From 40e07cda43cb4f7aca7a09aee70fc626306bf4aa Mon Sep 17 00:00:00 2001
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Thu, 14 Nov 2024 13:53:52 +0000
Subject: [PATCH] wip

---
 src/lib.rs | 74 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 73 insertions(+), 1 deletion(-)

diff --git a/src/lib.rs b/src/lib.rs
index b93cf3f..24b6fe1 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -1,3 +1,75 @@
+
+// Not Clone or Copy
+pub struct NoAlias {
+    _unsafe_to_construct: (),
+}
+
+#[derive(Copy)]
+pub struct Ptr<T> {
+    // invariant over T
+    ptr: NonZero<T>,
+}
+
+impl<T> Ptr<T> {
+    pub fn new(t: T) -> Self { .. }
+
+    /// SAFETY
+    ///
+    /// All copies of the returned `Ptr` become invalid
+    /// when the borrow of `t` ends.
+    /// No-one must use them after that.
+    ///
+    /// You must not call `deallocate` on the return value.
+    pub unsafe fn new_stack<'t>(
+        t: Pin<&'t mut T>,
+    ) -> Self { .. }
+
+    pub fn ref_(self, g: &'a NoAlias) -> &'a T { .. }
+
+    pub fn mut_(self, g: &'a NoAlias) -> &'a mut T {
+        // SAFETY
+        //
+        // 1. 
+        ..
+    }
+
+    /// # SAFETY
+    ///
+    /// All copies of `self` will be invalidated.
+    ///
+    /// So either no copies may exist any longer,
+    /// or it is your responsibility to ensure
+    /// that none of them will be used.
+    ///
+    /// ("used" means passed to any method in this library).
+    ///
+    /// (The compiler will check that no borrows
+    pub unsafe fn free<'g: 'a>(self, : &'g mut NoAlias) { .. }
+}
+
+impl NoAlias {
+    /// # SAFETY
+    ///
+    /// You must ensure that there is only ever one
+    /// `NoAlias` within the whole program.
+    pub unsafe fn new() -> Self { .. }
+
+    pub fn scope(f: impl FnOnce(&mut NoAlias) -> R) -> R {
+        /// SAFETY
+        ///
+        /// `f` doesn't control the lifetime -
+        /// as far as it's concerned, is independent from any other
+        /// So it can't mix up *this* NoAlias with any other.
+        let g = unsafe { NoAlias::new() };
+        f(g)
+    }
+    
+    pub fn multi_ref<'aa>(
+        &'aa mut self,
+        ref_: [
+
+    pub fn multi<'aa: 'a>(self, arena: &'aa mut NoAlias) -> &mut  { .. }
+
 pub fn add(left: u64, right: u64) -> u64 {
     left + right
 }
@@ -7,7 +79,7 @@ mod tests {
     use super::*;
 
     #[test]
-    fn it_works() {
+    fn 
         let result = add(2, 2);
         assert_eq!(result, 4);
     }
-- 
2.30.2