search

r3-os / r3

R3-OS — Experimental static (μITRON-esque) RTOS kernel for deeply embedded systems, testing the limit of Rust's compile-time evaluation and generics
Apache License 2.0
160 stars 8 forks source link

Unsound `transmute` in `get` method for type `List` #20

Closed shinmao closed 1 year ago

shinmao commented 1 year ago

https://github.com/r3-os/r3/blob/e7696aa1d66aa74a935b31bb894e1f274bcc4206/src/r3_core/src/bag.rs#L45-L53 The safe method get used transmute to make conversion from &Head to &T. Here are two problems:

  1. Copy trait bound is not sufficient for us to safely transmute from &Head. Suggest to use trait bound such as Pod.
  2. Transmute has an overloaded return type. If you do not specify the return type it may produce a surprising type to satisfy inference^1.
shinmao commented 1 year ago

TypeId will make sure the reference use same ABI and have same memory layout. The guarantee is strong enough. I will close the issue.