Skip to content

TB: update terminology to match paper & MiniRust #4595

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 22, 2025
Merged

TB: update terminology to match paper & MiniRust #4595

merged 2 commits into from
Sep 22, 2025

Conversation

RalfJung
Copy link
Member

No description provided.

@rustbot
Copy link
Collaborator

rustbot commented Sep 19, 2025

Thank you for contributing to Miri!
Please remember to not force-push to the PR branch except when you need to rebase due to a conflict or when the reviewer asks you for it.

@rustbot rustbot added the S-waiting-on-review Status: Waiting for a review to complete label Sep 19, 2025
RalfJung
RalfJung commented Sep 19, 2025
View reviewed changes
src/borrow_tracker/tree_borrows/tree.rs Outdated
/// For all non-accessed locations in the RangeMap (those that haven't had an
/// implicit read), their SIFA must be weaker than or as weak as the SIFA of
/// `default_perm`.
/// `default_perm`; otherwise, this will panic.
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@JoJoDeveloping I am actually a bit confused by this. The assertion looks as follows:

                assert!(
                    default_strongest_idempotent
                        >= perm.permission.strongest_idempotent_foreign_access(protected)
                );

This seems to run for all locations in initial_perms, not just the non-accessed ones. Why that?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It could be changed to the following, I think:

                assert!(
                    perm.is_accessed()
                        || default_strongest_idempotent
                            >= perm.permission.strongest_idempotent_foreign_access(protected)
                );

But the way it is currently makes it easier to reason about because the SIFA correction can be proven correct without considering the initial read.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Then we should update the comments to match, though.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of tracking this assertion all the way through, wouldn't it be easier to just compute the maximum SIFA and pass that to update_last_accessed_after_retag? I've done that now in the 2nd commit, could you take a look if that makes sense?

@RalfJung RalfJung force-pushed the tb-terms branch 3 times, most recently from 4305e61 to 9591c61 Compare September 22, 2025 07:58
RalfJung
RalfJung commented Sep 22, 2025
View reviewed changes
RalfJung
RalfJung commented Sep 22, 2025
View reviewed changes
src/borrow_tracker/tree_borrows/tree.rs Outdated
{
assert!(perm.is_initial());
max_sifa =
cmp::max(max_sifa, perm.permission.strongest_idempotent_foreign_access(protected));
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

perm.permission.strongest_idempotent_foreign_access is odd, isn't it? perm already contains a SIFA. We should just read that.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we could. If that field is wrongly initialized it is a bug anyways.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah my latest revision does that.

@JoJoDeveloping
Copy link
Contributor

Looks reasonable now.

@RalfJung
Copy link
Member Author

Thanks for taking a look!

@RalfJung RalfJung added this pull request to the merge queue Sep 22, 2025
Merged via the queue into rust-lang:master with commit 211d64c Sep 22, 2025
13 checks passed
@RalfJung RalfJung deleted the tb-terms branch September 22, 2025 12:16
@rustbot rustbot removed the S-waiting-on-review Status: Waiting for a review to complete label Sep 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
1 more reviewer

@JoJoDeveloping JoJoDeveloping JoJoDeveloping left review comments

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@RalfJung @rustbot @JoJoDeveloping