Memory safe violation by abusing `__private_get_type_id__`

[Qwaz]

I noticed that it is possible to cause type confusion in downcast by manually implementing __private_get_type_id__.

https://play.rust-lang.org/?version=stable&mode=debug&edition=2018&gist=ad66fe439660eb8373996bfd6bd7a835

Although the name of the function clearly shows that it is a private API, I believe a safe Rust program should not violate the memory safety guaranteed by Rust type system.

[Qwaz]

Actually, the bug here looks very similar to what happened to the standard library: https://rustsec.org/advisories/CVE-2019-12083.html