Replace_with RFC

nikomatsakis · 2016-10-25T17:59:01.956Z

I just want to bring this RFC to the attention of people interested in the unsafe code guidelines:

github.com/rust-lang/rfcs

RFC: `core::mem::replace_with` for temporarily moving out of ownership.

by ticki on 10:15AM - 01 Sep 16

2 commits changed 1 files with 115 additions and 0 deletions.

As the comments towards the end suggest, this RFC is of interest to unsafe code authors:

https://github.com/rust-lang/rfcs/pull/1736#issuecomment-255488882
https://github.com/rust-lang/rfcs/pull/1736#issuecomment-255596342
https://github.com/rust-lang/rfcs/pull/1736#issuecomment-256111097

arielb1 · 2016-10-25T19:47:24.902Z

Being able to get a T from a &mut T is more of a safety-proof/type-system issue than a memory model issue - I don’t think that “safe” uses of mem::replace_with would be UB in any model.

RalfJung · 2016-10-26T07:15:59.230Z

Well, quite some of our discussions about UB end up asking the question when and where the compiler can “trust types”. To answer that question, we have to figure out what types like &mut T “mean”, which brings us squarely into issues of type-system interpretation.

nikomatsakis · 2016-10-26T08:24:13.404Z

I don’t think that the unsafe code guidelines are only about UB. They are also about putting limits on what other safe/unsafe code may be doing, so you can know if your supposedly “safe” interface is truly safe.

nikomatsakis · 2019-03-25T08:27:13.316Z

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.