On Tue, 27 Aug 2024 at 04:17, Timon Gehr via Digitalmars-d <digitalmars-d@puremagic.com> wrote:

On 8/26/24 07:37, Walter Bright wrote:
> On 8/24/2024 10:15 AM, Manu wrote:
>> *sigh* ... I'm not going to do that.
>> ImportC either works, or it doesn't... and it currently doesn't work,
>> and I'm just going to move on.
>> By far the easiest and least ridiculous feeling thing can do right now
>> is to just prototype the occasional C library call inline immediately
>> before the call, which is what I've moved on with.
>> Fortunately my call volume is low.
>
> You're right, that will work.
>
> I tried to make C calls default to @trusted. Every single person in the
> community who voiced an opinion on it was dead set against it. But here
> you are, saying who cares what C does.
>
> I've got a cannon on one side aimed at me, and a flak gun on the other
> side.
>
> What do you suggest I do?
>

Marking every C function `@trusted` would not solve his problem. What
would solve his problem is if ImportC supported C extensions that let
you mark groups of declarations using D attributes. Then you can put
those in the C files that you import.

I could live with that... though I don't necessarily agree.

I stand with Walter in principle on this; C prototypes should just be @trusted. If you import and link a C library; you are 'trusting' it by definition. You're making use of some middleware, and you're not in control of the code... it is as it is, and you decided to use it anyway. You either trust it (and link it into your software), or you don't.

Nobody gains anything from causing a hassle every time you want to call into a library that you've opted in to. The whole point is to use the library; what possible advantage could there be to making that a pain in the arse?

There's one edge case I can think of; source-available functions. If the C source is available in a header, then we can infer @safe-ty rather than blindly trust it.

Can we direct this thread back towards nothrow and @nogc?

This wasn't actually a conversation about @trusted...