(plf.inf.ethz.ch)

565 points zdw | 1 comments | 09 Jul 25 14:40 UTC | HN request time: 0.215s | source

Show context

wavemode ◴[09 Jul 25 15:17 UTC] No.44511091[source]▶

From the paper:

> The problem with unsafe code is that it can do things like this:

    fn main() {
        let mut x = 42;
        let ptr = &mut x as *mut i32;
        let val = unsafe { write_both(&mut *ptr, &mut *ptr) };
        println!("{val}");
    }

No it can't? Using pointers to coexist multiple mutable references to the same variable is undefined behavior. Unless I'm just misunderstanding the point they're trying to make here.

replies(6): >>44511182 #>>44511227 #>>44511321 #>>44511369 #>>44511392 #>>44512352 #

1. oconnor663 ◴[09 Jul 25 15:35 UTC] No.44511369[source]▶

>>44511091 #

You're already getting a lot of replies, and I don't want to pile on, but I think the clearest way to see the intent there is at the start of the following paragraph:

> Given that aliasing optimizations are something that the Rust compiler developers clearly want to support, we need some way of “ruling out” counterexamples like the one above from consideration.

↑

Tree Borrows