-
Notifications
You must be signed in to change notification settings - Fork 59
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Strip noalias
from pointer derived from mutable ref
#327
Comments
Have you tried Miri with |
Ah, that makes more sense then, thanks! I'll remember to add these additional flags by default. In my real code, this ended up being a pretty significant change to rule out references throughout the entire main loop, even though only exactly one spot could possibly alias. (The alternative was a self-check, but this tanked the performance.) I am still curious about introducing ergonomics to address the asymmetry in uniqueness (given a pointer you can become Unique, but given Unique you can never become a pointer) but I will read the latest updates to the aliasing model first. |
Having a "noalias" promise in signatures like
I don't quite know what you mean here. Given There has been some talk about having a way to "opt-out" of uniqueness of mutable references in a vein similar to how |
I definitely do not mean to suggest noalias be wholesale stripped from mut references, sorry for the confusion! I think am suggesting more along the lines of #148, especially something like
is translated (for exposition) under the hood into:
And the body of the function would be none the wiser. If such a translation took place, then the following could be expressed:
And be translated under the hood into:
I am temporarily handing off my unique access to allow some other pointer to have it for a region. This translation is fake so in actuality this may just be an entirely wrong model to flesh out. (Of course, this final translation is viable as a real hand-written work around, but it's really easy to get wrong if someone accidentally inserts a |
The precedent with |
Thanks for all the info! Closing in favor of #148 re: |
Sure. :) |
Heh. :) That would be mighty convenient. Do you mean the function still accepts |
Maybe. I don't actually have anything very concrete here. But making sense of operations like |
This example is a stripped down version of a scenario I hit in a larger program. The behavior of this example changes depending on if a certain function is inlined or not:
Playground.
If the program invokes UB then it makes sense — but I think the intention in Stacked Borrows is that this is well-defined. Is that the case? I did see #86, but I'm not sure this program is quite in the same direction.
To workaround this I tried various ways of stripping provenance from the
foo
pointer, but ultimately I just had to pointer-ify most of the surrounding code until I hit an unaliased pointer base case. (Not exactly the prettiest, but fair enough!)For what it's worth, my actual initial function was more like:
And I had to pointer-ify the arguments to avoid an obvious double
&mut
scenario.More generally, it would be nice to be able to temporarily relinquish a mutable reference in exchange for an aliasable pointer; when the scope ends the mutable reference is reestablished with a noalias status from the aliasable pointer:
If the topmost snippet is UB, then something like this could provide a nice escape hatch to demote a
Unique
to aSharedReadWrite
(IIUC). But, I am unsure if this is even the appropriate direction to go for resolving such aliasing cases. Thanks!The text was updated successfully, but these errors were encountered: