digitalmars.D - Interfacing C functions with safer ptr/length
- bearophile (17/17) Oct 29 2010 I am toying with more ideas to strengthen D type system a bit in few spo...
- Andrei Alexandrescu (14/31) Oct 30 2010 Other static checkers have that too. They invariably address what Walter...
- tls (2/37) Oct 30 2010 Walter is dead? After trying fix C biggest mistake?
- Walter Bright (2/3) Oct 30 2010 I've been feeling much better lately.
- Walter Bright (2/6) Oct 30 2010 But I do have a peculiar hunger for brains now.
- Stanislav Blinov (2/10) Oct 30 2010 *That* movie?
- BCS (2/12) Oct 31 2010 Your a day to soon for that one.
I am toying with more ideas to strengthen D type system a bit in few spots. This is a minor thing, I don't know if this is a common enough situation to deserve compiler support, maybe not. If I want to use a C function from D code, and such C function has as arguments both a pointer that represents an array and int value that represents its length, is it possible to use a compact syntax that tells the compiler how to pack or unpack the contents of the fat D pointer that represents a D array? Something like this: extern(C) void foo(int[].ptr, int, int[].length); If the function needs two or more arrays the compiler asks you to give names to tell apart their parts in the signature: extern(C) void bar(int[].ptr a1, int[].length a1, int[].ptr a2, int[].length a2); This is supposed to avoid some bugs in using from D with dynamic arrays those functions foo() and bar(). So you have to call foo() like this: foo(v.ptr, n, v.length); While this generates a compile-time error because here the D code calls this function with parts from different arrays: foo(v1.ptr, n, v2.length); This too generates compile-time errors because m isn't the length of v1 and p isn't the ptr of v2: foo(v1.ptr, n, m); foo(p, n, v2.length); (This idea was born from reading about Deputy, a system to build safer Linux drivers.) I am trying to invent ideas better than this one. Bye, bearophile
Oct 29 2010
On 10/29/10 21:11 CDT, bearophile wrote:I am toying with more ideas to strengthen D type system a bit in few spots. This is a minor thing, I don't know if this is a common enough situation to deserve compiler support, maybe not. If I want to use a C function from D code, and such C function has as arguments both a pointer that represents an array and int value that represents its length, is it possible to use a compact syntax that tells the compiler how to pack or unpack the contents of the fat D pointer that represents a D array? Something like this: extern(C) void foo(int[].ptr, int, int[].length); If the function needs two or more arrays the compiler asks you to give names to tell apart their parts in the signature: extern(C) void bar(int[].ptr a1, int[].length a1, int[].ptr a2, int[].length a2); This is supposed to avoid some bugs in using from D with dynamic arrays those functions foo() and bar(). So you have to call foo() like this: foo(v.ptr, n, v.length); While this generates a compile-time error because here the D code calls this function with parts from different arrays: foo(v1.ptr, n, v2.length); This too generates compile-time errors because m isn't the length of v1 and p isn't the ptr of v2: foo(v1.ptr, n, m); foo(p, n, v2.length); (This idea was born from reading about Deputy, a system to build safer Linux drivers.) I am trying to invent ideas better than this one. Bye, bearophileOther static checkers have that too. They invariably address what Walter calls "C's biggest mistake" (and I think he's dead on to that). In D: private extern(C) { void foo(int*, int, size_t length); void bar(int* a1, size_t a1, int* a2, size_t a2); } void foo(int[] a, int b) { return foo(a.ptr, b, a.length); } void bar(int[] a1, int[] a2) { return bar(a1.ptr, a1.length, a2.ptr, a2.length); } Andrei
Oct 30 2010
Andrei Alexandrescu Wrote:On 10/29/10 21:11 CDT, bearophile wrote:Walter is dead? After trying fix C biggest mistake?I am toying with more ideas to strengthen D type system a bit in few spots. This is a minor thing, I don't know if this is a common enough situation to deserve compiler support, maybe not. If I want to use a C function from D code, and such C function has as arguments both a pointer that represents an array and int value that represents its length, is it possible to use a compact syntax that tells the compiler how to pack or unpack the contents of the fat D pointer that represents a D array? Something like this: extern(C) void foo(int[].ptr, int, int[].length); If the function needs two or more arrays the compiler asks you to give names to tell apart their parts in the signature: extern(C) void bar(int[].ptr a1, int[].length a1, int[].ptr a2, int[].length a2); This is supposed to avoid some bugs in using from D with dynamic arrays those functions foo() and bar(). So you have to call foo() like this: foo(v.ptr, n, v.length); While this generates a compile-time error because here the D code calls this function with parts from different arrays: foo(v1.ptr, n, v2.length); This too generates compile-time errors because m isn't the length of v1 and p isn't the ptr of v2: foo(v1.ptr, n, m); foo(p, n, v2.length); (This idea was born from reading about Deputy, a system to build safer Linux drivers.) I am trying to invent ideas better than this one. Bye, bearophileOther static checkers have that too. They invariably address what Walter calls "C's biggest mistake" (and I think he's dead on to that).
Oct 30 2010
tls wrote:Walter is dead?I've been feeling much better lately.
Oct 30 2010
Walter Bright wrote:tls wrote:But I do have a peculiar hunger for brains now.Walter is dead?I've been feeling much better lately.
Oct 30 2010
Stanislav Blinov <stanislav.blinov gmail.com> Walter Bright wrote:Walter Bright wrote:*That* movie?tls wrote:But I do have a peculiar hunger for brains now.Walter is dead?I've been feeling much better lately.
Oct 30 2010
Hello Walter,Walter Bright wrote:Your a day to soon for that one.tls wrote:But I do have a peculiar hunger for brains now.Walter is dead?I've been feeling much better lately.
Oct 31 2010