(plf.inf.ethz.ch)

574 points zdw | 1 comments | 09 Jul 25 14:40 UTC | HN request time: 0.305s | source

Show context

fuhsnn ◴[09 Jul 25 16:35 UTC] No.44512042[source]▶

I wonder if Rust or future PL would evolve into allowing multiple borrow checker implementations with varying characteristics (compile speed, runtime speed, algorithm flexibility, etc.) that projects can choose from.

replies(9): >>44512293 #>>44512361 #>>44512426 #>>44512597 #>>44512841 #>>44513554 #>>44513949 #>>44516880 #>>44516995 #

Ericson2314 ◴[09 Jul 25 19:33 UTC] No.44513949[source]▶

>>44512042 #

What you actually want is the underlying separation logic, so you can precisely specify function preconditions and prove mid-function conditions, and the the optomizer can take all those "lemmas" and go hog-wiled, right up to but not past what is allowed by the explicitly stated invariants.

"Rust", in this context, is "merely" "the usual invariants that people want" and "a suite of optimizations that assume those usual invariants, but not more or less".

replies(1): >>44517572 #

creata ◴[10 Jul 25 05:28 UTC] No.44517572[source]▶

>>44513949 #

Can you help me understand your comment with a simple example? Take slice::split_at and slice::split_at_mut:

    fn split_at(&self, mid: usize) -> (&[T], &[T])
    fn split_at_mut(&mut self, mid: usize) -> (&mut [T], &mut [T])

What might their triples look like in separation logic?

replies(2): >>44518278 #>>44523002 #

1. ralfj ◴[10 Jul 25 07:27 UTC] No.44518278[source]▶

>>44517572 #

The long answer to this question can be found in https://research.ralfj.de/thesis.html. :)

↑

Tree Borrows