On Sunday, 21 October 2018 at 09:50:09 UTC, Walter Bright wrote:
---- Manu's Proposal ---
@safe:
int i;
int* a = &i;
StartNewThread(a); // Compiles! Coder has no idea!
... in the new thread ...
void StartOfNewThread(shared(int)* b) {
... we have two threads accessing 'i',
one thinks it is shared, the other unshared,
and StartOfNewThread() has no idea and anyone
writing code for StartOfNewThread() has no way
to know anything is wrong ...
lockedIncrement(b); // Data Race!
No, does not compile, lockedIncrement takes an int*
Error cannot convert shared(int)* to int*
Your proposal means that the person writing the
lockedIncrement(), which is a perfectly reasonable thing to do,
Indeed.
simply cannot write it in a way that has a @safe interface,
because the person writing the lockedIncrement() library
function has no way to know that the data it receives is
actually unshared data.
It does, it takes an int* which is not implicitly convertible to
given an shared(int)*
I.e. @trusted code is obliged to proved a safe interface.
Yes.
Your proposal makes that impossible because the compiler would
allow unshared data to be implicitly typed as shared.
Yes, but not the other way around.