secure const and

Fawzi Mohamed fmohamed at mac.com
Sun Apr 6 05:06:27 PDT 2008


I have tried to move part of this argument to the wiki.
I have created a page at

  http://www.prowiki.org/wiki4d/wiki.cgi?TransitiveConst

feel free to add to it.

My main point is that I like Stevens proposal, but I think it should be 
seen as a hole to implement *secure* relaxations of the const concept, 
and so it should be clearly marked as a hole not to be used unless 
absolutely needed (and that will be in low level libraries).

The secure abstractions are secure enough to be allowed also in pure 
functions and invariant data structures, without breaking anything 
(only extension 2 adds a constraint more to the optimizations allowed, 
namely that copied data should be synchronized, but as I describe it 
still a very well behaved extension).

So I want that even pure functions have access to these mutable parts 
of the object, and if something bad happens the fault is obviously the 
fault of the programmer that used the hole in const in a bad way.
This will make pure function more flexible, faster, and more likely to 
be written and used, something from which everybody should profit.

I think that I identified all reasonable use of mutable state in a 
const object, if you think I missed something, please add it.

As I say in the wiki also haskell (a language that considers 
provability quite important) has an uncontrolled hole (unsafePerformIO) 
that *is* used in special cases and it is the responsibility of the 
coder to make sure that it is used correctly. Also the monads laws are 
not verified by the compiler, it is just assumed that the implementor 
wrote them correctly.

Fawzi




More information about the Digitalmars-d mailing list