www.digitalmars.com         C & C++   DMDScript  

digitalmars.D - Interfacing C functions with safer ptr/length

reply bearophile <bearophileHUGS lycos.com> writes:
I am toying with more ideas to strengthen D type system a bit in few spots.
This is a minor thing, I don't know if this is a common enough situation to
deserve compiler support, maybe not.

If I want to use a C function from D code, and such C function has as arguments
both a pointer that represents an array and int value that represents its
length, is it possible to use a compact syntax that tells the compiler how to
pack or unpack the contents of the fat D pointer that represents a D array?

Something like this:

extern(C) void foo(int[].ptr, int, int[].length);

If the function needs two or more arrays the compiler asks you to give names to
tell apart their parts in the signature:

extern(C) void bar(int[].ptr a1, int[].length a1, int[].ptr a2, int[].length
a2);

This is supposed to avoid some bugs in using from D with dynamic arrays those
functions foo() and bar().

So you have to call foo() like this:

foo(v.ptr, n, v.length);

While this generates a compile-time error because here the D code calls this
function with parts from different arrays:

foo(v1.ptr, n, v2.length);

This too generates compile-time errors because m isn't the length of v1 and p
isn't the ptr of v2:

foo(v1.ptr, n, m);
foo(p, n, v2.length);

(This idea was born from reading about Deputy, a system to build safer Linux
drivers.) I am trying to invent ideas better than this one.

Bye,
bearophile
Oct 29 2010
parent reply Andrei Alexandrescu <SeeWebsiteForEmail erdani.org> writes:
On 10/29/10 21:11 CDT, bearophile wrote:
 I am toying with more ideas to strengthen D type system a bit in few spots.
This is a minor thing, I don't know if this is a common enough situation to
deserve compiler support, maybe not.

 If I want to use a C function from D code, and such C function has as
arguments both a pointer that represents an array and int value that represents
its length, is it possible to use a compact syntax that tells the compiler how
to pack or unpack the contents of the fat D pointer that represents a D array?

 Something like this:

 extern(C) void foo(int[].ptr, int, int[].length);

 If the function needs two or more arrays the compiler asks you to give names
to tell apart their parts in the signature:

 extern(C) void bar(int[].ptr a1, int[].length a1, int[].ptr a2, int[].length
a2);

 This is supposed to avoid some bugs in using from D with dynamic arrays those
functions foo() and bar().

 So you have to call foo() like this:

 foo(v.ptr, n, v.length);

 While this generates a compile-time error because here the D code calls this
function with parts from different arrays:

 foo(v1.ptr, n, v2.length);

 This too generates compile-time errors because m isn't the length of v1 and p
isn't the ptr of v2:

 foo(v1.ptr, n, m);
 foo(p, n, v2.length);

 (This idea was born from reading about Deputy, a system to build safer Linux
drivers.) I am trying to invent ideas better than this one.

 Bye,
 bearophile

Other static checkers have that too. They invariably address what Walter calls "C's biggest mistake" (and I think he's dead on to that). In D: private extern(C) { void foo(int*, int, size_t length); void bar(int* a1, size_t a1, int* a2, size_t a2); } void foo(int[] a, int b) { return foo(a.ptr, b, a.length); } void bar(int[] a1, int[] a2) { return bar(a1.ptr, a1.length, a2.ptr, a2.length); } Andrei
Oct 30 2010
parent reply tls <do notha.ev> writes:
Andrei Alexandrescu Wrote:

 On 10/29/10 21:11 CDT, bearophile wrote:
 I am toying with more ideas to strengthen D type system a bit in few spots.
This is a minor thing, I don't know if this is a common enough situation to
deserve compiler support, maybe not.

 If I want to use a C function from D code, and such C function has as
arguments both a pointer that represents an array and int value that represents
its length, is it possible to use a compact syntax that tells the compiler how
to pack or unpack the contents of the fat D pointer that represents a D array?

 Something like this:

 extern(C) void foo(int[].ptr, int, int[].length);

 If the function needs two or more arrays the compiler asks you to give names
to tell apart their parts in the signature:

 extern(C) void bar(int[].ptr a1, int[].length a1, int[].ptr a2, int[].length
a2);

 This is supposed to avoid some bugs in using from D with dynamic arrays those
functions foo() and bar().

 So you have to call foo() like this:

 foo(v.ptr, n, v.length);

 While this generates a compile-time error because here the D code calls this
function with parts from different arrays:

 foo(v1.ptr, n, v2.length);

 This too generates compile-time errors because m isn't the length of v1 and p
isn't the ptr of v2:

 foo(v1.ptr, n, m);
 foo(p, n, v2.length);

 (This idea was born from reading about Deputy, a system to build safer Linux
drivers.) I am trying to invent ideas better than this one.

 Bye,
 bearophile

Other static checkers have that too. They invariably address what Walter calls "C's biggest mistake" (and I think he's dead on to that).

Walter is dead? After trying fix C biggest mistake?
Oct 30 2010
parent reply Walter Bright <newshound2 digitalmars.com> writes:
tls wrote:
 Walter is dead?

I've been feeling much better lately.
Oct 30 2010
parent reply Walter Bright <newshound2 digitalmars.com> writes:
Walter Bright wrote:
 tls wrote:
 Walter is dead?

I've been feeling much better lately.

But I do have a peculiar hunger for brains now.
Oct 30 2010
next sibling parent Stanislav Blinov <stanislav.blinov gmail.com> writes:
Walter Bright wrote:
 Walter Bright wrote:
 tls wrote:
 Walter is dead?

I've been feeling much better lately.

But I do have a peculiar hunger for brains now.

*That* movie?
Oct 30 2010
prev sibling parent BCS <anon anon.com> writes:
Hello Walter,

 Walter Bright wrote:
 
 tls wrote:
 
 Walter is dead?
 



Your a day to soon for that one.
Oct 31 2010