Head Const

Marc Schütz via Digitalmars-d digitalmars-d at puremagic.com
Wed Feb 17 10:54:54 PST 2016


On Wednesday, 17 February 2016 at 02:51:06 UTC, Walter Bright 
wrote:
> On 2/16/2016 11:29 AM, Marc Schütz wrote:
>> For example, it's always possible to use a global mutable 
>> associative array to
>> store additional data connected with an immutable or const 
>> object (ignoring
>> purity issues for the moment). That's safe because from the 
>> outside, there's no
>> observable change to the state of the object itself, and the 
>> global AA's type
>> (shared/thread-local) prevents race conditions.
>
> The trouble with that is you're relying on the programmer to 
> ensure correctness. It'll revert D to C++ "trust the 
> programmer" semantics.

Are you referring to the quoted passage, or my DIP? If the 
latter, please note that it was initially written for a different 
purpose. Operations with @mutables will be @system, which is our 
usual way to deal with situations in which the programmer has to 
ensure correctness. The unsafe (@trusted) part is very small and 
well encapsulated, the unsafety doesn't leak.

>
> Furthermore, with the current mechanical guarantee of 
> immutability, it opens up the possibility of relying on such 
> beyond merely observable behavior - such as immutable data 
> being placed in ROM, or special GC semantics.

That's already covered in the DIP, see my reply to Dicebot.


More information about the Digitalmars-d mailing list