Warn when casting & to *mut when &mut is available.

[Ryman]

Warn when casting from & to *mut whenever it's possible to use &mut. I don't think this is UB currently but it still seems a bit too handwavey for unsafe code.

let owned_value = ...; // could be a mut binding

// suspect - have to inspect related code to see if there's credit to this assertion
let ptr = &owned_value as *const _ as *mut i8;

// clearer - proves minor ownership truths at this point
let ptr = &mut owned_value as *mut _ as *mut i8;

[mcarton]

as allows to go from *const _ to *mut _ just like that? Come on Rust! Even C++ does not.

[Manishearth]

Const vs mut in raw pointers is really just a lint. Once you have a raw pointer Rust's model is to not expect it to be valid 😄

plus casting is nicer than requiring transmute, which would mean that an additional extra & in the type could mess things up.

[DemiMarie]

Actually, I think that this lint should be unconditional (and deny-by-default). Mutating a *mut obtained via casting an & will be undefined behavior, if it is not already. It certainly will be if the object is already immutably borrowed and that borrow is read from.

[Manishearth]

will be undefined behavior, if it is not already.

It isn't. In most situations it can be, but not all of them. It is possible to do it safely, and you may end up doing it often in FFI code.

[llogiq]

Probably, but if you disable that lint you deserve everything you bring upon yourself...