[plt-scheme] foreign.ss changes? Or, just missing something...
On Nov 23, Matthew Jadud wrote:
> In the module 'foreign.ss', I'm confused about the
>
> (provide* (unsafe get-ffi-obj))
>
> which is just one level of syntax too deep for me to unravel. I've
> seen (Eli's?) comment about 'unsafe!' bindings, but I don't quite
> see what is (or is not) being exported.
Well, the idea is that when you (require (lib "foreign.ss")), you get
only safe bindings, meaning that you should not be able to crash the
process. For example, you don't get `get-ffi-obj' since that is
inherently dangerous (there is no way to know that the types you use
are correct, or that the foreign function might crash on a full moon).
The way you do get these bindings in is to use `(unsafe!)', which
indicates that you're now writing dangerous code. If you do this, it
is your responsibility to write a safe interface, so people who use
your code will not get a crash. If do you want to expose a dangerous
operation, you should use the facilities to define your own
`unsafe!'-like macro to hide stuff (this is only if you write
additional foreign functionality and not just an interface).
The bottom line of all this is that if you get a crash, the fault is
always on either the C implementation, or on unsafe!-marked code.
(BTW, there might still be changes to that, since there are some
issues with it now.)
--
((lambda (x) (x x)) (lambda (x) (x x))) Eli Barzilay:
http://www.barzilay.org/ Maze is Life!