Reducing Raw Pointer Footguns: Preventing Reference Aliasing Violations at Compile Time

I think there are two reasonable possible semantics for your AliasingGuardMut. Either they are unique, or they are not.

The former case is practically identical to &'a mut T (though there is still a range of flexibility in exactly when you assert uniqueness… which even Rust’s &'a mut T has not yet decided on).

In the latter case, the guards aren’t unique, so you can’t obtain a &'a mut T from an AliasingGuardMut<'a, T> (which requires asserting uniqueness). However , you can still read and write a T from/to the pointee; so long as there’s no data races, you don’t need unique access over a T to mutate it. It’d even be fine to go all the way and make AliasableGuardMut<'a, T> Copy.

This sounds familiar… read and write a T at a given instant, but don’t obtain a &mut T or &T… prohibit multithreading… the pointee lives for 'a and the pointer is Copy… that’s just&'a Cell<T>.