On Wed, Mar 27, 2024 at 03:41:16PM -0400, Kent Overstreet wrote: > On Wed, Mar 27, 2024 at 12:07:26PM -0700, Linus Torvalds wrote: > > On Wed, 27 Mar 2024 at 11:51, Kent Overstreet <kent.overstreet@xxxxxxxxx> wrote: > > > > > > On Wed, Mar 27, 2024 at 09:16:09AM -0700, comex wrote: > > > > Meanwhile, Rust intentionally lacks strict aliasing. > > > > > > I wasn't aware of this. Given that unrestricted pointers are a real > > > impediment to compiler optimization, I thought that with Rust we were > > > finally starting to nail down a concrete enough memory model to tackle > > > this safely. But I guess not? > > > > Strict aliasing is a *horrible* mistake. > > > > It's not even *remotely* "tackle this safely". It's the exact > > opposite. It's completely broken. > > > > Anybody who thinks strict aliasing is a good idea either > > > > (a) doesn't understand what it means > > > > (b) has been brainwashed by incompetent compiler people. > > > > it's a horrendous crock that was introduced by people who thought it > > was too complicated to write out "restrict" keywords, and that thought > > that "let's break old working programs and make it harder to write new > > programs" was a good idea. > > Strict aliasing is crap in C and C++ because we started out with > unrestricetd pointers, and it just doesn't work in C and C++ with the > realities of the kind of code we have to write, and we never got any > kind of a model that would have made it workable. Never mind trying to > graft that onto existing codebases... > > (Restrict was crap too... no scoping, nothing but a single f*cking > keyword? Who ever thought _that_ was going to work?) > > _But_: the lack of any aliasing guarantees means that writing through > any pointer can invalidate practically anything, and this is a real I don't know whether I'm 100% correct on this, but Rust has references, so things like "you have a unique reference to a part of memory, no one would touch it in the meanwhile" are represented by `&mut`, to get a `&mut` from a raw pointer, you need unsafe, where programmers can provide the reasoning of the safety of the accesses. More like "pointers can alias anyone but references cannot" to me. Regards, Boqun > problem. A lot of C programmers have stockholm syndrome when it comes to > this, we end up writing a lot of code in weirdly baroque and artificial > styles to partially work around this when we care about performance - > saving things into locals because at least the _stack_ generally can't > alias to avoid forced reloads, or passing and returning things by > reference instead of by value when that's _not the semantics we want_ > because otherwise the compiler is going to do an unnecessary copy - > again, that's fundamentally because of aliasing.
