On Fri., 19 Oct. 2018, 6:10 am Dominikus Dittes Scherkl via Digitalmars-d, < digitalmars-d@puremagic.com> wrote:
> On Friday, 19 October 2018 at 06:25:00 UTC, rikki cattermole > wrote: > > On 19/10/2018 7:09 PM, Norm wrote: > > > [0] > > https://github.com/rikkimax/DIPs/blob/shared/DIPs/DIP1xxx-RC2.md > > This document provide no reasoning about what usecases it > supports: > > Is it possible to create objects that are shared just for short > periods during their livetime and guarantee that they can be used > threadsave like Manu want it to be? > > Does it prohibit misuse any better than Manus proposal (that > requires the "Expert" to implement all theadsave API)? > No, a key misunderstanding. My proposal is @safe. The only thing an expert must do is write the few @trusted implementations that live at the very bottom of the stack. That would always be in a lib. When was the last time you rewrote std::map because you thought you could do better? The whole stack from there on up (the user stack) is safe, and you can have confidence in the @safe-ty. My goal is to make it safe, clearly communicate how a user interact with the API, and mechanically confirm that users do the right stuff. My proposal is specifically structured to not require *any* unsafe interactions at the user level. Only core machinery that is @trusted needs expert attention. I don't think it's possible to invent a proposal with a higher degree of verifiable safety.
