Description
Migrated from https://fxbug.dev/108820
Currently, FromBytes and AsBytes are documented as simply requiring that a type may be converted from an arbitrary sequence of bytes or may be converted to a sequence of bytes (respectively). However, this isn't actually sufficient in practice given the way we use these traits. In particular, we allow converting from &[u8] to &T (where T: FromBytes) and from &T to &[u8] (where T: AsBytes). The UnsafeCell<T> type can be converted from an arbitrary sequence of bytes if T can. However, if we were to implement FromBytes for UnsafeCell<T>, it would make these reference conversions unsound, as code with a &T could perform interior mutability which code with the &[u8] wouldn't know about.
We need to expand the soundness requirements on FromBytes and AsBytes to explicitly mention this reference-safety requirement.
See also #251 for an alternate approach.
Metadata
Metadata
Assignees
Type
Projects
Milestone
Relationships
Participants
Activity
UnsafeCell" property into separateImmutabletrait; allowFromZeros,FromBytes, andAsByteson types withUnsafeCells #251std::marker::Freezepub again rust-lang/rust#60715Improve trait safety documentation
Improve trait safety documentation
Improve trait safety documentation
Improve trait safety documentation (#283)
Remove TODO
Remove TODO (#314)