On 5/31/14 10:36 AM, Tommi wrote:
It certainly feels like a failure of the Rust type system that you cannot have multiple mutating references to the same variable when the variable is accessed only from a single thread. I know the reason for this is to prevent iterator invalidation, but this is too blunt of an instrument.
No. Iterator invalidation is not the only reason.
Iterator invalidation (as it's known in C++) is a risk to memory safety only when some of the memory that is accessible through an iterator (or a reference) is deallocated. A better type system would make a distinction between those expressions that may deallocate and those that cannot. Then, when multiple mutating references pointed to the same variable, the compiler would disallow only the use of the potentially deallocating expressions through those references.
Again, this is wrong. Iterator invalidation is the way I like to explain the rule, but it is by no means the only thing that can go wrong if you have two &mut references to the same location. If you have two &mut pointers to the same memory address, it is quite easy to write cast::transmute in safe code without any iterators or memory being deallocated at all.
Patrick _______________________________________________ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev
