Any should be marked unsafe

[SoniEx2]

Any should be marked unsafe as it currently relies on Rust not having specialization. While it is extremely unlikely Rust will ever have specialization, marking Any unsafe should be fully backwards-compatible, so there's no good reason not to do it, and there are some good reasons for doing it today rather than when we do get specialization. In particular, we feel it would serve good documentation purpose that Any makes some assumptions.

Anyway, it's mostly just a strong feeling we have about it. We were thinking about generic generics when we noticed Any isn't marked unsafe, while a hypothetical AnyA<'a> would probably have to be marked as unsafe.

(Hey, at least marking a trait like Any as unsafe, unlike most other cases of marking things as unsafe, should be backwards-compatible, yeah?)

[moxian]

Can you elaborate on how would Any exhibit memory unsafety in presence of specialization?

[SkiFire13]

I can't see how you could specialize/override any Any's method, even with full specialization feature:

• All the downcast methods use <dyn Any>::is which can't be specialized because it isn't a trait method.

• <dyn Any>::is internally uses Any::type_id, however you can't specialize it because it's not declared as default in the blanklet impl.

• You can't even declare other non-overlapping impls because the blanklet impl already covers all the possible impls (notice that Any has a bound on 'static).

[jonas-schievink]

This was rejected in #67562, so closing.

Even with specialization, Any would not be unsafe though, since its only impl is not specializable.

[SoniEx2]

What's wrong with showing it as an unsafe trait? Send and Sync are unsafe traits, and nobody complains about making use of them.