On Wed, Mar 26, 2025 at 5:09 PM Benno Lossin <benno.los...@proton.me> wrote: > > On Wed Mar 26, 2025 at 8:06 PM CET, Tamir Duberstein wrote: > > On Wed, Mar 26, 2025 at 1:36 PM Benno Lossin <benno.los...@proton.me> wrote: > >> On Wed Mar 26, 2025 at 5:57 PM CET, Tamir Duberstein wrote: > >> > In the current code you're looking at, yes. But in the code I have > >> > locally I'm transmuting `[u8]` to `BStr`. See my earlier reply where I > >> > said "Hmm, looking at this again we can just transmute ref-to-ref and > >> > avoid pointers entirely. We're already doing that in > >> > `CStr::from_bytes_with_nul_unchecked`". > >> > >> `CStr::from_bytes_with_nul_unchecked` does the transmute with > >> references. That is a usage that the docs of `transmute` explicitly > >> recommend to change to an `as` cast [1]. > > > > RIght. That guidance was written in 2016 > > (https://github.com/rust-lang/rust/pull/34609) and doesn't present any > > rationale for `as` casts being preferred to transmute. I posted a > > comment in the most relevant issue I could find: > > https://github.com/rust-lang/rust/issues/34249#issuecomment-2755316610. > > Not sure if that's the correct issue, maybe we should post one on the > UCG (unsafe code guidelines). But before that we probably should ask on > zulip... > > >> No idea about provenance still. > > > > Well that's not surprising, nobody was thinking about provenance in > > 2016. But I really don't think we should blindly follow the advice in > > this case. It doesn't make an iota of sense to me - does it make sense > > to you? > > For ptr-to-int transmutes, I know that they will probably remove > provenance, hence I am a bit cautious about using them for ptr-to-ptr or > ref-to-ref. > > >> [1]: https://doc.rust-lang.org/std/mem/fn.transmute.html#alternatives > >> > >> >> I tried to find some existing issues about the topic and found that > >> >> there exists a clippy lint `transmute_ptr_to_ptr`. There is an issue > >> >> asking for a better justification [1] and it seems like nobody provided > >> >> one there. Maybe we should ask the opsem team what happens to provenance > >> >> when transmuting? > >> > > >> > Yeah, we should do this - but again: not relevant in this discussion. > >> > >> I think it's pretty relevant. > > > > It's not relevant because we're no longer talking about transmuting > > pointer to pointer. The two options are: > > 1. transmute reference to reference. > > 2. coerce reference to pointer, `as` cast pointer to pointer (triggers > > `ptr_as_ptr`), reborrow pointer to reference. > > > > If anyone can help me understand why (2) is better than (1), I'd > > certainly appreciate it. > > I am very confident that (2) is correct. With (1) I'm not sure (see > above), so that's why I mentioned it.
Can you help me understand why you're confident about (2) but not (1)?
