You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: reference/src/glossary.md
+8-1
Original file line number
Diff line number
Diff line change
@@ -61,6 +61,11 @@ The *provenance* of a pointer is used to distinguish pointers that point to the
61
61
Provenance is extra state that only exists in the Rust Abstract Machine; it is needed to specify program behavior but not present any more when the program runs on real hardware.
62
62
In other words, pointers that only differ in their provenance can *not* be distinguished any more in the final binary (but provenance can influence how the compiler translates the program).
63
63
64
+
The exact form of provenance in Rust is unclear.
65
+
It is also unclear whether provenance applies to more than just pointers, i.e., one could imagine integers having provenance as well (so that pointer provenance can be preserved when pointers are cast to an integer and back).
66
+
In the following, we give some examples if what provenance *could* look like.
67
+
68
+
**Using provenance to track originating allocation.**
64
69
For example, we have to distinguish pointers to the same location if they originated from different allocations.
65
70
Cross-allocation pointer arithmetic [does not lead to usable pointers](https://doc.rust-lang.org/std/primitive.pointer.html#method.wrapping_offset), so the Rust Abstract Machine *somehow* has to remember the original allocation to which a pointer pointed.
66
71
It uses provenance to achieve this:
@@ -84,9 +89,11 @@ assert_eq!(raw2 as usize, raw2_wrong as usize);
84
89
```
85
90
86
91
This kind of provenance also exists in C/C++, but Rust is more permissive by (a) providing a [way to do pointer arithmetic across allocation boundaries without causing immediate UB](https://doc.rust-lang.org/std/primitive.pointer.html#method.wrapping_offset) (though, as we have seen, the resulting pointer still cannot be used for locations outside the allocation it originates), and (b) by allowing pointers to always be compared safely, even if their provenance differs.
92
+
For some more information, see [this document proposing a more precise definition of provenance for C](http://www.open-std.org/jtc1/sc22/wg14/www/docs/n2364.pdf).
87
93
94
+
**Using provenance for Rust's aliasing rules.**
88
95
Another example of pointer provenance is the "tag" from [Stacked Borrows][stacked-borrows].
89
-
For some more information, see [this blog post](https://www.ralfj.de/blog/2018/07/24/pointers-and-bytes.html) and [this document proposing a more precise definition of provenance for C](http://www.open-std.org/jtc1/sc22/wg14/www/docs/n2364.pdf).
96
+
For some more information, see [this blog post](https://www.ralfj.de/blog/2018/07/24/pointers-and-bytes.html).
0 commit comments