{"id":499,"date":"2022-08-30T15:02:22","date_gmt":"2022-08-30T15:02:22","guid":{"rendered":"https:\/\/unknownerror.org\/index.php\/2013\/11\/09\/c-run-time-type-checking-collection-of-common-programming-errors\/"},"modified":"2022-08-30T15:02:22","modified_gmt":"2022-08-30T15:02:22","slug":"c-run-time-type-checking-collection-of-common-programming-errors","status":"publish","type":"post","link":"https:\/\/unknownerror.org\/index.php\/2022\/08\/30\/c-run-time-type-checking-collection-of-common-programming-errors\/","title":{"rendered":"C run time type checking-Collection of common programming errors"},"content":{"rendered":"

I have a C library storing records with a number of fields. Schema are read in from a text file, including the type of each field in the record.<\/p>\n

To simplify for question purposes, imagine I have<\/p>\n

typedef enum my_type_enum\n{\n    INT32, \/\/32-bit integer\n    MYSTRUCT, \/\/some struct I have, details irrelevant\n    ...\n} my_type_enum;\n\ntypedef struct my_var\n{\n    my_type_enum typetag;\n    unsigned char* data;\n} my_var;\n\nmy_var myrecord[numfields];\n<\/code><\/pre>\n
The schema file says whether each field of myrecord should hold an int32_t or a mystruct. My library reads the schema file and for each my_var in myrecord sets the tag and allocates the right amount space for the data.<\/p>\n
my_var is opaque and client programs basically use, for simple data<\/p>\n
void set(my_var* record, size_t field, void * src)\n{\n    memcpy(record[field].data, src, datatypes[record[field].typetag].size);\n}\n\nint32_t x = 5; \nset(myrecord, 0, &x);\n<\/code><\/pre>\n
to store a value in a record, and a similar get() to take things out.<\/p>\n
The tagged my_var type allows type checking once data is inside the my_var, but if the schema says record holds three INT32s there is of course nothing to check that src points to an int32_t and not a mystruct when you’re trying to set() data into that my_var.<\/p>\n
Obviously the check needs to take place in something wrapping set(), before the int32_t* or mystruct* is converted to void*. I have seen compile-time checking with typeof() trickery. I feel like what I want probably isn’t possible, but you never know all the tricks…<\/p>\n
Is there anything I can do better than providing facilities that read a schema at client program compilation time and generate a set_CHECKED() wrapper macro that will give a compiler error if someone tries to copy an int32_t into a my_var tagged to hold mystruct? GCC extensions are fine.<\/p>\n
    \n
  1. \n
    Actually, the ‘set’ and ‘get’ seem to be the correct places to put your checks. If accessing a field with the wrong type is a fatal error, the fix is simple:<\/p>\n
    void set(my_var* record, size_t field, void * src)\n{\n    if (record[field].typetag != (my_var)src->typetag) {\n        fprintf(stderr, \"Type mismatch!\\n\");\n        exit(1);\n    }\n    memcpy(record[field].data, src, datatypes[record[field].typetag].size);\n}\n<\/code><\/pre>\n
    If a type mismatch is not a fatal error, you’ll need to make set and get return and error code and handle that correctly at the call site.<\/p>\n
    Note that in C, type information is gone by the time the code is compiled. The ‘typetag’ field is the only way you have to know the type of a field.<\/p>\n
    Of course, if you don’t need to be able to change the schema without recompiling the library, you could try generating C code from it. That would let you use the compiler’s type checking at compile time.<\/p>\n
    (Also: not a big deal, but my_var.data should be a void*, not a char*. This doesn’t change the correctness of the code but void* tells the reader (and debugger) that the type is unknown.)<\/p>\n<\/li>\n<\/ol>\n
    Originally posted 2013-11-09 20:01:02. <\/small><\/p>","protected":false},"excerpt":{"rendered":"
    I have a C library storing records with a number of fields. Schema are read in from a text file, including the type of each field in the record. To simplify for question purposes, imagine I have typedef enum my_type_enum { INT32, \/\/32-bit integer MYSTRUCT, \/\/some struct I have, details irrelevant … } my_type_enum; typedef […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-499","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/499","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/comments?post=499"}],"version-history":[{"count":0,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/499\/revisions"}],"wp:attachment":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/media?parent=499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/categories?post=499"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/tags?post=499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}