New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
StackCheckedPointer is unsound #84
Comments
Very good point, thanks for reporting. Yes, it is unsound and there currently seems to be no way of preventing this other than common sense (not to modify the data model within the What basically needs to happen is some kind of check in the layout function whether the pointer that the callback has acted on could be or has been modified from the time of creation to the time of invokation. |
Could it be implemented via |
As I understand it, Is there any reason not to allow users to provide a |
The documentation describes an assumption Azul's data binding relies on when it bypasses the borrow-checker:
Unfortunately, nothing in Rust's type system guarantees this. The most obvious counterexample is
enum
types.Here's an example showing how code without
unsafe
can cause an invalid pointer dereference and segfault using the safe interface ofTextInput
:https://gist.github.com/kevinmehall/44190fea3e4775c90d175b2bb6c07e53
(this example could do without the
RefCell
if it were mutated elsewhere, in a callback or something).The text was updated successfully, but these errors were encountered: