|
|
|
|
|
|
by pcwalton
2533 days ago
|
|
|
This is a misunderstanding of how Rust's borrow check works. It is necessary for avoiding numerous memory safety issues, not just use after free. For example: let mut x: Result<i32,f32> = Ok(1);
let y = x.as_ref().unwrap();
x = Err(1.0);
println!("{}", y); // unsafe cast of float to int
This issue was first described to my knowledge by Dan Grossman in "Existential Types for Imperative Languages". The context was trying to make unions work in a safe dialect of C (Cyclone). |
|
|