Stream: t-lang/wg-unsafe-code-guidelines

Topic: stacked borrows: Transmute &UnsafeCell to T


RalfJ (Nov 17 2018 at 10:53, on Zulip):

Stacked Borrows currently declares a transmute from &UnsafeCell<T> to &T illegal. You have to transmute to a raw pointer, and then &* that. The reason is that an &T expects the location to be frozen since it was created, and since you transmuted it's still the same pointer, so the time of creation is when you created that &UnsafeCell<T> -- but at that point, the location was not frozen. If, instead, you go through a raw pointer (&*(UnsafeCell<T> as *const UnsafeCell<T> as *const T)), you create a new shared reference and hence the model only expects things to be frozen since then, which they are.
This was actually violated in UnsafeCell::get, but only because &x.field as *const _, where x: &UnsafeCell<T>, creates an intermdiate &T (which it will no more with https://github.com/rust-lang/rfcs/pull/2582). However, it is also violated in the bytes crate, which just blatantly transmutes an &AtomicPtr to an &u8.

RalfJ (Nov 17 2018 at 11:46, on Zulip):

Also see https://github.com/carllerche/bytes/pull/233

Last update: Nov 19 2019 at 18:55UTC