Why does nobody seem to think that `null` is a serious problem in D?

[Tony]

On Saturday, 1 December 2018 at 19:02:54 UTC, H. S. Teoh wrote:

>
> But that's precisely the problem. It's not always possible to 
> tell whether a variable has been initialized. E.g.:

To me, the possibility of a "false positive" doesn't preclude the 
use of a warning unless that possibility is large. Besides using 
a compiler option or pragma to get rid of it, the warning also 
goes away if you assign NULL or (X *) 0. Surprisingly, clang (gcc 
6.3 does not give the warning) is not smart enough to then issue 
a "possibly dereferencing null pointer" warning.

>
> Therefore, leaving it up to the compiler to detect 
> uninitialized variables is unreliable, and therefore any code 
> that depends on this cannot be trusted. Code like the above 
> could be exploited by a sufficiently sophisticated hack to make 
> the uninitialized value of p coincide with something that will 
> open a security hole, and the compiler would not be able to 
> reliably warn the programmer of this problem.

I don't know that "leaving it up to the compiler" is a correct 
characterization. I don't see the programmer doing anything 
different with the warning capability in the compiler than if it 
wasn't there. In either case, the programmer will attempt to 
supply values to all the variables they have declared and are 
intending to use, and in the correct order.