Could `Unalign::update` cause issues for types that are aware of their memory location? Is this a soundness hole?

[joshlf]

Rust doesn't allow the following code:

#[derive(Copy, Clone)]
#[repr(C, packed)]
struct Unalign<T>(T);

It won't emit a Clone impl - instead, you have to write it yourself, using a T: Copy bound. It occurred to me that they could use the same trick we use in Unalign::update, using ptr::read to move to the stack, calling clone on the now-aligned value, and then mem::forgeting the copy. That would not play nicely with interior mutability (not a problem for us - Unalign::update takes a &mut self), but I realized that it also might cause problems if you have a type whose semantics include its memory location. This could be for soundness reasons (e.g., pinned types) or for safety reasons (user-defined invariants).

Need to think through this more to figure out whether Unalign::update is actually unsound.

cc @djkoloski since you reviewed that PR and might have thoughts

[djkoloski]

You don't have to worry. For types that may be self-referential or otherwise immovable, there is a burden on the type itself to never allow a T to be produced (or &mut T to be produced in a situation where the user is allowed to move the value). You can confidently say that immovable values must always be located behind a Pin, and values that are not behind a Pin are not immovable. Unless you have a special way to call methods on Pin<&mut Unalign> to get an &mut or something like that, you probably don't have to worry about immovable types.

[joshlf]

Sounds good, thanks for the insight!