shared - i need it to be useful
Simen Kjærås
simen.kjaras at gmail.com
Sun Oct 21 14:15:34 UTC 2018
On Sunday, 21 October 2018 at 09:50:09 UTC, Walter Bright wrote:
> On 10/20/2018 11:24 AM, Manu wrote:
>> This is an unfair dismissal.
>
> It has nothing at all to do with fairness. It is about what the
> type system guarantees in @safe code. To repeat, the current
> type system guarantees in @safe code that T* and shared(T)* do
> not point to the same memory location.
>
> Does your proposal maintain that or not? It's a binary question.
No. Instead, it proposes something more useful: once cast to
shared(T)*, only thread-safe operations may be performed on it.
> > int* a;
> > shared(int)* b = a;
>
> This is not safe.
Under MP, this is perfectly safe - you can do nothing with a
shared(int)*, except call un- at safe, non-thread-safe functions on
it, which will *fail to compile* under @safe.
> ---- Manu's Proposal ---
> @safe:
> int i;
> int* a = &i;
> StartNewThread(a); // Compiles! Coder has no idea!
>
> ... in the new thread ...
> void StartOfNewThread(shared(int)* b) {
>
> ... we have two threads accessing 'i',
> one thinks it is shared, the other unshared,
> and StartOfNewThread() has no idea and anyone
> writing code for StartOfNewThread() has no way
> to know anything is wrong ...
>
> lockedIncrement(b); // Data Race!
> }
Someone's messed up if they've marked lockedIncrement @safe -
under MP, it shouldn't be. lockedIncrement is a very low-level
piece of functionality, and should be @system. It also shouldn't
take a shared(int)*, but a int*, forcing an unsafe cast and
making it obvious the code is un at safe.
--
Simen
More information about the Digitalmars-d
mailing list