DIP1000 observation
Donald Charles Allen
donaldcallen at gmail.com
Mon Sep 2 13:05:54 UTC 2024
On Monday, 2 September 2024 at 09:48:44 UTC, Nick Treleaven wrote:
> On Sunday, 1 September 2024 at 20:42:14 UTC, Donald Charles
> Allen wrote:
>> But it makes no sense to me to try to turn D into Rust,
>> because you don't have the luxury of starting with a blank
>> sheet of paper as the Rust project did. D's multiple
>> memory-management methods, some inherited from C, make it
>> inherently memory-unsafe, so trying to provide memory-safety
>> guarantees is very difficult and will almost certainly make a
>> mess of the language. Section 20.24 says to me that a start
>> has been made on that mess.
>
> Safe Rust is too restrictive about mutability.
> DIP1000 is about extending the amount of code that can be
> @safe. DIP1000 removes restrictions.
>
>> I think the D project should focus on increasing the distance
>> between D and C/C++ and forget about competing with Rust.
>> Those who want guaranteed memory-safety are likely to just use
>> Rust.
>
> D supports GC, so heap allocation does not have to restrict
> safe operations. DIP1000 shows you can often use safe pointers
> to stack memory without Rust's mutability restrictions.
While I think it is beside the point, I agree with you about
Rust's mutability restrictions. They assume everything you write
is multi-threaded. There is no way, other than using "unsafe", to
say to the compiler "just relax -- this code is single-threaded".
What Rust does or does not do is not relevant to turning D into a
language that is incomprehensible except to lawyers, which is
what appears to be happening.
More information about the Digitalmars-d
mailing list