shared - i need it to be useful

Simen Kjærås simen.kjaras at gmail.com
Sun Oct 21 14:15:34 UTC 2018


On Sunday, 21 October 2018 at 09:50:09 UTC, Walter Bright wrote:
> On 10/20/2018 11:24 AM, Manu wrote:
>> This is an unfair dismissal.
>
> It has nothing at all to do with fairness. It is about what the 
> type system guarantees in @safe code. To repeat, the current 
> type system guarantees in @safe code that T* and shared(T)* do 
> not point to the same memory location.
>
> Does your proposal maintain that or not? It's a binary question.

No. Instead, it proposes something more useful: once cast to 
shared(T)*, only thread-safe operations may be performed on it.


> > int* a;
> > shared(int)* b = a;
>
> This is not safe.

Under MP, this is perfectly safe - you can do nothing with a 
shared(int)*, except call un- at safe, non-thread-safe functions on 
it, which will *fail to compile* under @safe.


> ---- Manu's Proposal ---
> @safe:
> int i;
> int* a = &i;
> StartNewThread(a); // Compiles! Coder has no idea!
>
> ... in the new thread ...
> void StartOfNewThread(shared(int)* b) {
>
>     ... we have two threads accessing 'i',
>     one thinks it is shared, the other unshared,
>     and StartOfNewThread() has no idea and anyone
>     writing code for StartOfNewThread() has no way
>     to know anything is wrong ...
>
>     lockedIncrement(b);  // Data Race!
> }

Someone's messed up if they've marked lockedIncrement @safe - 
under MP, it shouldn't be. lockedIncrement is a very low-level 
piece of functionality, and should be @system. It also shouldn't 
take a shared(int)*, but a int*, forcing an unsafe cast and 
making it obvious the code is un at safe.

--
   Simen


More information about the Digitalmars-d mailing list