No fancy Stacked Borrows stuff in this one, just normal memory unsafety. These methods of OwningRefMut:
/// A reference to the underlying owner.
pub fn as_owner(&self) -> &O {
&self.owner
}
/// A mutable reference to the underlying owner.
pub fn as_owner_mut(&mut self) -> &mut O {
&mut self.owner
}
...are both unsound, because they can be used to access the owner object while the associated reference thinks it has unique access to it. In particular, it can be used to modify that data and invalidate the reference. (Doing so is straightforward with as_owner_mut, and is still possible with as_owner with some interior mutability shenanigans.)
No fancy Stacked Borrows stuff in this one, just normal memory unsafety. These methods of
OwningRefMut
:...are both unsound, because they can be used to access the owner object while the associated reference thinks it has unique access to it. In particular, it can be used to modify that data and invalidate the reference. (Doing so is straightforward with
as_owner_mut
, and is still possible withas_owner
with some interior mutability shenanigans.)Here is a simple test case for both methods. Clone the repo and run either
RUSTFLAGS="-Zsanitizer=address" cargo test as_owner_mut_is_unsound
RUSTFLAGS="-Zsanitizer=address" cargo test as_owner_is_unsound
and you should get a heap-use-after-free error.
This doesn't affect the non-Mut
OwningRef
;OwningRef::as_owner
is sound.