Skip to content

Commit d18b377

Browse files
code5717code5717
committed
Revise array safety docs site
1 parent c59dd80 commit d18b377

56 files changed

Lines changed: 4692 additions & 600 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

README.md

Lines changed: 19 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -8,21 +8,25 @@ Lightweight macro helpers for dynamic arrays in C with safer edge-case handling
88
generate_array_type(int);
99
```
1010
11-
This creates `Array(int)` and `Slice(int)`.
11+
This creates `Array(int)`, `Slice(int)`, and `Span(int)`.
1212
1313
## API safety tiers
1414
1515
Use checked macros by default. Keep unchecked macros only for compatibility or explicitly performance-focused paths where preconditions are guaranteed.
1616
1717
## Checked APIs (recommended)
1818
19-
- `array_make(T, size)`: allocate array with initial capacity (`size` can be `0`).
19+
- `array_make(T, size)`: allocate array with initial capacity; use `8` as a practical default when size is unknown (`0` is allowed when you want no spare slots).
2020
- `array_free(arr)`: free array memory.
2121
- `array_reserve(arr, min_capacity)`: ensure capacity, returns `bool` and may update `arr` after `realloc`.
22-
- `array_try_push(arr, value)`: append scalar rvalues, returns `bool`.
23-
- `array_try_push_lvalue(arr, value)`: append struct or other non-scalar elements, returns `bool`.
24-
- `array_try_at(arr, idx, out_ptr)`: bounds-checked access; writes a pointer into the array, returns `bool`.
25-
- `array_try_slice_t(T, arr, low, high, out_slice)`: bounds-checked slice creation, returns `bool`.
22+
- `array_try_push(arr, value)`: append an element, returns `bool`.
23+
- `array_try_push_lvalue(arr, value)`: compatibility alias for `array_try_push`.
24+
- `array_try_at(arr, idx, out_ptr)`: bounds-checked temporary pointer access, returns `bool`.
25+
- `array_try_get(arr, idx, out_value)`: bounds-checked copy access, returns `bool`.
26+
- `array_try_set(arr, idx, value)`: bounds-checked assignment, returns `bool`.
27+
- `array_try_slice_t(T, arr, low, high, out_slice)`: bounds-checked range slice creation, returns `bool`.
28+
- `array_try_slice_at_t(T, arr, slice, idx, out_ptr)`: bounds-checked temporary pointer access through a slice range.
29+
- `array_try_span_t(T, arr, slice, out_span)`: materialize a temporary borrowed pointer span from a current array and slice range.
2630
- `array_back_ptr(arr)`: pointer to last element or `NULL` when empty.
2731
- `array_length(arr)`: element count.
2832
- `array_is_empty(arr)`: true if `count == 0`.
@@ -38,12 +42,13 @@ These are kept for compatibility and speed-focused code paths:
3842
- `array_at(arr, idx)`: unchecked index access.
3943
- `array_end(arr)`: unchecked last-element pointer (invalid on empty arrays).
4044
- `array_end_unchecked(arr)`: explicit unchecked alias.
41-
- `slice_from_array_t(T, arr, low, high)`: unchecked slice creation.
45+
- `slice_from_array_t(T, arr, low, high)`: unchecked range slice creation.
46+
- `span_make_t(T, elements, count)`: unchecked borrowed pointer span creation.
4247
4348
## Portability notes
4449
45-
- Strict C11/C17 path (`-std=c11 -pedantic`): `ARRAY_HAS_TYPEOF` is `0`; use `array_for_each_t(T, arr, it)` and typed slice macros.
46-
- GNU/Clang convenience path: `ARRAY_HAS_TYPEOF` is `1`; `array_for_each(arr, it)` and `slice_from_array` are available.
50+
- Strict C11/C17 path (`-std=c11 -pedantic`): `ARRAY_HAS_TYPEOF` is `0`; use `array_for_each_t(T, arr, it)` and typed slice/span macros.
51+
- GNU/Clang convenience path: `ARRAY_HAS_TYPEOF` is `1`; `array_for_each(arr, it)`, `slice_from_array`, and `span_make` are available.
4752
4853
## Compile verification
4954
@@ -63,7 +68,7 @@ generate_array_type(int);
6368

6469
int main(void)
6570
{
66-
Array(int) values = array_make(int, 0);
71+
Array(int) values = array_make(int, 8);
6772
int *at0 = NULL;
6873

6974
if (!values) return 1;
@@ -88,10 +93,13 @@ int main(void)
8893
## Edge-case behavior
8994
9095
- Zero-capacity arrays grow correctly on first push.
96+
- `array_make(T, 8)` is the recommended starting point for ordinary small/unknown lists; pass a better estimate when you have one.
9197
- Allocation/growth arithmetic is overflow-checked.
9298
- Reallocation failures do not discard existing array data.
9399
- `array_try_slice_t` rejects invalid ranges (`low > high` or `high > count`).
94-
- `array_try_at` and `array_try_slice_t` return `false` when output pointers are `NULL`.
100+
- Checked APIs return `false` when required output pointers are `NULL`.
101+
- `Slice(T)` stores a range and does not dangle merely because backing storage moved.
102+
- `Span(T)` and element pointers are temporary borrowed views and become invalid after backing storage is freed or reallocated.
95103
96104
## Documentation
97105

0 commit comments

Comments
 (0)