GitHub / rust-lang/unsafe-code-guidelines issues and pull requests
#569 - bump versions in deploy workflow
Pull Request -
State: closed - Opened by RalfJung 2 months ago
#568 - deliberate UB: add crossbeam-deque
Pull Request -
State: closed - Opened by RalfJung 2 months ago
#567 - Under Tree Borrows, is `UnsafeCell::get_mut` still sound?
Issue -
State: closed - Opened by joshlf 3 months ago
- 2 comments
#566 - Make disclaimer about this not being guarantees a lot more visible
Pull Request -
State: open - Opened by Noratrieb 3 months ago
- 10 comments
#565 - `'static` reference to local variable that never goes out of scope?
Issue -
State: open - Opened by joshlf 4 months ago
- 10 comments
#564 - What is the operational spec for `use` expressions?
Issue -
State: open - Opened by RalfJung 4 months ago
#563 - Just how unspecified is repr Rust over extern C?
Issue -
State: closed - Opened by CAD97 4 months ago
- 6 comments
#562 - Possible to interleave `&mut` and `&` safely?
Issue -
State: open - Opened by joshlf 4 months ago
- 8 comments
#561 - Should values be well-typed?
Issue -
State: closed - Opened by ia0 4 months ago
- 18 comments
#560 - Can the layouts of `Vec<i32>` and `Vec<u32>` guaranteed to be the same?
Issue -
State: closed - Opened by davidzeng0 4 months ago
- 5 comments
#559 - Do you need UnsafeCell to mutate through a mut pointer behind a shared ref?
Issue -
State: closed - Opened by coffeenotfound 5 months ago
- 3 comments
#558 - Do the bytes of a pointer have to stay in the same order?
Issue -
State: open - Opened by RalfJung 5 months ago
- 3 comments
Labels: A-provenance
#557 - Is it safe to treat an arbitrary reference as an `&[()]`?
Issue -
State: closed - Opened by Manishearth 5 months ago
- 5 comments
#556 - Copy propagation on "move" assignments introduces UB (using Miri/MiniRust semantics)
Issue -
State: open - Opened by RalfJung 6 months ago
- 2 comments
#555 - Do typed copies of unions preserve "invalid" bytes?
Issue -
State: closed - Opened by jswrenn 6 months ago
- 11 comments
Labels: A-unions
#554 - How to explain linker symbols used as integers (and not pointers to an allocation)?
Issue -
State: open - Opened by ia0 6 months ago
- 4 comments
#553 - Externally initialized memory and the abstract machine
Issue -
State: closed - Opened by anp 6 months ago
- 2 comments
#552 - "Any two types with size 0 and alignment 1 are ABI-compatible" vs the Windows ABI
Issue -
State: open - Opened by RalfJung 7 months ago
- 23 comments
#551 - Added definitions to the glossary
Pull Request -
State: closed - Opened by adfernandes 7 months ago
- 2 comments
#550 - Does the Allocator API allow sending pointer ownership across an FFI boundary?
Issue -
State: open - Opened by not-an-aardvark 7 months ago
- 1 comment
#549 - What are the preconditions for (overlapping) `ptr::copy`?
Issue -
State: open - Opened by steffahn 7 months ago
- 10 comments
#548 - Our concurrency memory model (inherited from C++20) is incompatible with x86
Issue -
State: open - Opened by RalfJung 8 months ago
- 28 comments
#547 - Reading Pointer bytes as Integers
Issue -
State: closed - Opened by chorman0773 8 months ago
- 17 comments
#546 - Wait, how does placing ZST statics work again?
Issue -
State: open - Opened by workingjubilee 9 months ago
#545 - What about: distributed slices (linkme)
Issue -
State: open - Opened by CAD97 9 months ago
- 3 comments
#544 - deliberate UB: OOB access
Pull Request -
State: closed - Opened by RalfJung 9 months ago
#543 - Where does one instance of the Rust Abstract Machine end and another one start?
Issue -
State: open - Opened by VorpalBlade 9 months ago
- 19 comments
#542 - Will destructors create `&mut` references only when `Drop::drop()` is called?
Issue -
State: open - Opened by theemathas 9 months ago
- 2 comments
#541 - Are long-lived references to thread_local variables allowed?
Issue -
State: open - Opened by theemathas 9 months ago
- 4 comments
#540 - Is pattern evaluation order guaranteed?
Issue -
State: open - Opened by zachs18 9 months ago
#539 - Stabilize having the concept of "validity invariant" and "safety invariant"? Under which name?
Issue -
State: open - Opened by RalfJung 9 months ago
- 90 comments
#538 - update the docs for layout guarantees of option-like enums
Pull Request -
State: closed - Opened by RalfJung 10 months ago
- 5 comments
#537 - How can I tell the Rust compiler `&mut [u8]` has changed after a DMA operation
Issue -
State: open - Opened by schultetwin1 10 months ago
- 41 comments
#536 - Confusion of retagging in the blog stacked-borrows-implementation
Issue -
State: closed - Opened by hanayashiki 10 months ago
- 1 comment
#535 - What are the special magic rules around `malloc`?
Issue -
State: open - Opened by RalfJung 10 months ago
- 9 comments
#534 - What memory is the Global allocator allowed to access
Issue -
State: closed - Opened by jwong101 10 months ago
- 8 comments
#533 - Minimum guarantees for union construction and typed copies?
Issue -
State: open - Opened by joshlf 10 months ago
- 1 comment
#532 - What about: aliasing requirements for nested references?
Issue -
State: open - Opened by oxalica 10 months ago
- 5 comments
Labels: A-aliasing-model
#531 - Is there a way to soundly implement racy read/writes as used in Chase/Lev deques?
Issue -
State: closed - Opened by anp 10 months ago
- 6 comments
#530 - Do the current nightly `std::ptr` docs violate provenance monotonicity?
Issue -
State: closed - Opened by joshlf 11 months ago
- 2 comments
#529 - Do ZST `Box`es violate provenance monotonicity?
Issue -
State: closed - Opened by joshlf 11 months ago
- 4 comments
#528 - Can FFI code use `memory_order_consume`
Issue -
State: open - Opened by chorman0773 12 months ago
- 9 comments
#527 - Can uninitialized memory come from the outside world?
Issue -
State: open - Opened by ChayimFriedman2 12 months ago
- 4 comments
#526 - What are the requirements for unloading a library (`dlclose`)?
Issue -
State: open - Opened by VorpalBlade 12 months ago
- 8 comments
#525 - What are the soundness requirements for `dlopen`?
Issue -
State: open - Opened by RalfJung 12 months ago
- 40 comments
#524 - Is it UB to have a mutable reference that could be misused, or simply to misuse it?
Issue -
State: closed - Opened by clarfonthey 12 months ago
- 4 comments
#523 - How do aliasing model protectors interact with tail calls?
Issue -
State: open - Opened by RalfJung 12 months ago
- 5 comments
#522 - What do we say about the equality of pointers in constants, vtables, and function pointers?
Issue -
State: open - Opened by RalfJung 12 months ago
- 19 comments
#521 - `repr(C)`/`extern "C"` does not always match the current target's C toolchain (when that target is windows-msvc)
Issue -
State: open - Opened by RalfJung 12 months ago
- 12 comments
#520 - What are the operational semantics of unsized locals?
Issue -
State: open - Opened by RalfJung 12 months ago
- 4 comments
#519 - If a Pin is changed to point to a different location, what happens?
Issue -
State: open - Opened by theemathas 12 months ago
- 3 comments
#518 - Should we / can we make MaybeUninit<T> always preserve all bytes of T (including padding)?
Issue -
State: open - Opened by RalfJung about 1 year ago
- 75 comments
#517 - Packing pointers into double-word width atomics
Issue -
State: open - Opened by eggyal about 1 year ago
- 48 comments
#516 - What are the validity requirements of wide pointers/references with `dyn Trait` tail?
Issue -
State: open - Opened by RalfJung about 1 year ago
- 11 comments
#515 - Should we have a way to give functions a stable address?
Issue -
State: open - Opened by RalfJung about 1 year ago
- 5 comments
#514 - Is it UB to change a non-`mut` `extern static`?
Issue -
State: closed - Opened by ChayimFriedman2 about 1 year ago
- 3 comments
#513 - Validity of a `char` value that is a surrogate
Issue -
State: closed - Opened by celinval about 1 year ago
- 16 comments
#512 - Should we have a language concept of erroneous behavior?
Issue -
State: open - Opened by CAD97 about 1 year ago
- 8 comments
#511 - Should closures implicitly be wrapped in `MaybeDangling`?
Issue -
State: open - Opened by RalfJung about 1 year ago
- 4 comments
#510 - Decide on validity for metadata of wide pointer/reference with slice tail
Issue -
State: closed - Opened by RalfJung about 1 year ago
- 23 comments
Labels: T-opsem, disposition-merge, finished-final-comment-period, to-announce
#509 - Are &mut references that point to read only memory but are never written to undefined behavior
Issue -
State: closed - Opened by gmorenz about 1 year ago
- 3 comments
#508 - Is `usize::MAX` an allocatable address?
Issue -
State: closed - Opened by CAD97 about 1 year ago
- 6 comments
#507 - LLVM integer/pointer casts are unreliable and observably disagree with the intended Rust semantics
Issue -
State: open - Opened by joboet over 1 year ago
- 2 comments
#506 - Who is responsible for preventing reentrancy issues through the allocator?
Issue -
State: open - Opened by RalfJung over 1 year ago
- 10 comments
#505 - Better documentation needed: reentrancy through the panic hook
Issue -
State: open - Opened by RalfJung over 1 year ago
- 3 comments
#504 - When are `static` symbols guaranteed to show up in the final binary?
Issue -
State: open - Opened by RalfJung over 1 year ago
- 11 comments
#503 - What are the guarantees over ZST pointers
Issue -
State: closed - Opened by celinval over 1 year ago
- 11 comments
#502 - What's the source of immutability for pointers produced by `const`?
Issue -
State: open - Opened by RalfJung over 1 year ago
- 19 comments
Labels: A-aliasing-model
#501 - Tree Borrows: Two-phase borrows + interior mutability have surprising interactions
Issue -
State: open - Opened by RalfJung over 1 year ago
- 15 comments
Labels: A-aliasing-model
#500 - Dead variant removal in `#[repr(C)]` enums
Issue -
State: closed - Opened by GoldsteinE over 1 year ago
- 4 comments
#499 - Is String allowed to switch to a small-string optimization?
Issue -
State: open - Opened by Manishearth over 1 year ago
- 10 comments
#498 - add note on Stacked Borrows issues and why they are hard to fix
Pull Request -
State: closed - Opened by RalfJung over 1 year ago
#497 - Provenance: storing to/loading from arbitrary addresses in an interpreter's registers
Issue -
State: closed - Opened by anp over 1 year ago
- 41 comments
#496 - std::slice::from_raw_parts alternative that would allow NULL pointer if len == 0 by returning an empty slice?
Issue -
State: closed - Opened by procedural over 1 year ago
- 3 comments
#495 - Minimum guarantees regarding `UnsafeCell`
Issue -
State: closed - Opened by joshlf over 1 year ago
- 22 comments
#494 - Adopt Minimum Union Validity Rules
Issue -
State: open - Opened by chorman0773 over 1 year ago
- 24 comments
Labels: A-unions, A-validity, T-opsem
#493 - Promotion introduces UB into otherwise well-defined code
Issue -
State: open - Opened by RalfJung over 1 year ago
- 18 comments
#492 - Does `Box` contain any `UnsafeCell`s?
Issue -
State: open - Opened by joshlf over 1 year ago
- 9 comments
#491 - What happens to the validiy requirements of the return value on a tail call?
Issue -
State: open - Opened by RalfJung over 1 year ago
- 4 comments
#490 - Provenance for zero-sized accesses?
Issue -
State: closed - Opened by joshlf over 1 year ago
- 2 comments
#489 - Re-evaluate ABI compatibility rules in light of CFI
Issue -
State: open - Opened by RalfJung over 1 year ago
- 11 comments
#488 - Is it sound to check whether the bytes of an `Option<&T>` are zero?
Issue -
State: open - Opened by joshlf over 1 year ago
- 25 comments
#487 - Semantics of SetDiscriminant with niched variants
Issue -
State: open - Opened by RalfJung over 1 year ago
- 5 comments
#486 - How transitive is repr(transparent)?
Issue -
State: open - Opened by Manishearth over 1 year ago
- 11 comments
#485 - Does the repr(transparent) guarantee work for fields that are empty types?
Issue -
State: open - Opened by Manishearth over 1 year ago
- 8 comments
#484 - How to avoid smuggling of data via TLS and scoped-tls and other means
Issue -
State: open - Opened by RalfJung over 1 year ago
- 28 comments
#483 - How can we allow read-read races between atomic and non-atomic accesses?
Issue -
State: closed - Opened by RalfJung over 1 year ago
- 1 comment
#482 - Revert "deliberate-ub: mention the load-load races in tokio"
Pull Request -
State: closed - Opened by RalfJung over 1 year ago
#481 - deliberate-ub: mention the load-load races in tokio
Pull Request -
State: closed - Opened by RalfJung over 1 year ago
- 4 comments
#480 - Expressivity Gap: concurrent ABA-safe stack (atomics + provenance = pain)
Issue -
State: open - Opened by RalfJung over 1 year ago
- 24 comments
#479 - `handle_alloc_error` + UnsafeCell = ???
Issue -
State: closed - Opened by workingjubilee over 1 year ago
- 4 comments
#478 - "Dangling" means multiple things
Issue -
State: open - Opened by Manishearth over 1 year ago
- 5 comments
Labels: C-terminology
#477 - Manually dropping a variable raises an error
Issue -
State: closed - Opened by wyfo over 1 year ago
- 1 comment
#476 - Document the current recommendation when Rust is used to communicate with a different memory ordering model
Issue -
State: open - Opened by fbq over 1 year ago
- 13 comments
#475 - Fix some typos
Pull Request -
State: closed - Opened by GrigorenkoPV over 1 year ago
- 1 comment
#474 - Does UnsafeCell::raw_get preserve pointer provenance?
Issue -
State: closed - Opened by Kolsky over 1 year ago
- 3 comments
#473 - Are memory protected references that are never dereferenced in the code undefined behaviour?
Issue -
State: closed - Opened by timfel over 1 year ago
- 6 comments
#472 - Decide on zero-sized offsets and memory accesses
Issue -
State: closed - Opened by RalfJung almost 2 years ago
- 29 comments
Labels: T-opsem, disposition-merge, finished-final-comment-period, to-announce
#471 - Is Changing the Floating-point environment for intrinsic/assembly code UB?
Issue -
State: open - Opened by chorman0773 almost 2 years ago
- 43 comments
Labels: A-floats, S-pending-documentation
#470 - fix more links
Pull Request -
State: closed - Opened by RalfJung almost 2 years ago