Enforce strong type checking in C (type strictness for typedefs)

Question

Is there a way to enforce explicit cast for typedefs of the same type? I've to deal with utf8 and sometimes I get confused with the indices for the character count and the byte count. So it be nice to have some typedefs:

typedef unsigned int char_idx_t;
typedef unsigned int byte_idx_t;

With the addition that you need an explicit cast between them:

char_idx_t a = 0;
byte_idx_t b;

b = a; // compile warning
b = (byte_idx_t) a; // ok

I know that such a feature doesn't exist in C, but maybe you know a trick or a compiler extension (preferable gcc) that does that.

EDIT: I still don't really like the Hungarian notation in general, I couldn't used it for this problem because of project coding conventions, but I used it now in another similar case, where also the types are the same and the meanings are very similar. And I have to admit: it helps. I never would go and declare every integer with a starting "i", but as in Joel's example for overlapping types, it can be life saving.

Answer 1

If you were writing C++, you could make two identically defined classes with different names that were wrappers around an unsigned int. I don't know of a trick to do what you want in C.

Answer 2

You could do something like:

typedef struct
{
    unsigned int c_idx;
} char_idx;

typedef stuct
{
    unsigned int b_idx;
} byte_idx;

Then you would see when you are using each:

char_idx a;
byte_idx b;

b.b_idx = a.c_idx;

Now it is more clear that they are different types but would still compile.

Answer 3

For "handle" types (opaque pointers), Microsoft uses the trick of declaring structures and then typedef'ing a pointer to the structure:

#define DECLARE_HANDLE(name) struct name##__ { int unused; }; \
                             typedef struct name##__ *name

Then instead of

typedef void* FOOHANDLE;
typedef void* BARHANDLE;

They do:

DECLARE_HANDLE(FOOHANDLE);
DECLARE_HANDLE(BARHANDLE);

So now, this works:

FOOHANDLE make_foo();
BARHANDLE make_bar();
void do_bar(BARHANDLE);

FOOHANDLE foo = make_foo();  /* ok */
BARHANDLE bar = foo;         /* won't work! */
do_bar(foo);                 /* won't work! */

Answer 4

Another solution to your confusion would be to use hungarian notation instead of typedefs:

typedef unsigned int uint;

uint cA; // Character
uint bB; // Byte

cA = bB;

Answer 5

Use a lint. See Splint:Types and strong type check.

Strong type checking often reveals programming errors. Splint can check primitive C types more strictly and flexibly than typical compilers (4.1) and provides support a Boolean type (4.2). In addition, users can define abstract types that provide information hiding (0).

Answer 6

In C, the only distinction between user-defined types that is enforced by the compiler is the distinction between structs. Any typedef involving distinct structs will work. Your major design question is should different struct types use the same member names? If so, you can simulate some polymorphic code using macros and other scurvy tricks. If not, you are really committed to two different representations. E.g., do you want to be able to

#define INCREMENT(s, k) ((s).n += (k))

and use INCREMENT on both byte_idx and char_idx? Then name the fields identically.

Answer 7

There is another very nice article (Although i don't agree to ban goto :) ) from Joel named Making Wrong Code Look Wrong.
I think it's very related to your question even if there is not direct connection.

Answer 8

You asked about extensions. Jeff Foster's CQual is very nice, and I think it could do the job you want.

Answer 9

What you want is called "strong typedef" or "strict typedef". Programming languages Ada, D have this feature, c/c++ do not. As far as i know c++1x does not support it either. There may have been a proposal to include it into the next c++ version with the name "opaque typedef private", but the proposal was not accepted.

Some compilers may provide this functionality via a command line option: http://www.gimpel.com/html/strong.htm

Some people try to write wrapper classes to emulate this feature. For example you can create a wrapper template class to implement strong_typedef. It would have the base type as its template type parameter, and would be inherited from the base type.

Other people experiment with macro: http://www.boost.org/doc/libs/1%5F40%5F0/boost/strong%5Ftypedef.hpp

Answer 10

Use strong typedef as defined in BOOST_STRONG_TYPEDEF