Open steffahn opened 1 year ago
So this is something that's planned to be 'fixed' for the 2.0 slotmap rewrite, but you can rest easy for now. Miri uses a model called 'stacked borrows' which is not something the Rust compiler follows (and I personally hope it never does in the current form). The stacked borrows model is an incredibly strict and punishing memory model that invalidates pointers which still point at perfectly valid data for (in my opinion) no good reason.
I would like to doubly emphasize that what Miri calls 'undefined behavior' here is not something that's undefined behavior in the current rustc compiler. Slotmap does in fact check that the mutable references it creates are disjoint. It is strictly undefined behavior in an experimental model that Miri's author defined themselves.
As an update this appears to pass under the other experimental Miri Tree Borrows model
$ MIRIFLAGS='-Zmiri-tree-borrows' cargo +nightly miri test
^^ doesn't report any issues
Running the doc test code, i.e.
with
I would assume that the use of
slice::get_unchecked_mut
to obtain multiple mutable references is problematic, though I haven’t fully tested that hypothesis yet. For comparison: There now also exists aslice::get_many_mut
method on nightly, and that method deliberately uses the (also still unstable) pointer variant ofget_unchecked_mut
for slices; but no worries about this method being unstable, it essentially just performs a pointer addition anyways ^^