Nondeterminism as an effect #3094
Comments
|
Nondeterministic computations obviously introduce nondeterminism too, such as in Also, |
|
do we have a random number generator that uses global state? I didn't know we had one, but I'd consider that to be IO ;) |
|
Oh, right. Yeah, just imagine that |
|
Ah... interesting... I've sort of started to audit the library for sources of non-determinism (aka ambient authority). Ideally, libraries would have none; only programs would. If I can achieve this with [forbid...], then that's certainly a start. I'll have to look into it some more... |
|
Hash tables have unique random keys for the hashing algorithm which determines the order of the key-value pairs. That's going to be a big barrier to implementing anything like this. |
|
Ah. Right. Back when I saw the hashtable DOS issue, I asked whether E is vulnerable and learned that its hash tables carry an array of the keys (in the order that they were added or something) in order to iterate over them deterministically. I wonder how much of the rust community would consider this cost-effective. |
|
They can't contain an array of the keys without using I don't think it would be acceptable to increase the size of hash tables by ~50% for an array though since there are other map types available without that property ( There will eventually be a linked hash table type that provides iteration in the order the keys were inserted, but regular hash tables will be much more widely used in the rest of the standard library. |
|
One way to approach this would be to implement a Kahn process network on top of tasks/pipes and thereby get determinism. It would consist of some number of independent tasks, only communicating with each other over pipes. You'd want to launch all the tasks together at the start, and have all the pipes be open the whole time, so that a |
|
Visiting for triage; carry on. |
|
Triage bump. |
|
Triage bump |
|
A proposal for an effects system and the specific effects would need to go through the RFC process. This issue isn't actionable because it would need to go through an RFC even if fully implemented. |
Replace `.unwrap_or` with `.map_or` in few places
add some float tests Fixes rust-lang/miri#2649
add some float tests Fixes rust-lang/miri#2649
@eholk and I theorise that 'safe' Rust, for not having mutable shared state, currently has two methods for causing nondeterminism -
select/fail(failis basically isomorphic toselectin terms of semantics, though implemented differently under the hood), and I/O.It would be really, really slick if we could prove that one-to-one message-passing is deterministic, and then, pending an effect system, could label all relevant library functions with
#[effect(nondeterminism)]. Enterprising users could then#[forbid]it, and be off to... well, NOT be off to the races.The text was updated successfully, but these errors were encountered: