diff --git a/src/behavior-not-considered-unsafe.md b/src/behavior-not-considered-unsafe.md index 20f3cad5f..4128d7f23 100644 --- a/src/behavior-not-considered-unsafe.md +++ b/src/behavior-not-considered-unsafe.md @@ -36,4 +36,21 @@ semantics. See [RFC 560] for error conditions, rationale, and more details about integer overflow. +##### Logic errors + +Safe code may impose extra logical constraints that can be checked +at neither compile-time nor runtime. If a program breaks such +a constraint, the behavior may be unspecified but will not result in +undefined behavior. This could include panics, incorrect results, +aborts, and non-termination. The behavior may also differ between +runs, builds, or kinds of build. + +For example, implementing both `Hash` and `Eq` requires that values +considered equal have equal hashes. Another example are data structures +like `BinaryHeap`, `BTreeMap`, `BTreeSet`, `HashMap` and `HashSet` +which describe constraints on the modification of their keys while +they are in the data structure. Violating such constraints is not +considered unsafe, yet the program is considered erroneous and +its behavior unpredictable. + [RFC 560]: https://github.com/rust-lang/rfcs/blob/master/text/0560-integer-overflow.md