| |
| Posted by Donald Charles Allen in reply to H. S. Teoh | PermalinkReply |
|
Donald Charles Allen
Posted in reply to H. S. Teoh
| >
> This analysis could have been done in compiler, transparently to the user. The user should not have to care about this. The fact that it resulted in attribute soup that almost nobody fully understands, indicates that something is wrong with its design.
I hope the powers that be on this project pay careful attention to this comment because I believe "attribute soup" is absolutely right.
In my opinion, D's strength is that it is a big *incremental* improvement over C/C++. It is not a revolutionary language like Rust. Section 20.24 of the Language Reference reads to me like an effort to somehow, desperately, contort this language into something it is not. I'm sorry, but this thing reads like a part of the US tax code or the legalese you need to agree to that appears when installing commercial software. (Any of you ever read that stuff carefully? No? I haven't either.) The mind-boggling complexity of that section is a clear indication that you are on the wrong track. I have not read DIP1000, but I get the clear impression from reading this and other threads that it is more of the same.
It is not difficult to write memory-safe code in D. I've done it. You just need to know where the bunkers are, the traps, and avoid them. A good, clear document explaining this would be a great start. I'm sure there are things that could be done in the compiler and/or dscanner that would help to warn people that they are doing something legal but dangerous.
But it makes no sense to me to try to turn D into Rust, because you don't have the luxury of starting with a blank sheet of paper as the Rust project did. D's multiple memory-management methods, some inherited from C, make it inherently memory-unsafe, so trying to provide memory-safety guarantees is very difficult and will almost certainly make a mess of the language. Section 20.24 says to me that a start has been made on that mess.
I think the D project should focus on increasing the distance between D and C/C++ and forget about competing with Rust. Those who want guaranteed memory-safety are likely to just use Rust. I would also note that Zig has gotten a lot of attention despite not having been released yet and Zig is not a memory-safe language.
|