array cast should be supported corrected

Steven Schveighoffer schveiguy at yahoo.com
Fri Aug 8 07:17:48 PDT 2008 

"Robert Fraser" wrote
> Steven Schveighoffer Wrote:
>> O(1) aliasing is OK for a base class if you
>> are not planning on changing the existing elements.
>
> In this case it should require an explicit cast. A[] could be implicitly
> castable to const(Base[]) but not to const(Base)[] or Base[].

That eliminates the possibility of having covariant functions that return 
arrays of objects.

>> > It's also extremely easy to overlook this error. Say you're passing an
>> > array
>> > of A[] to a function that modifies an array of Base[] by possibly 
>> > adding
>> > things. In a large system, it can be a tricky bug to track down since 
>> > the
>> > error may not manifest itself until a while after it happens, and may 
>> > not
>> > always be a segfault (if they're the same size & it's just the bits 
>> > being
>> > interpreted as the wrong type, things could get very ugly -- it may not
>> > always just segfault).
>>
>> This is not a common case (to pass in a abstract base array in which you
>> plan on changing elements).  The common case is to use the base class 
>> array
>> as a means of writing a common function that *uses* the array, but does 
>> not
>> create elements in it.  For that, the cast is perfectly safe.  Or to use 
>> it
>> as a co-variant return value.  I think the benefits of being able to cast
>> this way outweigh the uncommon pitfalls.
>
> I agree the advantages are enough to justify allowing aliasing without
> serious subversion of the type system. But the cast _must be explicit_,
> so users see a red flag there. It's potentially dangerous, since you
> might accidentally interpret  one bit pattern as a different type. Short 
> of
> unions, only a cast can do that.
>
>> I look at it no differently than doing:
>>
>> class C {int x;}
>>
>> C c;
>> c.x = 5; // segfault
>
> How is that at all the same? In the case of implicit base class casting,
> you're tricking the compiler (likely without meaning to) into interpreting
> the data as an incorrect type. In this case, the compiler is acting 
> correctly
> and you have a bug in your code.

I'm trying to show that there is a precedent of being able to make code that 
fails without explicit casting.  Everyone knows that the 'right' thing to do 
is to create a new object before using it.

I could say exactly the same thing about your example.  The compiler is 
acting correctly and you have a bug in your code.

-Steve

More information about the Digitalmars-d mailing list