Persistent list

Andrei Alexandrescu via Digitalmars-d digitalmars-d at
Tue Nov 17 06:29:52 PST 2015

On 11/17/2015 04:43 AM, Marc Sch├╝tz wrote:
> On Monday, 16 November 2015 at 14:45:35 UTC, Andrei Alexandrescu wrote:
>> The challenge is proving that a mutation is not observable. Got an
>> attack on that? -- Andrei
> Here's what I wrote a few days ago, without having read the current
> discussion, so it's not a perfect fit:
> For the case of lazy initialization, assigning a member exactly once is
> safe, if it hasn't been read and returned before. The compiler can check
> this by automatically inserting a few asserts. The rules in the DIP
> aren't completely water-tight, but they are a good approximation.
> But for members that have to be mutated several times (e.g. refcount),
> this obviously isn't useful. I think we can make this @system, thereby
> forcing implementors to write @trusted code and (hopefully) consider the
> consequences thoroughly. But the compiler can also assist with that. For
> example, it could detect whether a "privately mutable" value, or
> something depending on it, is returned from the function, and reject that.
> Maybe the implementation for the two kinds of use-cases (write once vs
> write multiple times) can be unified, too.

Thanks for the DIP, I saw it since a couple days ago. 
Dynamically-verified lazy initialization is difficult, but doesn't cover:

1. Reference count updates (as you mention)

2. The reference to the allocator is essentially a mutable part of an 
object that's otherwise constant.

So it seems to be DIP85 is solving a quite narrow problem, and one that 
doesn't address the issue at hand.


More information about the Digitalmars-d mailing list