RCArray is unsafe
Andrei Alexandrescu via Digitalmars-d
digitalmars-d at puremagic.com
Tue Mar 3 07:03:40 PST 2015
On 3/3/15 5:45 AM, "Marc =?UTF-8?B?U2Now7x0eiI=?= <schuetzm at gmx.net>" wrote:
> On Tuesday, 3 March 2015 at 09:05:46 UTC, Walter Bright wrote:
>> On 3/2/2015 9:58 PM, weaselcat wrote:
>>> Borrowing 'a' from a struct would make the parent struct immutable
>>> during the
>>> borrow scope of 'a', I believe.
>> Right, now consider that struct is a leaf in a complex graph of data
> Then you still cannot have more than one mutable reference to the entire
> graph. Because that is impractical, Rust uses unsafe (i.e. @trusted in D
> speak) accessors that "cast away" the ownership, but do so in a way that
> doesn't violate the guarantees.
> For example, the type system doesn't allow you to get mutable references
> to the left and right children of a binary tree node. But there can be
> an accessor method that internally does some unsafe magic to return a
> tuple with mutable references to them, annotated with the information
> that they are mutably borrowed from the node. Both child refs are
> mutable, and the parent node is inaccessible as long as they exist.
Well... the bigger problem is that it's relying on a convention. The
accessor method needs to be constructed in a particular way that's easy
to get wrong and that the compiler has no way to check for us.
More information about the Digitalmars-d