-
Notifications
You must be signed in to change notification settings - Fork 12.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't coerce &mut &mut T to *mut *mut T #34117
Comments
Hmm... take the following:
Rust will currently complain about mismatched types for the second coercion. It's not clear such a coercion should exist: it's like converting a |
@eefriedman Note that first coercing to |
@TimNN Your testcase is constructing a |
Ah, thanks for pointing that out. |
@eefriedman In don't know if I understand your point, but if you argue that such a coercion should not exist because it might be unsafe, the line |
Heh, C++ has special rules for multi-level pointer conversions exactly to prevent these kinds of type unsafeties: http://en.cppreference.com/w/cpp/language/implicit_conversion#Qualification_conversions |
@Boddlnagg Also, safety isn't really relevant; we allow arbitrary explicit pointer casts anyway. |
Oh, wait, I see, you expect the original |
I think this would work if borrow expressions would take into account that they might get coerced later and pass down the |
Triage: this still reproduces. |
Closing this as the bug is fixed and playground link above works for all editions. |
The playground link had the problematic line commented out: make_foo(&mut &mut *result); // mismatched types: expected `*mut *mut Foo`, found `&mut &mut _` It still gives a compile error:
|
oops my bad then |
This idea has been suggested. A T-compiler member has pointed out that other languages apply rules to restrain pointer coercion, specifically because multi-level pointer coercion is prone to being a bit of a footgun. Not quite "this is a bad idea", but despite the simplicity of the proposal, it deserves being treated with caution. There is no strong argument that this is a bug because it is consistent, if annoying. Legalizing this behavior with narrow cases seems permissible, but amounts to a new language feature design request. Transitive coercions, as part of the revised coercion rules, are closed as requiring new proposals. Accordingly, I think this should also be closed... but not before documenting the current behavior in the form of a regression test. |
…pointer-coercion-happens, r=compiler-errors We do not coerce `&mut &mut T -> *mut mut T` Resolves rust-lang#34117 by declaring it to be "working as intended" until someone RFCs it or whatever other lang proposal would be required. It seems a bit of a footgun, but perhaps there are strong reasons to allow it anyways. Seeing as how I often have to be mindful to not allow a pointer to coerce the wrong way in my FFI work, I am inclined to think not, but perhaps it's fine in some use-case and that's actually more common?
Rollup merge of rust-lang#124692 - workingjubilee:document-no-double-pointer-coercion-happens, r=compiler-errors We do not coerce `&mut &mut T -> *mut mut T` Resolves rust-lang#34117 by declaring it to be "working as intended" until someone RFCs it or whatever other lang proposal would be required. It seems a bit of a footgun, but perhaps there are strong reasons to allow it anyways. Seeing as how I often have to be mindful to not allow a pointer to coerce the wrong way in my FFI work, I am inclined to think not, but perhaps it's fine in some use-case and that's actually more common?
The title already says it, but as an illustrating example you can have a look at https://is.gd/4jWY3m.
Since &mut T can be implicitly converted to *mut T, I wondered whether there's a reason that it doesn't work for &mut &mut T (besides "no one has implemented it" 😄 ). @mbrubeck pointed out that this might be #18602 (in IRC).
The example code also illustrates a somewhat unexpected failure of type inference, which might be worth filing as a separate issue.
The text was updated successfully, but these errors were encountered: