std::ptr::write_volatile is pretty flexible about how a volatile write can be used. When not addressing memory that "inside an allocation", it can be used to write to address 0, and do IO and other side-effects if that is the purpose of the addressed location in hardware.

There are two understandable restrictions imposed: the volatile write can't cause changes to other memory within a Rust allocation, and has to be aligned. However there is one restriction that seems hard to justify:

writing to that memory must: not trap

Why not? It is not unusual to have a deliberately crashing function that dereferences a null pointer (e.g. for testing what happens when an application crashes). write_volatile(null_mut(), 0) is only UB if it traps, and whether or not it traps is not known to the compiler as it is platform-specific. How is trapping different to any other platform-specific thing the volatile write might cause, including a e.g. a reboot/system power-down?

1 post - 1 participant

Read full topic