lru-rs VS stable_deref_trait

For reference, the fix for https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45720 was as simple as this commit: https://github.com/jeromefroe/lru-rs/commit/ea64c8f932a45434cbc71d3843d28af7c1819864.

You didn't seem to click the commit the guy linked with the rust code https://github.com/jeromefroe/lru-rs/pull/121/commits/416a2d...

It has nothing to do with opting out. Zig, Rust and no language saves you when you write incorrect unsafe code. My original point is disqualifying c tools is misleading and everything suffers from incorrect unsafe code

To elaborate, there is a recurring trend of sound C programs turning into unsound Rust programs, because shared mutability is often necessary but Stacked Borrows places strict conditions on constructing &mut T (they invalidate some but not all aliasing *const T), and it's less ergonomic to work solely in raw pointers and avoid creating Box or long-lasting &mut T (or for intrusive collections, any &mut T at all).

For example, matklad (the author of rust-analyzer, one of the preeminent Rust programmers and someone I'd expect to get code right) made a recent blog post on "Caches In Rust" (https://matklad.github.io/2022/06/11/caches-in-rust.html). The cache is built around https://docs.rs/elsa, which is built around https://docs.rs/stable_deref_trait/latest/stable_deref_trait..., which is unsound for Box and violates stacked borrows in its current form (https://github.com/Storyyeller/stable_deref_trait/issues/15). However, the rules may be relaxed or more ergonomic alternatives added (https://github.com/rust-lang/unsafe-code-guidelines/issues/3...), it's uncertain right now.

(Also I go by "they".)

Unsafe Rust is an esoteric language without iron-clad guarantees, and type-level programming and async Rust is an esoteric metalanguage (https://hirrolot.github.io/posts/rust-is-hard-or-the-misery-...). For example, matklad made a recent blog post on "Caches In Rust" (https://matklad.github.io/2022/06/11/caches-in-rust.html). The cache is built around https://docs.rs/elsa, which is built around https://docs.rs/stable_deref_trait/latest/stable_deref_trait..., which is unsound for Box and violates stacked borrows: https://github.com/Storyyeller/stable_deref_trait/issues/15

There is a recurring trend of sound C programs turning into unsound Rust programs, because shared mutability is often necessary but it's difficult to avoid creating &mut, and Stacked Borrows places strict conditions on constructing &mut T (they invalidate some but not all aliasing *const T).

The cache is built around https://docs.rs/elsa, which is built around https://docs.rs/stable_deref_trait/latest/stable_deref_trait/trait.StableDeref.html, which is unsound for Box and violates stacked borrows: https://github.com/Storyyeller/stable_deref_trait/issues/15

StableDeref has multiple issues under the current Stacked Borrows model: https://github.com/Storyyeller/stable_deref_trait/issues/15