Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a safety warning in ExactSizeIterator documentation #81739

Closed
Qwaz opened this issue Feb 4, 2021 · 0 comments · Fixed by #81742
Closed

Add a safety warning in ExactSizeIterator documentation #81739

Qwaz opened this issue Feb 4, 2021 · 0 comments · Fixed by #81742
Labels
A-docs Area: documentation for any part of the project, including the compiler, standard library, and tools A-iterators Area: Iterators C-enhancement Category: An issue proposing an enhancement or a PR with one. T-libs-api Relevant to the library API team, which will review and decide on the PR/issue.

Comments

@Qwaz
Copy link
Contributor

Qwaz commented Feb 4, 2021

ExactSizeIterator is a safe trait. Thus, unsafe code cannot rely on the correctness of size_hint() when it is related to the program safety. However, this trait seems to be used in the wild in such context, for example:
https://github.com/tiby312/reorder/blob/59ad9be6989de8eee948510b850851105ecad22e/src/lib.rs#L44-L57

I believe adding a warning about such misunderstanding like what is written in the read() document help prevent the future soundness bugs.
@sdroege sdroege mentioned this issue Feb 4, 2021
Merged
@camelid camelid added A-iterators Area: Iterators C-enhancement Category: An issue proposing an enhancement or a PR with one. A-docs Area: documentation for any part of the project, including the compiler, standard library, and tools T-libs-api Relevant to the library API team, which will review and decide on the PR/issue. labels Feb 4, 2021
GuillaumeGomez added a commit to GuillaumeGomez/rust that referenced this issue Feb 7, 2021
@GuillaumeGomez
Rollup merge of rust-lang#81742 - sdroege:exact-size-iterator-correct…
f706216 
…ness, r=kennytm

Add a note about the correctness and the effect on unsafe code to the `ExactSizeIterator` docs

As it is a safe trait it does not provide any guarantee that the
returned length is correct and as such unsafe code must not rely on it.

That's why `TrustedLen` exists.

Fixes rust-lang#81739
@bors bors closed this as completed in f436630 Feb 7, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-docs Area: documentation for any part of the project, including the compiler, standard library, and tools A-iterators Area: Iterators C-enhancement Category: An issue proposing an enhancement or a PR with one. T-libs-api Relevant to the library API team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
No milestone
2 participants
@Qwaz @camelid