god i hate C why can't we have something typesafe that doesn't suck otherwise

@lucy Zig?

D in betterC-mode seems the sanest option on baremetal sadly cc @chjara

@lucy

@arcana zig has countless compiler bugs, design flaws and feature creep and it keeps getting worse. i spend a lot of time digging very deep into the language, talking to some devs and experienced users as well. zig is, on the current trajectory, not going to be the language they promised it to be.

@lucy D mentioned [imagine i put a relevant emoji here we don't have any letter emoji or whatever meh]
the only issue is that you can't use standard library functions even in metaprogramming/constexpr contexts because @nogc and so on still applies and the stdlib is not @nogc

@chjara yeah i mean, that's something annoying about it. but then how would they go around it, not having any OS abstraction and shipping the runtime statically in the kernel? in any case it's still better than C.
i wouldn't really have a libc either obviously unless i fork or port or write it myself.

@lucy

> typesafe

Types aren't a safety mechanism in C, they're an annotation for other programmers. There are no safety mechanisms in C, because there is no reason to have such a thing. C is the machine, and the machine's job is to do what you've written, even if you've written something stupid.

Even gcc's output is legible if you use -Os. So you look at the compiler's output, you look at C, one of C's really nice parts is that you can tell what the compiler's going to do while you're writing.

@lucy compile-time-only code not inheriting nogc attributes, like of course there's no stdlib in freestanding contexts (although a lot of the stdlib is templated and can probably still work) but i,m specifically talking about like you can't concatenate strings in mixins that's a bit of a big problem

@lucy or at least you couldn't last time i used D which was… 2, 3 years ago? i haven't touched code in a long time i'm washed i'm afraid

@p exactly my point why can't we have something like C but typesafe? D seems quite close

@chjara concatenating strings requires some kind of memory allocation (doesn't have to be malloc, but *something* ) so i can see why it won't be available in a freestanding context

@lucy i mean in mixins
D lets you programatically make strings and give them to the compiler as more source code
it's compile-time only, it's the way it does metaprogrammings and macros

@chjara yeah i actually scrolled through your codeberg repo looking for "if anyone came across a good language for this it might be her" and i saw you did something in D

@lucy oh i don't really have anything interesting in D on my codeberg i don't think, https://gitlab.com/tuxcrafting/neon on gitlab is my largest D codebase, i wouldn't recommend taking any lessons from it though

@lucy

> why can't we have something like C but typesafe?

Okay, this is going to sound like sarcasm, but I am really asking a real question because I don't understand why you'd want that from C. What do you want a safety mechanism for? What does "safe" even mean? Safe from what? Again, real questions. In general, what would safety mean?

> D seems quite close

Fun language, I think I never picked it up because of some weird licensing thing they were doing with the compiler back in the day; I don't remember, though.

@lucy@netzsphaere.xyz @arcana@fedi.layer02.net give in and embrace rust

@anemone @arcana it has a package manager build in. no thanks.

@p @lucy > chatgtp make me C but type safe

Guys it gave me a link to Rust

@lucy@netzsphaere.xyz @arcana@fedi.layer02.net technically it’s separate you can just use rustc without cargo if you hate yourself that much

@lucy @arcana @anemone ime the average rust project won’t compile 2 months from now if left unmaintained

it’s somehow even worse than python in that regard

@anemone @arcana it shouldn't be hard or painful to use a compiler without a package manager.

@lucy @arcana @anemone if i can’t use the language without downloading gigabytes of code no one has ever reviewed from some .io domain then it’s dead to me

@sun @lucy That's because the bot is confusing its main job with its side-hustle, astroturfing.
rust_bot_astroturfing.png

@lucy @arcana @anemone if building a project requires downloading 5 different versions of the same library, that ecosystem is dead to me

Proof that even Large Language Models can become homosexual

@lucy @arcana @anemone how is this any different from using proprietary code? what goes in a compiled binary is so opaque at this point it might as well be

@lucy @arcana @anemone crates.io goes down? cool, almost every rust project is now basically useless. bad actor sneaks in some dodgy code? no one will ever notice.

@mia @lucy @anemone Attacks like this have already happened

@mia @arcana @anemone how is that different than python

@mia @anemone @lucy Supply chain security is a huge problem

@lucy @arcana @anemone in practice, python modules are a lot easier to package by other distributions

@lucy @arcana @anemone complex dependency trees aren’t really a thing there either. and most projects don’t need to lock dependency versions because there’s just not that much API breakage happening

@lucy @arcana @anemone python is kind of an exception among languages with package managers. with basically everything else (except for haskell and perl), distros usually give up and just use a big tarball of vendored dependencies to package anything.

@lucy@netzsphaere.xyz @mia@shrimptest.0x0.st @arcana@fedi.layer02.net python is worse since it will silently fail or install different versions of libraries than the ones you initially picked

@p slices and bounds checking would be nice. Sure I can do that manually in C but, a toddler can do that. But it's nice not to have to do it and do other non-toddler things instead.
Or, (de)referencing should be implicit in most cases. i should never have to write mystruct->deadcopsinmybasedment to access members of a struct. mystruct.deadcopsinmybasedment doesn't mean anything. or when passing something that's supposed to be a pointer then just pass it as a pointer.

@anemone @lucy @arcana the cultists call

@anemone @lucy @arcana python will tell you to use your distro package manager unless you’re deliberately setting up a virtualenv

basically pip is a crutch for environments where that’s not an option, not THE tool to use

@mia @anemone @arcana btw did llvm ever build or did you give up on that

@anemone @lucy @arcana 🦀

@p @lucy
here's c treating the type system as a safety mechanism https://open-std.org/JTC1/SC22/WG14/www/docs/n3042.htm

i love c, and c11 and c23 have been for the most part helpful little pushes towards cleaning things up, but a complete reboot would be so much better. make a new lang that can even keep the same machine-level representation, and just clean up syntax, so you don't have "const" scattered around meaning multiple things and type signatures are rearranged to not make funpointers suck etc; add basic type inference system, with an off switch for when you want to do bit padding kinda stuff; and clean up stdlib to be like other modern langs, with naming conventions and modularisation consistent and predictable and no more "gets DEPRECATED DO NOT USE" kinda stuff floating around

@ageha @p what do you think of D

@lucy @p
object-oriented, ugly, and generally a mess. like someone thought c++ should be even worse

not looked it in many years though

@lucy I would like to be clear, because I shat a bunch of words onto the page and it's going to look argumentative: I don't think you're wrong in general; some of the specifics I disagree with. I do think some of what you want is wrong to try to get into C, but mainly I don't know what you want so I'm trying to figure that out.

Dennis Ritchie had a proposal for variable-length arrays, but by the time he had the idea, it was already out of his hands and in the hands of the standards committee, and they hated everything he ever suggested.

> slices and bounds checking would be nice.

C doesn't have arrays; it has some syntax around pointers. If you try to give it "real" arrays, then the runtimes for all of these other dingus languages stop working, because sometimes what you want is a contiguous region of memory.

Maybe you have a contiguous region of memory (framebuffer) and you don't know how big it is at compile-time: now there's a runtime library the compiler has to hook into. The way this problem is solved in C is that you get a segfault: the OS has built-in memory safety. Or say you've got to call a special instruction to get the dimensions of the framebuffer stored in a register: if you couldn't fudge types in C, you'd have to implement most of that in assembly instead of just one or two instructions.

C is the machine, though, and the machine doesn't have bounds-checking because it doesn't have bounds. Sometimes it has an MMU, sometimes it has ridiculous segment registers and an A20 line and stuff like that, sometimes it has memory-mapped I/O registers. If what you want is a "real" array, you probably don't want C for this task.

> Or, (de)referencing should be implicit in most cases.

This would be a disaster for cases where you care about that kind of thing; for cases where you don't care and are fine with it being implicit, you should probably not use C.

A nice thing about C is that you can translate what you've written into what it's doing: you see an `->` and you know that there's a read. This matters when it's timing-sensitive (say, an interrupt handler ) or time-sensitive (factoring prime numbers). Importantly, it also matters when you are debugging, because you can see a pointer is being read through. A memory-safe language, you don't have that concern.

I had a bug a long time back: it was segfaulting...nowhere. Just initializing a variable that wasn't even a pointer. Pretty reliably, too: same function, same variable, every time. I blamed the compiler (gcc treats ARM like a second-class citizen still) and looked at the exact address. No arbitrary pointers being dereferenced, it was just pushing to the stack...just pushing to the stack. I followed the stack pointer around, expecting that it had been corrupted...somehow. Nope. I had linked against libSDL, this build of SDL linked against libpulse, the kernel defaulted to 16kB of stack per thread, libpulse was eating more than 16kB of stack just for having been initialized. (Giving it more stack via sysctl fixed it, telling SDL to use ALSA instead of Pulse fixed it, turning off sound fixed it, and that's what I eventually went with, because I didn't need sound.) This was a pain in the ass, cost me half a day, and it was one of the very few implicit mechanic. And, you know, you add n implicit mechanics, you get n! complexity. Bounds-checking doesn't save you from this kind of thing, and worse, this is stuff that you've got to worry about *somewhere*: high-level languages are going to have problems like this, and there has to be a region where you can debug it, there has to be something between the bytecode VM's runtime and the machine. If it's not C, then it's just machine code. There has to be a language that is just the machine: no more, no less. If this stuff worms its way into C, then there has to be something under C.

> or when passing something that's supposed to be a pointer then just pass it as a pointer.

C++ has references in declarations and they are a nightmare; you see codebases where the style guide forbids their use. It makes debugging a nightmare. `f(&x)` means you get to see right there that you're passing an address.

But this is a feature list. What is "safety"? Page faults don't happen? That's what I'm trying to get at; I think the machine is safe already as long as you don't try to eat any of its components and it doesn't catch fire. Like, it has to mean something; if it means bounds-checking, that's a feature: you must mean that you are safe from running off the end of the array or safe from page-faults, something.

@lucy Everything I do I do now in Rust unless I need to control of C.

Never really got into D personally

@p > C doesn't have arrays; it has some syntax around pointers. If you try to give it "real" arrays, then the runtimes for all of these other dingus languages stop working, because sometimes what you want is a contiguous region of memory.

you can have both pointers and arrays in a language.

> What is "safety"
bad code either not compiling successfully, or predictably failing at runtime. and not when you try to do something illegal on the machine, i mean if you try to do something your code isn't supposed to do. decades of "just don't write bad code" didn't prevent people from writing bad code. ada's contracts would be so nice to have in C.

@lunarised i don't like rust but what kind of projects are you working on in rust

@ageha @lucy

> here's c treating the type system as a safety mechanism https://open-std.org/JTC1/SC22/WG14/www/docs/n3042.htm

You are showing me the standards committee doing something stupid. My reference for this is the reason the creators of the language said they added types, not the standards committee, who are a bunch of anal-retentive language Nazis that have completely ignored Ken and Dennis every chance they got.

I'm with the hackers on this one and the administrative Karens can go fuck themselves.

> c11 and c23 have been for the most part helpful little pushes towards cleaning things up,

I wish they'd go bother some other language. They're not "cleaning things up", they hate C and want it to be something else.

> so you don't have "const" scattered around meaning multiple things

I don't know what they've done, but I imagine they've "fixed" it by duct-taping bullshit to horseshit. It's funny you'd bring up const:

"The fundamental problem is that it is not possible to write real programs using the X3J11 definition of C. The committee has created an unreal language that no one can or will actually use."

If you are going to appeal to an authority, pick a better one. The committee can fuck all the way off.

@lucy a couple of games, some DPS and a web backend atm

@lucy

> you can have both pointers and arrays in a language.

Sure. I mean, you can do memory-safe pointers. That's not quite what C has, though. If C were to start doing this, then low-level non-assembly would need a new language.

> bad code either not compiling successfully, or predictably failing at runtime.

I think it's still poorly defined.

> i mean if you try to do something your code isn't supposed to do.

This is an unsolved problem in computer science; it's just a matter of degree.

> decades of "just don't write bad code" didn't prevent people from writing bad code.

It wasn't supposed to. You can write bad code in *any* language: if you want your program to work, don't do that. There is no way to enforce this for other people's code. People will fuck it up. The only thing you have control over is what *you* write: don't fuck it up and you're fine.

> ada's contracts would be so nice to have in C.

I think if you want codified invariants in C, you use an assert() macro: that makes it fail predictably at runtime. People don't like assertions because they get abused for error-handling or people write assertions that have side-effects, and it's understandable, but the fact that someone else might fuck it up doesn't make a tool any less useful. assert() (or rolling your own version) gets you 90% of the way there, guard clauses cover the rest.

@p > Sure. I mean, you can do memory-safe pointers. That's not quite what C has, though. If C were to start doing this, then low-level non-assembly would need a new language.

I don't wanna introduce these things to C. I want a new language that does.

@lucy I mean, what do you want C for, then? Like, you want the language to be similar to C in what sense?

I think probably not D, but depending on what you actually want, there are a few languages that come to mind.

@p i want a language that allows me to write freestanding software that doesn't require an OS to already run, but at the same time provides features to write code that doesn't break as easily when you're doing something wrong.
maybe i just want ada..

@lucy Well, if the requirement is that it can't depend on an OS existing, that narrows it way down. Maybe you do want Ada; maybe you would like to try Forth.

@p snacks keeps talking about forth.. what dialect would you recommend for that specifically?

@lucy I was gonna suggest Objective C, unironically, because it seems like it'd give you most of the things you want (first-class strings/arrays, message-passing, etc.) but I don't think Objective C can be used without a kernel (though I'm not sure about that; I guess it depends on the runtime library).

@lucy

> snacks keeps talking about forth..

It's kind of an astonishing language once you really *get* it. It's like, as expressive as Lisp, but it also is usable without an OS.

> what dialect would you recommend for that specifically?

I used gForth a while but I don't think I really understood Forth until I spent a day working through Jonesforth.

The thing about Forth is that it barely even exists and is kind of just a style of programming. (Chuck Moore didn't like the standardization very much, he felt like it missed the point.) That having been said, it's hard to grasp until you use it some, and an ANS Forth is probably your best bet at being able to understand and be understood or find documentation, so gForth is probably a good place to start. (Or just get to hacking on DuskOS. YMMV.)

@p @lucy Is that still even used? Didn't swift take over fully?

@Yoruka @lucy

> Is that still even used?

That's Apple; the language exists independently of Apple, Apple just adopted it. (Strictly speaking, adopted it and Apple acquired NeXT.) If it was just Apple, I wouldn't have suggested it.

> Didn't swift take over fully?

I think, even within Apple, Swift:ObjC::VB.NET:C++, but I don't follow what they're doing so closely.

@p @lucy huh I tought it was an exclusive apple thing. Like a legacy swift

@Yoruka @lucy I still have a GNUstep live CD image somewhere.

https://en.wikipedia.org/wiki/Objective-C :

> Originally developed by Brad Cox and Tom Love in the early 1980s, it was selected by NeXT for its NeXTSTEP operating system. Due to Apple macOS’s direct lineage from NeXTSTEP,[4] Objective-C was the standard language used, supported, and promoted by Apple for developing macOS and iOS applications (via their respective application programming interfaces (APIs), Cocoa and Cocoa Touch) from 1997, when Apple purchased NeXT until the introduction of the Swift language in 2014.

> Objective-C programs developed for non-Apple operating systems or that are not dependent on Apple's APIs may also be compiled for any platform supported by GNU GNU Compiler Collection (GCC) or LLVM/Clang.

@p @Yoruka can you even use obj-c without the runtime?

@Yoruka @p @lucy no, people just liked sepples better

@anemone@ebiverse.social @arcana@layer02.net @lucy@netzsphaere.xyz I don't have much experience with Rust, but I used the 2018 edition to write some freestanding nostdlib code, mostly marked "unsafe" all over, and linked to some hand-written assembly libraries. I used rustc without cargo through a Makefile, to output object files that I linked later with other C and assembly object files. It wasn't particularly too painful or hard as far as I remember, and rustc allows compiling to assembly as a target, and the assembly output wasn't horrendous. Despite not having access to its standard library, you still get some niceties like slices, sum types (i.e. exhaustive "match" with Option<> types, etc.).

I still prefer C personally; I don't enjoy rust's syntax, its politics, authoritarian spirit, or its turbulent and web-madness-infected ecosystem. But it's not too bad if you freely permit yourself to hold it "wrong".

@p @lucy pforth has been my favourite forth so far, easy to understand and some nice debugging words. Apparently it has also been used freestanding a lot

@lucy @Yoruka It has a runtime library like you'd expect from a language of its type, and you can use it for regular stuff; in a better world, it would have been what people used instead of C++, because it fits in the same places. If you mean Apple's stuff, sure, Apple has its own ecosystem that has diverged from OpenStep but the OpenStep stuff still works so you can even do full desktop GUI stuff with it and talk to the icon tray and all the stuff you expect. But you can just write a webserver in it or whatever. It's in gcc, and the full DE stuff is still available: https://en.wikipedia.org/wiki/GNUstep .

@p @Yoruka okay but when using objective-c freestanding, wouldn't that runtime require a lower layer?

@p @lucy i don't think the publicly available source has any freestanding build targets tho

@snacks @lucy I haven't used it, I think. It sounds familiar but I don't have a copy in /usr/src, ~/src, or ~/proj, so I must not have used it.

@lucy @Yoruka Yeah, same reason you can't really do an OS in C++; see remarks in the kernel docs.

@lucy @Yoruka

> GNUstep

Ha, the poor bastards are Wayland-only now. Nevermind.

@p @Yoruka i like wayland

@p @lucy Has anyone (tranny) made a kernel in rust yet

@Yoruka @p @lucy redox is a whole os with gui in rust

@lucy@netzsphaere.xyz @p@fsebugoutzone.org the answer that you'll be unhappy with is that all of that exists in C, it's called cpp and the cppstdlib. more seriously though, you should try writing 2024 standard cpp, it really is like a different language almost

@shibao @p is it still once you remove the c++ runtime?

@lucy@netzsphaere.xyz @p@fsebugoutzone.org i don't know what you mean

@shibao @p https://wiki.osdev.org/C++
certain features of C++ require a runtime, you'd have to disable them (or ship a freestanding runtime) for freestanding code. that is, code that runs on hardware (like a kernel) without an underlying OS.

@lucy @anemone @arcana tbh if you’re going for #[no_std] then you can’t use 99% of crates.io anyway, so that shouldn’t be a problem

@mold @anemone @arcana yeah but languages shipping a package manager, and really really trying to make you use it, is a massive red flag.

You can probably live without stuff like runtime type information and exceptions in a kernel. What remains is trivial stuff like global constructors, stuff like file access which you will be implementing yourself anyways, and stuff that requires dynamic allocation, like std::vector, std::string, but those have template arguments for specifying custom allocators. And if you're not #includeing the specific headers, you don't need to support that shit ¯\_(ツ)_/¯

CC: @p@fsebugoutzone.org @shibao@misskey.bubbletea.dev

@eris@p.enes.lv @p@fsebugoutzone.org yeah and my perception is that it's baked into the executable so it's fair to just consider that as part of your program, unless you're talking about dlls that you might need to execute the program.

i didn't understand what you meant by "it still is" but i get it now, you should read into the new module imports and all the other changes with the latest cpp definitions, they've been hard at work basically defining an entirely new standard library and conventions that give you the safety that you're looking for. even if you can still technically use a random naked pointer or other c stuff, i would argue that modern cpp gives you that security if you don't use the old c-style of doing stuff

@eris@p.enes.lv @p@fsebugoutzone.org or like have you ever worked with a codebase that's used RAII instead of plain c stuff? if not then i can understand how it would feel that way

@eris @p @shibao yeah no shit but what i was wondering was if, shibao said modern c++ is good but do you really benefit from in in that environment?

I obviously don't have much experience in testing the entire stdlib, but yes, AFAIK, a lot of it is templated and concepted magic which should Just Work(R)

CC: @p@fsebugoutzone.org @shibao@misskey.bubbletea.dev

@lucy @Yoruka It's missing a bunch of shit that I use all the time. (`ssh -X`/`ssh -Y` is one. I don't know if VNC is still fucked on Wayland but I use VNC every day of the week.) If rio does $x and X11 does $x, I don't need a thing that doesn't do $x: it hasn't caught up to the 90s. Non-trivial cost of moving, it doesn't do things I want it to do, so I'd be heating up my GPU without a benefit: this is the definition of bloat.

@Yoruka @lucy I think you actually could use Rust for this, I just don't know why you'd want to.

@shibao @lucy

> it's called cpp

You can say *anything* exists in C++ because there exists nothing that they wouldn't cram into it. It's like the Common Lisp of the ALGOL family, it's like compiled Perl.

@shibao @lucy Runtime stuff is what keeps C++ from being a plausible language for bare-metal or kernel-writing, I think that's the main concern.

@shibao @eris

> baked into the executable

So is it plausible to link what you need from the runtime in statically?

@p@fsebugoutzone.org @lucy@netzsphaere.xyz with enough ifndefs and defines, anything is possible

@p@fsebugoutzone.org @eris@p.enes.lv is that not always an option? i guess i didnt go as deep into c++

@shibao @eris Allegedly it can be done if you work at it hard enough: https://arobenko.github.io/bare_metal_cpp/

Also somehow the person asking the questions got untagged:
@lucy

@shibao @eris @lucy But the guy keeps calling it "cpp" and the C Pre-Processor is already called that. People that are concerned about "+" being a special character usually call it "cxx".

@p@fsebugoutzone.org @eris@p.enes.lv @lucy@netzsphaere.xyz o yeah that is true i sort of use them interchangeably

@p @shibao @lucy @eris colored people poop

@shibao @lucy @eris It's informal conversation, but that guy did a bowok.

@JollyWizard @shibao @lucy @eris I don't know if that's a thing people in most professions interact with often enough to require an acronym.

@p @shibao @lucy @eris Fair, but the c preprocessor significantly impacts people's lives whether they realize it or not

@p @shibao @lucy @eris @JollyWizard Well, not yet, anyhow. Give it time.

@shibao @lucy @p The problem with modern C++ is that it's one of a dozen fairly decent programming languages that are utterly crippled by the fact that they're embedded within C++

@JollyWizard @shibao @lucy @eris You know C++ started off as a set of cpp macros? TUHS managed to get ahold of a copy of the late versions of cfront.
bjarne--face_of_disgust.png

@echo @JollyWizard @eris @lucy @shibao It's confined to San Francisco.

@lucy @p wonder why no one ever brings up Pascal in these conversations (other than the obvious disgust of it looking a bit BASIC to some)

the grammar might not fit on the back of a postcard, but it's still respectable enough to be stood up

@i @lucy

> wonder why no one ever brings up Pascal in these conversations

Because Pascal was fixed eventually; Modula, Oberon, Limbo, Go.

Pascal itself has problems that you can't fix without removing some of the Pascal from it.

> (other than the obvious disgust of it looking a bit BASIC to some)

I think "Why Pascal is Not My Favorite Programming Language" was a much more reasonable version. I've gotten past the ":=" by now.

@i @p i find pascal quite pleasant to look at, other than c
im going for c rn and maybe replacing some parts in pascal to see how it goes and compare it better. my main concern is fpc being superglued to gcc but apparently you can use it with llvm since very recently? I'd have to check that first.

@lucy @i @p

fpc being superglued to gcc

Back in the late 1990s and early 2000s, fpc's advocates used to say it was "Pascal written in Pascal" as opposed to gpc, which was a Pascal front-end for gcc. But I still had a machine where Turbo Pascal 7 worked, so I didn't care.

@p @lucy Isn't it obvious? Becuase Rust!!! MUH POLITICS!!!