Is it sound to split an `UnsafeCell` into multiple `UnsafeCell`s?

Question

Is it sound to split an `UnsafeCell` into multiple `UnsafeCell`s?

joshlf opened this issue a year ago · comments

Joshua Liebow-Feeser commented a year ago

Miri doesn't complain about the following code, but is this guaranteed to be sound?

fn main() {
    let x = UnsafeCell::new([0u8; 2]);
    let x = &x;
    let x_ptr: *const UnsafeCell<[u8; 2]> = x;
    let y_ptr = x_ptr as *const [UnsafeCell<u8>; 2];
    let _y = unsafe { &*y_ptr };
}

I read #451 (comment) as implying this is intended to be sound, but I wanted to double-check.

Ralf Jung · Answer 1 · Wed Sep 06 2023 14:02:08 GMT+0800 (China Standard Time)

Isn't this basically https://doc.rust-lang.org/nightly/std/cell/struct.Cell.html#method.as_array_of_cells ?

Ralf Jung · Answer 2 · Wed Sep 06 2023 14:02:58 GMT+0800 (China Standard Time)

Also I'd say this is a duplicate of #451; projection to struct fields and array "fields" should behave the same.

Joshua Liebow-Feeser · Answer 3 · Wed Sep 06 2023 14:51:41 GMT+0800 (China Standard Time)

Sounds good, that's what I figured. Thanks!