Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Attempt to explain that &mut cannot alias #1198

Closed
wants to merge 1 commit into from
Closed

Attempt to explain that &mut cannot alias #1198

wants to merge 1 commit into from

Conversation

XrXr
Copy link
Contributor

@XrXr XrXr commented Apr 22, 2022
edited
Loading

This is a clumsy attempt at making the "&mut is an exclusive
reference" part of the aliasing rule more discoverable. I feel like this
is an inherent property of the type so I was surprised to not find that
information here. This is echoing parts of the docs for UnsafeCell and
ptr::as_mut, so another place where a newcomer could potentially get
this info.

I think it's easy for learners to assume that &mut can alias since
many popular languages have comparatively lax aliasing rules.

Do you also think adding this here make sense? Maybe I only think so because I've been thinking about this recently.

@XrXr
Attempt to explain that &mut cannot alias
a739420 
This is a clumsy attempt at making the "`&mut` is an exclusive
reference" part of the aliasing rule more discoverable. I feel like this
is an inherent property of the type so I was surprised to not find that
information here. This is echoing parts of the docs for [UnsafeCell] and
[ptr::as_mut], so another place where a newcomer could potentially get
this info.

I think it's easy for learners to assume that `&mut` can alias since
many popular languages have comparatively lax aliasing rules.

[UnsafeCell]: https://doc.rust-lang.org/stable/std/cell/struct.UnsafeCell.html
[ptr::as_mut]: https://doc.rust-lang.org/std/primitive.pointer.html#method.as_mut-1
@XrXr
Copy link
Contributor Author

XrXr commented Apr 28, 2022

So I just saw rust-lang/unsafe-code-guidelines#133 and realized that the way I'm explaining this is maybe too restrictive. What I wanted to do is to add another place where people can discover the current rules, even though not everything is worked out at the moment.

Maybe the reference is not a good place to raise awareness about Stacked Borrows so I'm closing this. I'll point people at other pieces of documentation scattered around that hint that the current aliasing rules.

@XrXr XrXr closed this Apr 28, 2022
@XrXr XrXr deleted the mut-ref-aliasing branch April 28, 2022 17:55
@Havvy
Copy link
Contributor

Havvy commented Apr 29, 2022

Stacked borrows is implemented in miri, but rustc is more permissive than it. The actual rules aren't really well known (and I think they're inconsistent in the same way that clang's is), but stacked borrows is a set of rules that works on top of it. And then there's Ganka's "quit transmuting integers to pointers" thing on top of that that miri now has a flag to run under as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@XrXr @Havvy