Re: [PATCH v7 7/7] rust: enable `clippy::ref_as_ptr` lint

From: Tamir Duberstein
Date: Wed Mar 26 2025 - 18:10:18 EST

Next message: Falcon, Thomas: "Re: [PATCH v3 00/35] GNR retirement latencies, topic and metric updates"
Previous message: Ruslan Piasetskyi: "[PATCH] mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe"
In reply to: Benno Lossin: "Re: [PATCH v7 7/7] rust: enable `clippy::ref_as_ptr` lint"
Next in thread: Benno Lossin: "Re: [PATCH v7 7/7] rust: enable `clippy::ref_as_ptr` lint"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Mar 26, 2025 at 5:09 PM Benno Lossin <benno.lossin@xxxxxxxxx> wrote:
>
> On Wed Mar 26, 2025 at 8:06 PM CET, Tamir Duberstein wrote:
> > On Wed, Mar 26, 2025 at 1:36 PM Benno Lossin <benno.lossin@xxxxxxxxx> wrote:
> >> On Wed Mar 26, 2025 at 5:57 PM CET, Tamir Duberstein wrote:
> >> > In the current code you're looking at, yes. But in the code I have
> >> > locally I'm transmuting `[u8]` to `BStr`. See my earlier reply where I
> >> > said "Hmm, looking at this again we can just transmute ref-to-ref and
> >> > avoid pointers entirely. We're already doing that in
> >> > `CStr::from_bytes_with_nul_unchecked`".
> >>
> >> `CStr::from_bytes_with_nul_unchecked` does the transmute with
> >> references. That is a usage that the docs of `transmute` explicitly
> >> recommend to change to an `as` cast [1].
> >
> > RIght. That guidance was written in 2016
> > (https://github.com/rust-lang/rust/pull/34609) and doesn't present any
> > rationale for `as` casts being preferred to transmute. I posted a
> > comment in the most relevant issue I could find:
> > https://github.com/rust-lang/rust/issues/34249#issuecomment-2755316610.
>
> Not sure if that's the correct issue, maybe we should post one on the
> UCG (unsafe code guidelines). But before that we probably should ask on
> zulip...
>
> >> No idea about provenance still.
> >
> > Well that's not surprising, nobody was thinking about provenance in
> > 2016. But I really don't think we should blindly follow the advice in
> > this case. It doesn't make an iota of sense to me - does it make sense
> > to you?
>
> For ptr-to-int transmutes, I know that they will probably remove
> provenance, hence I am a bit cautious about using them for ptr-to-ptr or
> ref-to-ref.
>
> >> [1]: https://doc.rust-lang.org/std/mem/fn.transmute.html#alternatives
> >>
> >> >> I tried to find some existing issues about the topic and found that
> >> >> there exists a clippy lint `transmute_ptr_to_ptr`. There is an issue
> >> >> asking for a better justification [1] and it seems like nobody provided
> >> >> one there. Maybe we should ask the opsem team what happens to provenance
> >> >> when transmuting?
> >> >
> >> > Yeah, we should do this - but again: not relevant in this discussion.
> >>
> >> I think it's pretty relevant.
> >
> > It's not relevant because we're no longer talking about transmuting
> > pointer to pointer. The two options are:
> > 1. transmute reference to reference.
> > 2. coerce reference to pointer, `as` cast pointer to pointer (triggers
> > `ptr_as_ptr`), reborrow pointer to reference.
> >
> > If anyone can help me understand why (2) is better than (1), I'd
> > certainly appreciate it.
>
> I am very confident that (2) is correct. With (1) I'm not sure (see
> above), so that's why I mentioned it.

Can you help me understand why you're confident about (2) but not (1)?

Next message: Falcon, Thomas: "Re: [PATCH v3 00/35] GNR retirement latencies, topic and metric updates"
Previous message: Ruslan Piasetskyi: "[PATCH] mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe"
In reply to: Benno Lossin: "Re: [PATCH v7 7/7] rust: enable `clippy::ref_as_ptr` lint"
Next in thread: Benno Lossin: "Re: [PATCH v7 7/7] rust: enable `clippy::ref_as_ptr` lint"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]