Summary

At end of 2020, I tried to get some discussion going about how to write correct code that manages memory based on atomic counters in the memory being managed.

At this point I think the UCG WG has a good proposal: To treat the deallocation capability on the same footing as mutation capability. I.e., if the compiler (or unsafe code author) has a pointer to some memory M where a concurrent actor is allowed mutate M, then one must also allow for the possibility that the concurrent actor may deallocate M (unless of course the compiler/author has some proof or established invariant that the memory M cannot be deallocated).

Background reading

See UCG zulip and T-lang zulip and rust-lang/unsafe-code-guidelines#252

About this issue

This issue corresponds to a lang-team design meeting proposal. It corresponds
to a possible topic of discussion that may be scheduled for deeper discussion
during one of our design meetings.