Notes from C++ static analysis
Paulo Pinto
pjmlp at progtools.org
Thu Jun 27 00:29:58 PDT 2013
On Thursday, 27 June 2013 at 02:25:54 UTC, Andrei Alexandrescu
wrote:
> On 6/26/13 2:47 PM, Paulo Pinto wrote:
>> Am 26.06.2013 20:52, schrieb H. S. Teoh:
>>> On Wed, Jun 26, 2013 at 08:08:08PM +0200, bearophile wrote:
>>>> An interesting blog post found through Reddit:
>>>>
>>>> http://randomascii.wordpress.com/2013/06/24/two-years-and-thousands-of-bugs-of-/
>>>>
>>> [...]
>>>> The most common problem they find are errors in the format
>>>> string of
>>>> printf-like functions (despite the code is C++):
>>>
>>> None of my C++ code uses iostream. I still find stdio.h more
>>> comfortable
>>> to use, in spite of its many problems. One of the most
>>> annoying features
>>> of iostream is the abuse of operator<< and operator>> for
>>> I/O. Format
>>> strings are an ingenious idea sorely lacking in the iostream
>>> department
>>> (though admittedly the way it was implemented in stdio is
>>> rather unsafe,
>>> due to the inability of C to do many compile-time checks).
>>
>> I have been an adept of iostreams since day one and never
>> understood why
>> people complain so much about them or the operator<< and
>> operator>>
>> for that matter.
>
> The problems with C++ iostreams are well-known and pernicious:
>
> 1. Extremely slow by design.
>
> 2. Force mixing representation with data by design
>
> 3. Keep conversion state within, meaning they force very
> bizarre tricks even for simple things such as printing/scanning
> hex numbers.
>
> 4. Approach to exception safety has the wrong default.
>
> 5. Approach to internationalization (locales) has the most
> byzantine design I've ever seen. Even people who took part to
> the design can't figure it all out.
>
>
> Andrei
I always liked their OO model and for the type of applications we
use performance never was a problem.
My iostreams experience is mostly coupled to serialization of
data structures, simple console applications.
Exception safety might be an issue, sadly I was never able to
write portable C++ code at work that used either RTTI or
exceptions. Just too many issues, which always lead to the
architects forbidding their use.
Thanks for the explanation.
--
Paulo
More information about the Digitalmars-d
mailing list