Avoid abusing `transmute`

src/cursor.rs

@@ -3,7 +3,7 @@ use core::ops::Deref;
 
 use smallvec::SmallVec;
 
-use crate::entry::{ItemEntry, XEntry};
+use crate::entry::{ItemEntry, ItemRef, XEntry};
 use crate::lock::XLock;
 use crate::mark::XMark;
 use crate::node::{Height, ReadOnly, ReadWrite, XNode};
@@ -197,15 +197,12 @@ impl<'a, I: ItemEntry, L: XLock, M: Into<XMark>> Cursor<'a, I, L, M> {
     ///
     /// Returns a reference to the `XEntry` at the target index if succeed.
     /// If the cursor cannot reach to the target index, the method will return `None`.
-    pub fn load(&self) -> Option<&'a I> {
+    pub fn load(&self) -> Option<ItemRef<'a, I>> {
         if let Some(entry) = self.ref_operated_entry() {
-            if entry.is_item() {
-                // SAFETY: If the XEntry is an item entry, its memory layout is guaranteed
-                // to be exactly the same as that of I.
-                return Some(unsafe { &*(entry as *const XEntry<I, L> as *const I) });
-            }
+            entry.as_item_ref()
+        } else {
+            None
         }
-        None
     }
 
     /// Traverse the XArray and move to the node that can operate the target entry.
@@ -331,7 +328,7 @@ impl<'a, I: ItemEntry, L: XLock, M: Into<XMark>> CursorMut<'a, I, L, M> {
     }
 
     /// Get a reference to current operated entry of the CursorMut.
-    fn ref_operated_entry(&self) -> Option<&XEntry<I, L>> {
+    fn ref_operated_entry(&self) -> Option<&'a XEntry<I, L>> {
         // SAFETY: The lifetime of the reference to the operated XEntry is equal to `&self`.
         // Hence when the reference existing there will not be other mutable operation in current `CursorMut`,
         // nor will there be any modification operations on the XNode where it resides.
@@ -379,15 +376,12 @@ impl<'a, I: ItemEntry, L: XLock, M: Into<XMark>> CursorMut<'a, I, L, M> {
     ///
     /// Returns a reference to the `XEntry` at the target index if succeed.
     /// If the cursor cannot reach to the target index, the method will return `None`.
-    pub fn load(&self) -> Option<&I> {
+    pub fn load(&self) -> Option<ItemRef<'a, I>> {
         if let Some(entry) = self.ref_operated_entry() {
-            if entry.is_item() {
-                // SAFETY: If the XEntry is an item entry, its memory layout is guaranteed
-                // to be exactly the same as that of I.
-                return Some(unsafe { &*(entry as *const XEntry<I, L> as *const I) });
-            }
+            entry.as_item_ref()
+        } else {
+            None
         }
-        None
     }
 
     /// Stores the provided `XEntry` in the `XArray` at the position indicated by the current cursor index.

src/entry.rs

@@ -2,6 +2,7 @@ use alloc::boxed::Box;
 use alloc::sync::Arc;
 use core::marker::PhantomData;
 use core::mem::ManuallyDrop;
+use core::ops::Deref;
 
 use crate::lock::XLock;
 use crate::node::{ReadWrite, XNode};
@@ -30,15 +31,13 @@ pub unsafe trait ItemEntry {
 
 unsafe impl<T> ItemEntry for Arc<T> {
     fn into_raw(self) -> usize {
-        // SAFETY: The Arc<T> have the same layout with a raw pointer hence the transmute is valid.
-        let raw_ptr = unsafe { core::intrinsics::transmute::<Arc<T>, *const u8>(self) };
+        let raw_ptr = Arc::into_raw(self);
         debug_assert!(raw_ptr.is_aligned_to(4));
         raw_ptr as usize
     }
 
     unsafe fn from_raw(raw: usize) -> Self {
-        let arc = core::intrinsics::transmute::<usize, Arc<T>>(raw);
-        arc
+        unsafe { Arc::from_raw(raw as *mut T) }
     }
 }
 
@@ -54,6 +53,24 @@ unsafe impl<T> ItemEntry for Box<T> {
     }
 }
 
+#[derive(PartialEq, Debug)]
+pub struct ItemRef<'a, I>
+where
+    I: ItemEntry,
+{
+    item: ManuallyDrop<I>,
+    _marker: PhantomData<&'a I>,
+}
+
+impl<'a, I: ItemEntry> Deref for ItemRef<'a, I>
+{
+    type Target = I;
+
+    fn deref(&self) -> &I {
+        &*self.item
+    }
+}
+
 /// The type stored in the head of `XArray` and the slots of `XNode`s, which is the basic unit of storage
 /// within an XArray.
 ///
@@ -119,7 +136,7 @@ impl<I: ItemEntry, L: XLock> PartialEq for XEntry<I, L> {
     }
 }
 
-impl<I: ItemEntry, L: XLock> XEntry<I, L> {
+impl<'a, I: ItemEntry, L: XLock> XEntry<I, L> {
     pub fn raw(&self) -> usize {
         self.raw
     }
@@ -168,6 +185,18 @@ impl<I: ItemEntry, L: XLock> XEntry<I, L> {
         }
     }
 
+    pub fn as_item_ref(&'a self) -> Option<ItemRef<'a, I>> {
+        if self.is_item() {
+            let item_entry = unsafe { ManuallyDrop::new(I::from_raw(self.raw)) };
+            Some(ItemRef {
+                item: item_entry,
+                _marker: PhantomData,
+            })
+        } else {
+            None
+        }
+    }
+
     pub fn from_node<Operation>(node: XNode<I, L, Operation>) -> Self {
         let node_ptr = {
             let arc_node = Arc::new(node);

src/range.rs

@@ -1,5 +1,5 @@
 use crate::cursor::Cursor;
-use crate::entry::ItemEntry;
+use crate::entry::{ItemEntry, ItemRef};
 use crate::lock::XLock;
 use crate::mark::XMark;
 
@@ -23,7 +23,7 @@ impl<'a, I: ItemEntry, L: XLock, M: Into<XMark>> Range<'a, I, L, M> {
 }
 
 impl<'a, I: ItemEntry, L: XLock, M: Into<XMark>> core::iter::Iterator for Range<'a, I, L, M> {
-    type Item = (u64, &'a I);
+    type Item = (u64, ItemRef<'a, I>);
 
     fn next(&mut self) -> Option<Self::Item> {
         loop {

src/xarray.rs

@@ -3,7 +3,7 @@ use core::marker::PhantomData;
 
 use crate::cow::Cow;
 use crate::cursor::{Cursor, CursorMut};
-use crate::entry::{ItemEntry, XEntry};
+use crate::entry::{ItemEntry, ItemRef, XEntry};
 use crate::lock::XLock;
 use crate::mark::{NoneMark, XMark};
 use crate::range::Range;
@@ -78,7 +78,7 @@ pub struct XArray<
     _marker: PhantomData<(I, M)>,
 }
 
-impl<I: ItemEntry, L: XLock, M: Into<XMark>> XArray<I, L, M> {
+impl<'a, I: ItemEntry, L: XLock, M: Into<XMark>> XArray<I, L, M> {
     /// Make a new, empty XArray.
     pub const fn new() -> Self {
         Self {
@@ -135,7 +135,7 @@ impl<I: ItemEntry, L: XLock, M: Into<XMark>> XArray<I, L, M> {
 
     /// Attempts to load the item at the target index within the `XArray`.
     /// If the target item exists, return it with `Some`, Otherwise, return `None`.
-    pub fn load(&self, index: u64) -> Option<&I> {
+    pub fn load(&'a self, index: u64) -> Option<ItemRef<'a, I>> {
         let cursor = self.cursor(index);
         cursor.load()
     }