On Sunday, 21 October 2018 at 09:04:34 UTC, Walter Bright wrote:
On 10/20/2018 11:30 AM, Manu wrote:
You can write an invalid program in any imaginable number of
ways;
that's just not an interesting discussion.
What we're discussing is not an invalid program, but what
guarantees the type system can provide.
D's current type system guarantees that a T* and a shared(T)*
do not point to the same memory location in @safe code.
To get them to point to the same memory location, you've got to
dip into @system code, where *you* become responsible for
maintaining the guarantees.
The only difference between this and Manu's proposal is when you
need to dip into @system code - in MP it's perfectly fine for the
pointers to be equal, but when you want to read from or write to
the address, you'll need to use @system. In other words, the dip
into @system happens deeper in the codebase, meaning more code
can be @safe.
--
Simen
