and advanced tooling including package manager and build tool (Cargo), auto-formatter (rustfmt), linter (Clippy) and editor support (rust-analyzer).

Quick Start

Read “Installation” from The Book.

Installing from Source

If you really want to install from source (though this is not recommended), see INSTALL.md.

Getting Help

See https://www.rust-lang.org/community for a list of chat platforms and forums.

Contributing

See CONTRIBUTING.md.

License

Rust is primarily distributed under the terms of both the MIT license and the Apache License (Version 2.0), with portions covered by various BSD-like licenses.

See LICENSE-APACHE, LICENSE-MIT, and COPYRIGHT for details.

Trademark

The Rust Foundation owns and protects the Rust and Cargo trademarks and logos (the “Rust Trademarks”).

If you want to use these names or brands, please read the media guide.

Third-party logos may be subject to third-party copyrights and trademarks. See Licenses for details.