-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
project-safe-transmute #21
Comments
|
|
2020-06-22:
|
2020-07-06:
|
2020-07-20:
|
2020-08-03: |
The draft RFC posted above is ready for review. We'd love to have final feedback before posting to the RFCs repo. The RFC is quite long, but a large part of it is motivation. If you're already convinced that safe transmute opens up a large amount of features for moving currently unsafe code to safe, then you can skip that section. We'd primarily like to review the overall path forward and whether the mechanisms proposed seem like a reasonable path. Additionally, there is a "MVP" proposal which aims to be a first step in implementing the wider vision. Please let us know if that seems reasonable too. |
2020-08-31: There has been a lot of iteration and there is now a draft RFC that is ready for lang-team review. There is a "TL;DR" summary that explains the intentions and plan. The full RFC is extremely detailed and almost tutorial-esque. Now at the point where it's time to read through it and decide whether to go forward. Lang team recommends opening the RFC on the rfcs repo. |
The RFC has been posted. 🎉 A big shout out to @jswrenn for the really well crafted RFC. Besides general feedback, I think it would be particularly interesting to get feedback on the MVP proposal as well as the stability guarantee mechanism which so far seems to be the most controversial aspect of the RFC. |
I've also written some supplementary text on why there's a stability problem in the first place: https://jack.wrenn.fyi/blog/transmutation-stability/ |
We discussed this in the lang team meeting today. @rust-lang/lang folks should look at the RFC and post comments. In particular, in addition to posting issues, please post comments if you think part or all of it looks good, so we can help set direction. |
Current status is that there is a lot of active discussion (primarily in Zulip, with summaries posted to the thread) about the precise mechanism in the RFC, with the goal of avoiding accidental transmutes between structs that couldn't have been constructed (because of non-public fields). Coming towards agreement on the what 'minimal' looks like. The "MVP" has been slimmed down from the original proposal as a result. |
Update 2020-09-21: Current status is that there is a pending RFC that lang team folks out to be reading (and others!). The RFC was recently updated based on some Zulip feedback. Might be useful to have a design meeting or other discussion about what has changed since the last round of RFC. @joshtriplett to reach out to group to see about producing a summary, as a start. |
Update 2020-10-01: The RFC feedback has settled with no new feedback in the last 6 days. @jswrenn has addressed most of the feedback, and he is currently working on modeling the transmutability rules to formalize them in order to aid in implementation as well as ensure everyone understands exactly what is being proposed. With regards to @joshtriplett's request for a summary on changes to constructability and a subsequent further trimming down of the MVP (which is the only large scale change since the RFC was posted), @jswrenn wrote the a summary There is a slight concern that we might not have yet received enough feedback from members of the lang and compiler teams. The RFC is quite long so this is perhaps to be expected, but I just wanted to raise the point. |
Update 2020-10-12 @rylev, @joshtriplett -- we discussed this a bit during 2020-10-12 and had a few questions arise in the meeting (will also post to the RFC):
@Mark-Simulacrum noted that there was some prior discussion on Zulip. |
cc @jswrenn on the above ^^ I think the design has settled enough that another sync meeting would be really helpful. Is there a date we can set that gives folks a reasonable amount of time to go over the RFC again but ensures that we make progress on getting this RFC to the next step? |
See here: rust-lang/rfcs#2981 (comment)
Agree completely! |
Update and summary of conversation:
|
Update 2020-10-26:
|
Update 2020-11-02: The controversial idea of a generic This mechanism offers less fine grained control (when compared to the previous mechanism) over declaring that a type can be stably transmuted to, but it was argued that existing patterns (such as the new type pattern) can be used if the user desires more fine grained control. Additionally, other mechanisms can be added in future RFCs that would allow users to stably permit certain transmute operations for types that don't implement The |
Jack as written up a new summary of the proposal to have it available in one place: https://hackmd.io/@jswrenn/SJmHwgdov |
Update 2021-04-06: We opened an MCP for a transmutability lang item that will serve as a foundation for further experiments in building abstractions over transmutability. I also closed the initial RFC. We'll revisit the issue of public-facing, stable APIs after we have some time to experiment. The MCP is in final comment period, and I'm looking forward to getting started on implementation. While I think I have a good sense of how to programmatically test for transmutability, I'm sure I'll have plenty of questions about how to integrate it into the compiler once I get down to it. |
Update 2021-06-29: No significant progress since the last update due to hardware failure and dissertation. I started on implementation last week, but could use some mentoring. |
Update 2021-12-01: Implementation work has accelerated thanks to @oli-obk's mentoring! I have a branch implementing a stub of the transmutability trait, just to pin down exactly where this mechanism will fit into trait selection. Meanwhile, @ezrosent did a literature review, recognized some similarities between transmutability and bisimulation, and is working on formulating an algorithm for checking transmutability. |
Update 2021-12-24: rust-lang/rust#92268 provides an initial, incomplete implementation of MCP 411: Lang Item for Transmutability! |
Summary
Figuring out how we can make safe ways to transmute.
Links
#project-safe-transmute
The text was updated successfully, but these errors were encountered: