rust-lang/unsafe-code-guidelines
Forum for discussion about what unsafe code can and can't do
Apache-2.0
Issues
- 3
- 4
- 1
- 11
Re-evaluate ABI compatibility rules in light of CFI
#489 opened by RalfJung - 4
Dead variant removal in `#[repr(C)]` enums
#500 opened by GoldsteinE - 4
Do ZST `Box`es violate provenance monotonicity?
#529 opened by joshlf - 17
- 8
- 9
Can FFI code use `memory_order_consume`
#528 opened by chorman0773 - 4
- 40
What are the soundness requirements for `dlopen`?
#525 opened by RalfJung - 19
What do we say about the equality of pointers in constants, vtables, and function pointers?
#522 opened by RalfJung - 4
Is it UB to have a mutable reference that could be misused, or simply to misuse it?
#524 opened by clarfonthey - 5
- 7
repr(C) does not always match the current target's C toolchain (when that target is windows-msvc)
#521 opened by RalfJung - 7
- 4
- 28
- 3
- 44
Packing pointers into double-word width atomics
#517 opened by eggyal - 19
- 3
- 1
What are the validity requirements of wide pointers/references with `dyn Trait` tail?
#516 opened by RalfJung - 19
- 15
Tree Borrows: Two-phase borrows + interior mutability have surprising interactions
#501 opened by RalfJung - 5
- 24
- 16
Validity of a `char` value that is a surrogate
#513 opened by celinval - 23
- 3
Are &mut references that point to read only memory but are never written to undefined behavior
#509 opened by gmorenz - 6
Is `usize::MAX` an allocatable address?
#508 opened by CAD97 - 19
Minimum guarantees regarding `UnsafeCell`
#495 opened by joshlf - 3
- 3
- 2
LLVM integer/pointer casts are unreliable and observably disagree with the intended Rust semantics
#507 opened by joboet - 11
What are the guarantees over ZST pointers
#503 opened by celinval - 4
`handle_alloc_error` + UnsafeCell = ???
#479 opened by workingjubilee - 24
Adopt Minimum Union Validity Rules
#494 opened by chorman0773 - 11
How transitive is repr(transparent)?
#486 opened by Manishearth - 11
- 41
Provenance: storing to/loading from arbitrary addresses in an interpreter's registers
#497 opened by anp - 10
- 4
- 3
std::slice::from_raw_parts alternative that would allow NULL pointer if len == 0 by returning an empty slice?
#496 opened by procedural - 9
Does `Box` contain any `UnsafeCell`s?
#492 opened by joshlf - 25
- 2
Provenance for zero-sized accesses?
#490 opened by joshlf - 5
Semantics of SetDiscriminant with niched variants
#487 opened by RalfJung - 1
- 7
Does the repr(transparent) guarantee work for fields that are empty types?
#485 opened by Manishearth