Prime sieve language race
Petar
Petar
Thu Jul 15 12:35:29 UTC 2021
On Wednesday, 14 July 2021 at 19:10:55 UTC, Sebastiaan Koppe
wrote:
> On Wednesday, 14 July 2021 at 12:08:29 UTC, ag0aep6g wrote:
>> On 14.07.21 09:08, Sebastiaan Koppe wrote:
>>> Why can't non-threadsafe functions be @safe? Because it might
>>> corrupt memory?
>>>
>>> On a static function that is probably the right thing to do.
>>> But what about with a member function? I would argue it isn't.
>>
>> You would argue that a function that might corrupt memory
>> should be @trusted when it's a member function?
>
> Because member functions are harder to call from multiple
> threads than static functions are. For one, you will have to
> get the object on two threads first. Most functions that do
> that require a shared object, which requires a diligent
> programmer to do the casting.
While in terms of program design, encapsulation is very related
to safety (as it allows to hide unsafe interfaces that may
violate program invariants), from a D language point of view,
they're completely orthogonal concepts.
An argument, can only be made in favor of allowing `@trusted`
nested functions with non-`@safe` interface (which have the
strongest form of encapsulation, just by means of lexical
scoping) when they improve readability considerably compared to
IIFE (@trusted lambda idiom).
The problem with `std.stdio : std{in,out,err}` is they ought to
be defined (conceptually) as `shared Atomic!File`, where `File`
is essentially a wrapper around `SharedPtr!FileState` (and
`SharedPtr` does atomic ref-counting, if it's `shared`) and until
then, they shouldn't be `@trusted`, unless the program is
single-threaded.
More information about the Digitalmars-d
mailing list