Address WaffleLapkin's comments · qinheping/verify-rust-std@84d77be (original) (raw)

`@@ -15,7 +15,7 @@ use crate::ptr;

`

15

15

`` /// that a ManuallyDrop<T> whose content has been dropped must not be exposed

``

16

16

`` /// through a public safe API. Correspondingly, ManuallyDrop::drop is unsafe.

``

17

17

`///

`

18

``

`` -

/// # ManuallyDrop and drop order.

``

``

18

`` +

/// # ManuallyDrop and drop order

``

19

19

`///

`

20

20

`/// Rust has a well-defined [drop order] of values. To make sure that fields or

`

21

21

`/// locals are dropped in a specific order, reorder the declarations such that

`

`@@ -39,7 +39,7 @@ use crate::ptr;

`

39

39

`/// }

`

40

40

```` /// ```


`41`

`41`

`///

`

`42`

``

`` -

/// # Interaction with `Box`.

``

``

`42`

`` +

/// # Interaction with `Box`

``

`43`

`43`

`///

`

`44`

`44`

`` /// Currently, once the `Box<T>` inside a `ManuallyDrop<Box<T>>` is dropped,

``

`45`

`45`

`` /// moving the `ManuallyDrop<Box<T>>` is [considered to be undefined

``

`@@ -56,16 +56,17 @@ use crate::ptr;

`

`56`

`56`

`/// let y = x; // Undefined behavior!

`

`57`

`57`

```` /// ```

58

58

`///

`

59

``

`-

/// This may change in the future. In the meantime, consider using

`

60

``

`` -

/// [MaybeUninit] instead.

``

``

59

`+

/// This is [likely to change in the

`

``

60

`+

/// future](https://rust-lang.github.io/rfcs/3336-maybe-dangling.html). In the

`

``

61

`` +

/// meantime, consider using [MaybeUninit] instead.

``

61

62

`///

`

62

``

`` -

/// # Safety hazards when storing ManuallyDrop in a struct / enum.

``

``

63

`` +

/// # Safety hazards when storing ManuallyDrop in a struct or an enum.

``

63

64

`///

`

64

65

`/// Special care is needed when all of the conditions below are met:

`

65

66

`` /// * A field of a struct or enum is a ManuallyDrop or contains a

``

66

67

`` /// ManuallyDrop, without the ManuallyDrop being inside a union.

``

67

``

`-

/// * The struct or enum is part of public API, or is stored in a struct or enum

`

68

``

`-

/// that is part of public API.

`

``

68

`+

/// * The struct or enum is part of public API, or is stored in a struct or an

`

``

69

`+

/// enum that is part of public API.

`

69

70

`` /// * There is code outside of a Drop implementation that calls

``

70

71

`` /// [ManuallyDrop::drop] or [ManuallyDrop::take] on the ManuallyDrop

``

71

72

`/// field.

`

`@@ -120,14 +121,15 @@ use crate::ptr;

`

120

121

```` /// ```no_run

````

121

122

`/// use std::mem::ManuallyDrop;

`

122

123

`///

`

123

``

`-

/// #[derive(Debug)] // This is unsound!

`

``

124

`` +

/// // This derive is unsound in combination with the ManuallyDrop::drop call.

``

``

125

`+

/// #[derive(Debug)]

`

124

126

`/// pub struct Foo {

`

125

127

`/// value: ManuallyDrop,

`

126

128

`/// }

`

127

129

`/// impl Foo {

`

128

130

`/// pub fn new() -> Self {

`

129

131

`/// let mut temp = Self {

`

130

``

`-

/// value: ManuallyDrop::new(String::from("Unsafe rust is hard"))

`

``

132

`+

/// value: ManuallyDrop::new(String::from("Unsafe rust is hard."))

`

131

133

`/// };

`

132

134

`/// unsafe {

`

133

135

`` /// // SAFETY: value hasn't been dropped yet.

``