Now, if the intent is to get even idiots and LLMs to write "safe" code, then the language needs to be designed from the get go for those who otherwise would be sitting in a quiet corner stuffing crayons up their nostrils and eating white glue.
I'm not interested in those. Given the choice between dangerous-but-unlimited and safe-but-limited, I always choose the first one, because I can do "safe" myself. Again, the large majority of existing C code is crappy not because C itself is crappy, but because the majority of C users are not interested in writing non-crappy code. One can write robust, safe code even in PHP (gasp!), although it does require some configuration settings to be set to non-insane values.
Yeah, how dare you? You're a memory safety denier.
Joking aside, there
are use cases for domain-specific and general purpose scripting languages like Lua and Python and JavaScript, that can be embedded in a "native" application or service, and let nontechnical users specify business logic or UI elements and actions in a "safe" manner.
I'm personally happy to provide for them, and embed whatever interpreter they prefer; I like such designs, actually. I'm just not interested in limiting myself to working with such programming languages only. What I want, is maximal compile-time verification without runtime overhead.
For those familiar with Fortran 95 and later, it is interesting to consider its array implementation. Essentially every array is passed as a triplet (
origin,
stride,
count), which allows all regular linear slice operations to work without having to copy data. There is no reason one could not implement the same in C. In fact, I've mentioned a tiny variable-size vector-matrix library I created, where matrices and vectors are just views to arbitrary data –– lots of aliasing here! –– which relies on the same. For matrix element
r,
c, the offset relative to data origin is
r*rowstride+
c*colstride. This allows one to have a matrix, and separately a vector of its diagonal or off-diagonal elements. On desktop-class machines, the extra multiplication per element access is basically irrelevant, and for array scanning, it converts to additive (signed) constants anyway. Any kind of mirrored or transposed view is just a modification of the strides and data origin. As each vector is one-dimensional with a number of elements, and each matrix has the number of rows and columns it contains, runtime bounds checking is lightweight (two unsigned comparisons).
For object-oriented dynamically typed memory-safe language, use JavaScript. The current JIT compilers generate surprisingly effective code, but it isn't something you want to run on say a microcontroller. Unless compiled to some byte-code representation, although they tend to be stack-based and not register-based like AVRs and ARM Cortex-M cores are.
I start from assuming this world and its inhabitants.
I start by claiming that it is impossible to create a world safe for all humans, and yet have any kind of free will or choice. Instead, I want to maximize the
options each individual has. That includes tools that help, but do not enforce, with things like memory safety.
I would like to live in A Better World, but so far I haven't succeeded.
I do not, because I cannot define exactly what a Better World would be, without modifying humans. (And that would be tyranny by definition.)
I am suggesting making incremental changes, with minimal disruption, so that programmers could apply the existing tools more effectively.
(Here, to apply compile-time bounds checking to all array accesses, after modifying the code to use array notation instead of pointer notation.)
You seem to suggest scratching everything we have, and replacing it with something
new, that fixes all known problems at once. History shows that that rarely works, and usually leads to chaos and suffering. It has worked when the new has been a voluntary option, and the marketplace of human endeavours has preferred it, but even then, they just have replaced the old set of problems with new ones.
Therefore, the world of software not being A Better World is a social problem and not a technical one.
An incremental change for the better has better chances of affecting a Change towards Better, because it requires minimal effort from those using the language to adopt the new features. If the results have an competitive edge, then programmers will do it; otherwise they do not. Again, a social conundrum, not a technical one. Yet, the smaller the change, the smaller the social nudge needed.
I hope you are not suggesting to
force a specific technical solution onto everyone? You'll have better luck becoming the Emperor of Earth than succeeding with that, I think. That kind of dreaming belongs in "What If?" fiction, not in any kind of technical discussion.