Arc::get_mut_unchecked does not mention restrictions on drop · Issue #136322 · rust-lang/rust (original) (raw)
Location
Summary
The safety comment on Arc::get_mut_unchecked states:
If any other Arc or Weak pointers to the same allocation exist, then they must not be dereferenced or have active borrows for the duration of the returned borrow, and their inner type must be exactly the same as the inner type of this Rc (including lifetimes).
But it mentions nothing about dropping Arcs, which triggers unsoundness in MIRI:
#![feature(get_mut_unchecked)]
use std::sync::Arc;
fn main() { let mut x = Arc::new(0); let y = x.clone(); let x_ref = unsafe { Arc::get_mut_unchecked(&mut x) }; // Create unchecked reference. drop(y); // Drop a different Arc pointing to the same value while reference exists. *x_ref = 42; // Use unchecked reference. }
error: Undefined Behavior: attempting a write access using <1715> at alloc838[0x10], but that tag does not exist in the borrow stack for this location --> src/main.rs:10:5 | 10 | *x_ref = 42; | ^^^^^^^^^^^ | | | attempting a write access using <1715> at alloc838[0x10], but that tag does not exist in the borrow stack for this location | this error occurs as part of an access at alloc838[0x10..0x14] | = help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental = help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information help: <1715> was created by a Unique retag at offsets [0x10..0x14] --> src/main.rs:8:26 | 8 | let x_ref = unsafe { Arc::get_mut_unchecked(&mut x) }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: <1715> was later invalidated at offsets [0x0..0x18] by a SharedReadOnly retag --> src/main.rs:9:5 | 9 | drop(y); | ^^^^^^^