Temporally safe by default
Dukc
ajieskola at gmail.com
Tue Apr 9 08:16:22 UTC 2024
On Monday, 8 April 2024 at 19:59:55 UTC, Richard (Rikki) Andrew
Cattermole wrote:
> No library features can stop it either, unless you want to
> check ref counts (which won't work cos ya know graphs).
I think you are losing sight of the big picture.
The big picture is we already have a fine safety mechanism for
majority of the cases, the garbage collector! It also just works
with graphs.
Ownership and/or reference counting are needed for some cases. I
suspect they're more important than "system programming is niche"
arguments suggest because you don't always use them for RAM
memory, but also things like [file or thread
handles](https://theartofmachinery.com/2018/12/05/gc_not_enough.html). However, managing access to other resources than RAM memory is a lot easier since you don't have to deal with the possibility of escaped pointers to the resource you're protecting, and already well supported by the present language.
What we're left with are the cases where you need to manage RAM
but the GC won't do. This is a niche area. D needs to support it
since systems programming is in it's domain, but it isn't a case
worth optimising much.
Since forever D has supported doing these by simply marking the
manual memory handling code `@system`. This is already a
reasonable standard considering how rarely you need to do it. D
where it's currently going to does better with DIP1000, `@system`
variables and move constructors, enabling, in principle, safely
doing most of what Rust can do. It's true that ref counting and
borrowing are more ergonomic to use in Rust than in D since the
language is built around those, and probably it enables doing
something safely that D doesn't.
But so what? Rust does better in a case which is far from your
worst problems in D either even if you always dabble at the low
level. If D implements a type system addition to match Rust, it
complicates the whole language but improves it only in a very
narrow case.
Also, Rust is a first-and-foremost systems programming language.
D is a hybrid systems and application programming language. What
is worthwhile for one language isn't always worthwhile for the
other.
As for "ref counting doesn't work because of graphs" - I'm not
sure, but probably this can be worked around somehow without
forcing client to use `@system` the GC. Rust manages it somehow
after all. But even if that isn't the case, it's a small corner
case that doesn't affect the big picture.
More information about the dip.ideas
mailing list