-
Notifications
You must be signed in to change notification settings - Fork 12.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
UnsafeCell should implement the Copy trait #25053
Comments
This seems like it would require an RFC: |
@mattico Making |
If adding a trait impl to a type required an RFC we would never get anything done. |
There is currently no stable and safe method to read the value in an |
@alexcrichton Could you be more specific about the "undefined behavior in some situations"? And is this a problem with |
Yes each type which contains an |
I was thinking about this again today and I'm wondering if it would be better to remove the Then people could implement their own cells with what ever degree of unsafety they want. |
We need this for FFI with C and C++ too, where it would be nice to be able to tell that some struct fields may change through unknown means. |
+1 |
Nominating for libs team discussion. |
This libs team discussed this issue a few days ago and we unfortunately didn't reach a firm consensus. The case I mentioned above means that guaranteeing the safety of an One idea brought up by @sfackler was perhaps something like One other concern here is that if |
Just ran into this. @alexcrichton Can you think of any other cases in which it would make sense to If there aren't any, then special syntax seems unwarranted; if |
Another possible use case for Though it probably wouldn't be the best approach in that case. In short, |
If it makes things easier, we could make an additional type As additional bonus, our regular |
cc @rust-lang/lang, anybody on the lang team have an opinion on this? |
I am in favor. |
Discussed this a bit with @aturon -- I agree with the consensus that it would be easy to write broken code if This reminds me of the discussion around a Still, I feel like while having implicit copies might be dangerous from a race condition POV, it's also easy to imagine types that wouldn't have to worry about that. If my type is not |
This issue seems to be at a bit of a standstill.
If we want to deal with both of these perspectives, we can rule out changing
The former is clearly the easier approach, and personally I'm hesitant to add special casing to the handling of Does anyone strongly object to adding some additional version of |
Doesn't |
I thought @nikomatsakis had some more usecases for |
@nox, if |
For name bikeshedding, how about |
@aturon I feel that adding a new type wouldn't actually solve the problem the problem I raised earlier. That'd still be a problem for anyone using In that sense then if we must solve this specific issue then I'd be in favor of just adding the impl to |
@alexcrichton Which types do you think would want to move over? As I see it, the only reason to use In any case, |
Well presumably there's some motivation for some type that wants to move over, right? Otherwise this issue wouldn't exist? We may not have cases in the standard library itself but I would hate to have a convention of "use |
IMO, When it comes to motivations, I'm not totally sure it's wrong to just mark both (sidenote: if |
I think |
I think ergonomics also played a rule, see my question from 2 years ago: https://users.rust-lang.org/t/why-is-cell-not-copy/2208 |
I find those examples very unconvincing, but why not make sure people are super explicit, then, and make the |
|
Could you explain how/why the second does not imply the first? Intuitively it seems to me that if you are given the ability to dereference an |
Maybe that is an artifact of the framework we use for formalization. The reason is that (1) is an implication, saying that every possible way to justify the assertion "we own these bytes at type Off the top of my head, I am not sure if we ever rely on (1) not making such changes. It certainly makes working with this much simpler though... |
Cc #60715, an actual use case which would break if |
Ouch, that's quite bad indeed. The alternative proposal of being able to Basically, currently we have no interior-mutable- |
Making changes such as making Anyhow one basic argument still holds: It's trivial to make a |
I'm guessing we need an RFC to add the ability to Was there any particular objection to |
I do not recall any, but there also was not a ton of discussion. |
Not being able to assert that a struct is |
This doesn't seem to be waiting on a team decision, so removing I-needs-decision. Looks like this is waiting for a concrete proposal to be discussed by the team(s). |
I think the argument that a |
Closing this as it would be better suited for an RFC |
Currently
UnsafeCell
does not implementCopy
. It would be beneficial if it could, for at least two reasons:[UnsafeCell::new(0i32); 75]
Copy
.AFAIK, there are no disadvantages for
UnsafeCell
to implementCopy
.Note: the reason people can't just copy-and-paste the code for
UnsafeCell
to make their own variant with copy semantics, is thatUnsafeCell
is a#[lang="unsafe_cell"]
: "TheUnsafeCell<T>
type is the only legal way to obtain aliasable data that is considered mutable. In general, transmuting an&T
type into an&mut T
is considered undefined behavior."The text was updated successfully, but these errors were encountered: