On 07/06/2011 9:44 AM, Graydon Hoare wrote:
- Special cases patrick suggested: referent is the contents of a *single level* of "immutable box held by a uniquely-owned path", and we prove disjointness of that box address from all other visible aliases either by static disjointness (as in cases above) or, in the limit, by a shallow runtime test against any ambiguous aliases currently in scope. This is strictly to permit writing functions that by & so that they can work on boxed or unboxed varieties of the same type.
Also be careful to note: this is shallow. This test does not involve grovelling over an O(N) subgraph looking for pointer equality; it involves O(K) checks where K is the set of possible conflicting aliases in the local scope. It's shallow because it only traverses *one* shared edge, and the induction hypothesis is that the caller could only have done the same (so there's no way we'd have an alias in scope that accessed the same box via a "deep" edge we forgot we have simultaneous access to).
I.e. it permits writing *foo or *x.y.z where there are no shared edges between x and y or y and z, only between z and its referent.
If you want to alias a shared box within a shared box, you need to pull a copy of the pointer-to-the-box-you-want-to-alias aside into a local and alias that. Can use the trick you wrote yesterday: write *{a.b.c} rather than *a.b.c.
It's a compromise between "expensive runtime test" and "prohibit all aliasing of anything shared": only prohibit *deep* aliasing of anything shared.
-Graydon _______________________________________________ Rust-dev mailing list [email protected] https://mail.mozilla.org/listinfo/rust-dev
