[mercury-users] Circular lists
Thomas Charles CONWAY
conway at cs.mu.oz.au
Thu Nov 27 15:55:29 AEDT 1997
Richard A. O'Keefe, you write:
> I guess we could emit a warning every time you return a string from C
> code, or pass or return a complex type from C code,
> Why are these things dangerous? In Quintus Prolog, passing strings in either
> direction was guaranteed safe, thanks to copying. In ESH, a very nice Scheme
> system from Sun, passing C data structures to Scheme and back again works
> perfectly safely.
Yes, we could fix the returning string problem by copying, though
currently we don't. Actually, we probably should (at least for the
"user" C interface, rather than the "implementor's" C interface) -
when I wrote the tcl/tk binding, there was indeed a bug where strings
were changing "mysteriously" - I wasn't copying the result string
from the interpreter, just assigning the pointer....
> but to do anything
> more would require impossible analysis of the C code itself (and
> separate compilation only makes the problems worse).
> You apparently envisage checking arbitrary code;
> I envisage checking _checkable_ code. If the code is for some reason
> impossible to analyse, that is in itself a danger sign.
One of the possible pieces of work on the C interface that Tyson
alluded to as summer work for a student was to automatically
generate interface predicates directly from the C prototypes,
although this has problems to do with memory mangagement and
C's conflation of passing in-by-reference and out-by-reference.
Thomas Conway conway at cs.mu.oz.au
AD DEUM ET VINUM Every sword has two edges.
More information about the users