shared - i need it to be useful

Timon Gehr timon.gehr at gmx.ch
Mon Oct 22 14:31:28 UTC 2018


On 22.10.18 16:09, Simen Kjærås wrote:
> On Monday, 22 October 2018 at 13:40:39 UTC, Timon Gehr wrote:
>> module reborked;
>> import atomic;
>>
>> void main()@safe{
>>     auto a=new Atomic!int;
>>     import std.concurrency;
>>     spawn((shared(Atomic!int)* a){ ++*a; }, a);
>>     ++a.tupleof[0];
>> }
> 
> Finally! Proof that MP is impossible. On the other hand, why the hell is 
> that @safe? It breaks all sorts of guarantees about @safety. At a 
> minimum, that should be un- at safe.
> 
> Filed in bugzilla: https://issues.dlang.org/show_bug.cgi?id=19326
> 
> -- 
>    Simen

Even if this is changed (and it probably should be), it does not fix the 
case where the @safe function is in the same module. I don't think it is 
desirable to change the definition of @trusted such that you need to 
check the entire module if it contains a single @trusted function.

If I can break safety of some (previously correct) code by editing only 
@safe code, then that's a significant blow to @safe. I think we need a 
general way to protect data from being manipulated in @safe code in any 
way, same module or not.


More information about the Digitalmars-d mailing list