Head Const
Marc Schütz via Digitalmars-d
digitalmars-d at puremagic.com
Wed Feb 17 10:54:54 PST 2016
On Wednesday, 17 February 2016 at 02:51:06 UTC, Walter Bright
wrote:
> On 2/16/2016 11:29 AM, Marc Schütz wrote:
>> For example, it's always possible to use a global mutable
>> associative array to
>> store additional data connected with an immutable or const
>> object (ignoring
>> purity issues for the moment). That's safe because from the
>> outside, there's no
>> observable change to the state of the object itself, and the
>> global AA's type
>> (shared/thread-local) prevents race conditions.
>
> The trouble with that is you're relying on the programmer to
> ensure correctness. It'll revert D to C++ "trust the
> programmer" semantics.
Are you referring to the quoted passage, or my DIP? If the
latter, please note that it was initially written for a different
purpose. Operations with @mutables will be @system, which is our
usual way to deal with situations in which the programmer has to
ensure correctness. The unsafe (@trusted) part is very small and
well encapsulated, the unsafety doesn't leak.
>
> Furthermore, with the current mechanical guarantee of
> immutability, it opens up the possibility of relying on such
> beyond merely observable behavior - such as immutable data
> being placed in ROM, or special GC semantics.
That's already covered in the DIP, see my reply to Dicebot.
More information about the Digitalmars-d
mailing list