[zeromq-dev] type safe sockets

john skaller skaller at users.sourceforge.net
Sat Feb 11 23:04:09 CET 2012

Rough outline of proposal to fix the bad choice of socket type.
(And possibly others like contexts).

1. Change the docs to name the type zmq_socket_t

2. Add two macros


3. In the C binding:

	if exactly one of these is set, use that
	if two are set, bug out the compile
	if none are set, select a default

4. The default for 3.1 will be ZMQ_TYPE_UNSAFE
5. The default for 4.x will be ZMQ_TYPE_SAFE

6. In the binding, for ZMQ_TYPE_UNSAFE

	typedef void *zmq_socket_t;


	typedef struct zmq_socket_t { data *void; } zmq_socket_t;

7. Put casts in to fix the types inside the binding.

This provides a migration path. The default for 3.1 breaks nothing.
People are encouraged to change application code to use zmq_socket_t
instead of void * for socket type. New code should always do this.

By compiling with ZMQ_TYPE_SAFE you can use your compiler to check
where you need to fix your application code. If you make some of the changes
and then give up, that's fine. In 3.1, just don't set the macro. In 4.x, just do
set the macro ZMQ_TYPE_UNSAFE.

I think this will work without changing the library, provided the C binding
code is NOT compiled against the header file. C doesn't have type safe linkage,
the two types (void * and the struct) are the same size, they should both be
passed in a register the same way.

A half way proposal: 

	typedef struct zmq_socket_object *zmq_socket_t;

is better than void *, but is still vulnerable to conversions to
and (in C only) from, void*.

john skaller
skaller at users.sourceforge.net

More information about the zeromq-dev mailing list