Safety: intern::symbol::TaggedArcPtr::try_as_arc_owned is unsafe

[sam-mccall]

An audit of unsafe in ra_ap_intern found this possible issue:

rust-analyzer/crates/intern/src/symbol.rs

Lines 81 to 92 in dd9cd22

	pub(crate) fn try_as_arc_owned(self) -> Option<ManuallyDrop<Arc<Box<str>>>> {
	// Unpack the tag from the alignment niche
	let tag = Strict::addr(self.packed.as_ptr()) & Self::BOOL_BITS;
	if tag != 0 {
	// Safety: We checked that the tag is non-zero -> true, so we are pointing to the data offset of an `Arc`
	Some(ManuallyDrop::new(unsafe {
	Arc::from_raw(self.pointer().as_ptr().cast::<Box<str>>())
	}))
	} else {
	None
	}
	}

This must be unsafe, because the safety invariants of ManuallyDrop permit patterns that would be unsound, like calling try_as_arc_owned twice on the same TaggedArcPtr and invoking ManuallyDrop::drop or ::take on both of those two separate ManuallyDrop values, easily producing a use-after-free.

This is a non-blocking issue because it is an internal-only interface which is used correctly.

This doesn't prevent our use of rust-analyzer, but I'm sharing it here in case you agree and want to clarify the safety in the code.

[ChayimFriedman2]

As said, this method is pub(crate), so it doesn't have to be unsafe. Still this would be an improvement, and I think a PR will be fine.