Do ZST Boxes violate provenance monotonicity?
#529
Comments
|
Good catch! That's an outdated copy of the pointer validity docs that hasn't been updated for rust-lang/rust#117945. |
rust-timer
added a commit
to rust-lang-ci/rust
that referenced
this issue
Sep 3, 2024
Rollup merge of rust-lang#129748 - RalfJung:box-validity, r=workingjubilee Box validity: update for new zero-sized rules Fixes rust-lang/unsafe-code-guidelines#529 Cc `@joshlf` `@rust-lang/opsem`
|
Funny... the PR with the "fixes" annotation got merged a week ago, but now @saethlin pushing this somewhere led to the issue actually getting closed... |
|
Yeah... that was me updating my fork. There's some kind of GitHub bug here. |
|
I think it might be a permission thing. bors doesn't have permissions to close issues in this repo, but you do. |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
(Writing on my phone; apologies for the lack of formatting.)
Per the Box module-level docs:
I'm trying to interpret "pointer pointing into previously allocated memory." IIUC, an integer whose address is the same as previously-allocated memory should be fine, so what really distinguishes these two cases is whether or not the pointer in question has provenance for the previously-freed allocation.
However, this implies that Box violates provenance monotonicity: an operation with a provenance-free pointer (one cast from a bare integer) is sound, while the same operation with a provenance-carrying integer is not.
Am I understanding this correctly?
The text was updated successfully, but these errors were encountered: