Aria Desires

The proposed lints in #95199 should be something a user messing with these APIs can opt into to quickly find sketchy places in their code. What's the "right" way to...

At least in the bootstrap, the compiler will complain if you `allow()` a lint in your code that doesn't exist. This potentially just means: * We need to keep the...

I feel like it's very plausible to define some sort of pointer-int union without messing with ABI for "this is a pointer, the API is lying" since in general, afaict,...

I mean, yes, but if you actually *use* the API and it expects you to pass it a dereferenceable pointer where it says the arg is an integer, then at...

Could you elaborate on why provenance "must" be lost? If you're operating on a system that actually dynamically maintains provenance, the information must be maintained by the callee anyway or...

@Diggsey yes, see "A secondary goal" in the top comment and "But CHERI Runs C Code Fine?" in the FAQ.

Yes it's probable there will need to be a way to say "I give up" and use a Ptr16/Ptr32/Ptr64/Ptr128 "integer type" that is exactly like how CHERI handles intptr_t. Solutions...

All discussion is with respect to strict provenance, because that is the thing we are experimenting with.

Problem that CHERI people might have some good answers for: [AtomicPtr](https://doc.rust-lang.org/std/sync/atomic/struct.AtomicPtr.html) has a very limited API and currently people use AtomicUsize in its place for even basic stuff like the...

YESSSSS IT LANDED ok i will properly post a public announcement for this when it hits nightly and I can link the docs