Enforce strong type checking in C (type strictness for typedefs)?

There is another very nice article (Although I don't agree to ban goto :) ) from Joel named Making Wrong Code Look Wrong . I think it's very related to your question even if there is not direct connection.

Up vote 11 down vote favorite 5 share g+ share fb share tw.

I've to deal with utf8 and sometimes I get confused with the indices for the character count and the byte count. So it be nice to have some typedefs: typedef unsigned int char_idx_t; typedef unsigned int byte_idx_t; With the addition that you need an explicit cast between them: char_idx_t a = 0; byte_idx_t b; be = a; // compile warning be = (byte_idx_t) a; // ok I know that such a feature doesn't exist in C, but maybe you know a trick or a compiler extension (preferable gcc) that does that. EDIT I still don't really like the Hungarian notation in general.

I couldn't use it for this problem because of project coding conventions, but I used it now in another similar case, where also the types are the same and the meanings are very similar. And I have to admit: it helps. I never would go and declare every integer with a starting "i", but as in Joel's example for overlapping types, it can be life saving.

C typedef strongly-typed typechecking strong-typing link|improve this question edited Jul 26 '11 at 14:36Lightness Races in Orbit54.2k662133 asked Dec 17 '08 at 23:33quinmars2,4371817 88% accept rate.

There is another very nice article (Although I don't agree to ban goto :) ) from Joel named Making Wrong Code Look Wrong. I think it's very related to your question even if there is not direct connection.

You could do something like: typedef struct { unsigned int c_idx; } char_idx; typedef struct { unsigned int b_idx; } byte_idx; Then you would see when you are using each: char_idx a; byte_idx b; b. B_idx = a. C_idx; Now it is more clear that they are different types but would still compile.

For "handle" types (opaque pointers), Microsoft uses the trick of declaring structures and then typedef'ing a pointer to the structure: #define DECLARE_HANDLE(name) struct name##__ { int unused; }; \ typedef struct name##__ *name Then instead of typedef void* FOOHANDLE; typedef void* BARHANDLE; They do: DECLARE_HANDLE(FOOHANDLE); DECLARE_HANDLE(BARHANDLE); So now, this works: FOOHANDLE make_foo(); BARHANDLE make_bar(); void do_bar(BARHANDLE); FOOHANDLE foo = make_foo(); /* ok */ BARHANDLE bar = foo; /* won't work! */ do_bar(foo); /* won't work!

Use a lint. See Splint:Types and strong type check. Strong type checking often reveals programming errors.

Splint can check primitive C types more strictly and flexibly than typical compilers (4.1) and provides support a Boolean type (4.2). In addition, users can define abstract types that provide information hiding (0).

In C, the only distinction between user-defined types that is enforced by the compiler is the distinction between structs. Any typedef involving distinct structs will work. Your major design question is should different struct types use the same member names?

If so, you can simulate some polymorphic code using macros and other scurvy tricks. If not, you are really committed to two different representations. E.g.

, do you want to be able to #define INCREMENT(s, k) ((s). N += (k)) and use INCREMENT on both byte_idx and char_idx? Then name the fields identically.

What you want is called "strong typedef" or "strict typedef". Programming languages Ada, D have this feature, c/c++ do not. As far as I know c++1x does not support it either.

There may have been a proposal to include it into the next c++ version with the name "opaque typedef private", but the proposal was not accepted. Some compilers may provide this functionality via a command line option: gimpel.com/html/strong.htm Some people try to write wrapper classes to emulate this feature. For example you can create a wrapper template class to implement strong_typedef.

It would have the base type as its template type parameter, and would be inherited from the base type. Other people experiment with macro: boost.org/doc/libs/1%5F40%5F0/boost/stro....

If you were writing C++, you could make two identically defined classes with different names that were wrappers around an unsigned int. I don't know of a trick to do what you want in C.

C works the same way with structs. Microsoft uses this to differentiate handle types in windows.h. – Tim Lesher Dec 17 '08 at 23:51.

You asked about extensions. Jeff Foster's CQual is very nice, and I think it could do the job you want.

Use strong typedef as defined in BOOST_STRONG_TYPEDEF.

1 Boost is a C++ library, and therefore irrelevant. – Porculus Aug 12 '11 at 3:14.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.