Maybe D is right about GC after all !
Paolo Invernizzi
paolo.invernizzi at gmail.com
Wed Dec 27 16:21:57 UTC 2017
On Wednesday, 27 December 2017 at 15:37:22 UTC, rjframe wrote:
> On Tue, 26 Dec 2017 14:54:14 -0800, Walter Bright wrote:
>
>> On 12/26/2017 1:03 AM, Paolo Invernizzi wrote:
>>> The point is that the presence of one @safe: line in the
>>> module can be mechanically checked, over one million devs
>>> working on a codebase.
>>>
>>> The whole point of Walter argumentation is 'mechanically'.
>>
>> That's right. C++ is based on faith in the programmer using
>> best practices. D is not based on faith, it can be
>> automatically checked.
>
>
> If the programmer opts-in to those checks... it's a +1 for
> pragmatism but does make marketing the language a bit weird --
> one-liners spawn objections to the integrity of the claim (such
> as a portion of this thread; if there are objections within the
> community, how much more will we find objections outside it!).
>
> When I hear someone talk about a memory-safe language
> (especially as a major feature), I do think memory-safe by
> default. The thing is, D does have support for memory-safety by
> default (bound-checked arrays, etc.), and allows you to opt-in
> to greater safety guarantees; but that's not what many think of
> when they think memory-safe (it doesn't really help that every
> language provides their own, slightly different, definition).
>
> And D has faith that programmers using @trusted know what
> they're doing (for both writing and calling the function).
> There is no avoiding trust in a useful language.
I prefer pragmatism over marketing all the times.
If I was a company evaluating a language, I would notice that my
safety goal can be reached right today:
- the language guarantees that pieces of written code are memory
safe.
- there are plenty of easy way to force that, during the
development process.
- there's the possibility to escape this safety net to gain
flexibility, and such part of the code can by easily searched and
peer reviewed for memory corruption problems.
That's a big, big advancement compared to the status quo (C/C++).
It's difficult for me to comprehend why a company should not take
advantage of it, if it cares about memory safety, only because
@safe is not the default: that's a really _minor_ issue, compared
to the gain of having the work done.
/Paolo
More information about the Digitalmars-d
mailing list