To be clear, what I'm proposing there is “statically enforce independence," so UB doesn't enter into it.

The very same!

The ability to say “clean THIS T-SHIRT” is not hurt one bit by banning reference semantics. The argument is that by giving up the expression of shared mutable state you get practical gain in correctness, local reasoning, and efficiency. Also that pervasive use of references very quickly lets complexity gets out of control. The modification inside the comparison function is a particularly perverse example, but the point isn't to show that references are dangerous. The point is to show how they affect our ability to accurately and simply describe a function's contract. The more complex the accurate contract is, the harder the function is to use The kinds of things that happen with signals/slots or the observer pattern are much more typical paths to this kind of loss of control with references. I often see code that's 5-10x more complicated than it needs to be, and very difficult to debug or refactor because people are using shared_ptrs liberally. It's fine if you're not convinced, of course.

@@AbrahamsDave Thank you for your reply. As you said, the problem is getting out of control. It's like: the ability of mutating state can get out of control (in classical structured programming). Solution? Ban assignments at all (what functional languages do). That's extreme. A less extreme solution is imposing restrictions: if two functions modify a same variable, they must belong to the same class, and so you are imposing a hierarchical structure on the relationship of "modifies the same variable". That is what OOP basically does in practice. Consider the case with gotos: unrestricted gotos allowed "random arrows" between any two points of code; forbidding them stucked in people (structured programming), because now flow graphs are cognitive-friendly, but with random gotos they weren't. Also, all "fine" usages of goto (those that doesn't break the hierarchical structure) survived too, continue, break, early returns and plain gotos to jump to control error blocks in C. None of them break the hierarchical structure of the control flow because the only exit blocks, so the jumps are confined in its own box. Then of course there was people that got extreme here as well and forbid all kind of jumps: the religion of single exit points that no one follows nowadays (because the actual problem is already solved with the restrictions of unrestricted gotos). The reason that "structured relationships" don't overwhelm us, regardless of how big is the program, I think it's because the brain can apply "chunking" to it: labeling chunks of the full picture with semantic ideas that are transported like a unique thing in our brain: the label/meaning. But if there's random arrows all over the place, the chunking is gone: you cannot mentally hide away the internals of a candidate chunk if there's an arrow moving out of it to some random place of the tree/graph, and then is when the amount of things you have to think about at the same time (the complexity) exceeds your mental limits, and hence the overwhelm and mess. Structure programming? The prohibition of random arrows in the control flow graph, but not the feature (you can still jump). OOP? The prohibition of random arrows in the "mutability graph" (functions that modifies the same variable belongs to the same class), but not the feature (you can still use assign). With references is the same: wouldn't it better to impose restrictions on how/when references should be used, identifying which restrictions to impose, to avoid the relationships induced by references overwhelm our brains, instead of forbid the feature at all?

@@Peregringlk wrote: wouldn't it better to impose restrictions on how/when references should be used, identifying which restrictions to impose, to avoid the relationships induced by references overwhelm our brains, instead of forbid the feature at all? As I tried to make clear in the talk, you can view our system as doing exactly that. We identified the restrictions needed to keep local reasoning with references. But a reference with restrictions doesn't have all the properties of a reference anymore, so thinking of it as a reference with restrictions is like thinking of a calculator as a supercomputing cluster with restrictions. You end up with a starting mental model that's complex and have to take away features. It's simpler just to think about the values.

You're absolutely right, and I'm surprised I said that. I know better. Apologies to all.