One more shot at this const thing.
Dave
Dave_member at pathlink.com
Thu Jul 27 17:09:30 PDT 2006
Reiner Pope wrote:
> Dave wrote:
>> Also maybe const would apply only to built-in reference types
>> (including class objects) and not pointers, justifiable because D has
>> these built-in whereas C++ doesn't. The same 'const' would not apply
>> to value types either, for simplicity.
> This presumably has the consequence that you can't get a pointer to a
> const object? Otherwise it could be trivially subverted:
>
> const char[] c;
> char* ptr = c.ptr;
> *ptr = 5; // Whoops! Const violation!
>
You're right and that (c.ptr) would need to be disallowed, along with
other things I've probably forgotten.
> Pointers do seem to be one of the main sources of trouble with const,
> though, so it's an interesting idea.
>
>>
>> The compiler can't enforce everything you can do to a const in D. To
>> make it so that const can actually be meaningful, additional language
>> could be added to the spec. That language could be as simple as
>> something like: "subverting const can result in undefined behavior".
>
> Wouldn't that then put the onus back on the programmer to avoid const
> violations? Back to square one? Unless, of course, a const violation was
I don't think so because you'd have to do something pretty explicit to
subvert the compile-time checks (as in the original post).
I think the compile-time checks in the original post are doable because
most of them have been done w/ C++ implementations for years now and the
ones I added should not be too difficult either (IM0).
The stuff I added was to also not allow a const to be assigned to a
non-const [or vice-versa] with or without casting from one to the other:
const char[] a;
char[] b;
...
b = a; // error
b = cast(char[])a; // error
...
a = b; // error
a = cast(const char[])b; // error
Now of course, another check would be that the .ptr property would not
be allowed for const ref. types (as you caught above).
What about things like multi-dim arrays of reference objects?
Currently in C++:
void foo(MyClass const* const* const* const arg)
{
// error: assignment of read-only parameter
arg = new MyClass**[10];
// error: assignment of read-only location
arg[0] = new MyClass*[10];
// error: discards qualifiers
arg[0][0] = new MyClass();
// error: assignment of member of read-only structure
arg[0][0]->i = 10;
}
In D:
// In D, const means "readonly" for all members of any type of
// aggregate, just like it would if arg was 'const MyClass arg'
// or const char[] arg.
void foo(const MyClass[][] arg)
{
// error: assignment of read-only parameter
arg = new MyClass[][10];
// error: assignment of read-only location
arg[0] = new MyClass[10];
// error: discards qualifiers
arg[0][0] = new MyClass;
// error: assignment of member of read-only structure
arg[0][0].i = 10;
}
The idea is to use the error checking that already works for C++, extend
it to not be easily subverted by casting or simple assignment and
apply it to all members of any type of reference aggregate.
Thanks,
- Dave
> explicitly obvious, in which case it would be an entirely different matter.
>
> Cheers,
>
> Reiner
More information about the Digitalmars-d
mailing list