DIP1000: Scoped Pointers (Discussion)

[Walter Bright via Digitalmars-d]

On 8/11/2016 2:06 AM, Robert burner Schadek wrote:
> The DIP should make clear that this is wanted for a container library.
> Additionally, I miss how this DIP fits in the overall plan of getting rid of the
> GC. As long as there isn't a written masterplan how to combine those ideas I
> consider this DIP to be incomplete.
>
> I think this change is not worth it. I believe there is an inherent trade-off
> for every programming language between usability and theoretically correctness.
> And IMO this DIP is pushing D way to far in the direction of theoretically
> correctness. There are far more important things for the adoption of D, like
> making the frontend a library, shipping with multiple backends.

Without this, we cannot have reference counting that is memory safe.

10 years ago, you'd be right. But these days, with unending cases of expensive 
exploits using memory safety holes, the world has changed. Programmers are no 
longer going to accept non-safe languages. Businesses are no longer going to 
want to pay for security breaches due to pointer bugs. No responsible 
organization is going to rely on better training to not have security bugs.

D can either get ahead of the curve or be crushed by it.

I've looked for a long time for a scheme that required minimal annotations, not 
wanting to create a 'bondage and discipline' annotation language. This DIP looks 
like the best we can do. The 'return ref' feature required very few annotations 
to be able to safely compile all of Phobos 'ref' code, and this just extends 
that idea to 'return scope'.

The lack of memory safety is likely what will finally push C into obsolescence. 
C++ will require such extensive retrofit to make it memory safe that that may 
seriously blunt its use in new projects.

D absolutely must have memory safety, and ASAP.