On Saturday, 3 August 2024 at 11:27:19 UTC, Nick Treleaven wrote:

One alternative would be a wrapper around printf, which checks the format string at compile time and modifies it and other parameters, so they match. It could look something like this:

void printfWrapper(string fmt, P...)(P params) @trusted
{
    // ...
}

void main() @safe
{
    string s = "World";
    printfWrapper!"Hello %s\n"(s);
}

An advantage would be, that it could be used immediately in DMD. A new language feature could only be used after the bootstrap compiler is updated to this version, too.

On Saturday, 3 August 2024 at 15:28:35 UTC, Tim wrote:

void printfWrapper(string fmt, P...)(P params) @trusted
{
    // ...
}

void main() @safe
{
    string s = "World";
    printfWrapper!"Hello %s\n"(s);
}

There are 13 pragma(printf) functions in dmd. They could be changed. However, now those aren't functions but templates. I'm not sure if that's OK for ldc and gdc, maybe. And every call to each of those functions would need updating (unless we had enum parameters). The dmd as a library API would also be impacted, even if the original functions were kept as deprecated.

Those functions could maybe be marked @trusted on the basis that the current dmd tests with the feature have checked all calls to them, and dmd as a library could require the new version of dmd for the API with the new @trusted functions.

On Saturday, 3 August 2024 at 17:12:15 UTC, Nick Treleaven wrote:

Yes, the change could be too big. I did not know how much it is used in DMD. The format string could also be checked or rewritten at runtime, but that would have other disadvantages.

That would work if the format string is only checked by the compiler. The DIP proposes, that it is also silently modified. Compiling DMD with an old bootstrap compiler could then contain a wrong format string.

On Saturday, 3 August 2024 at 17:47:45 UTC, Tim wrote:

Yes, you're right. And we couldn't pass string arguments either.