What's the current state of the `owning_ref` crate?

Hello,

I was curious about the current state of the owning_ref crate. The last main-line version was pushed to crates.io back in Oct' 2020, over 3 years ago.

In Jan' 2022, @noamtashma published this: GitHub - noamtashma/owning-ref-unsoundness: An article explaining the unsoundness I found in owning-ref and then it appears that just 3 weeks ago, they published safer_owning_ref presumably fixing those issues.

Looking into the lineage of @noamtashma 's crate, it appears to also include some soundness fixes from @steffahn made in 2021.

So... Is safer_owning_ref safe to use? Have the soundness issues been addressed?

BTW I'm hoping this thread doesn't stray into a debate about the merits of the patterns enabled by owning_ref. Yes it's true owning_ref is ripe for abuse, but this pattern sometimes provides the only way to avoid leaking certain implementation details. I also love @Michael-F-Bryan 's post here: Reddit - Dive into anything

Hi

All of the known soundness issues are addressed.

All of the known soundness issues except for #49 are addressed.

Of course, I can't promise anything about the potential existence of unknown ones.

As far as I’m aware, the goal was that safer_owning_ref should contain fixes for all known soundness issues. I haven’t come to take another look at it after it was published as a crate, but I’m meaning to; thanks for the reminder. Actually, on second thought, I don’t believe addressing #49 was part of safer_owning_ref, something like RFC 3336 may eventually offer an easy general solution to this.

Oh. Thanks for the reminder about #49.

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.