September 09, 2007
When I mentioned this on another thread, I got misunderstood, so I'm going to try again, only this time being very, very clear, so hopefully it will all make sense this time.

I propose that it shall be a compile-time error to cast away constness or invariance with the existing syntax.

For example

const int n = 42;
auto p = &n;
auto q = cast(int *)p; /* Currently compiles. I propose that it should
be a compile error */

Since D is a nuts-and-bolts language, and Walter doesn't actually want to prevent you from doing stupid things, there must be a way of getting round that restriction. The intent is not to /prevent/ you from being stupid - I mean, doing low level nuts-and-bolts things - it's to require you to use a different syntax, so that you damn well can't do it by accident. The syntax that I suggest for this is:

auto q = cast(!const)p;

This would allow the existing cast syntax to be made const-safe, and is also consistent with the exisiting cast(const) syntax.
September 09, 2007
I think this is good idea. It will help to find this class of bugs, which although one shouldn't make, if it is there it will be sneaky one.

Note that if you want to cast the underlying types too it will be quite ugly:

auto q = cast(long*)cast(!const)p;

You might agree that the syntax of !const can be something different, it doesn't really matter as long as it achieves the same thing: catching casting away const by accident. I personally don't care if it's foobar_cast or whatever, if it's recognizable that's fine.

It will also allow you to grep your or other peoples source for this kind of cast, which is currently not possible at all in D, but is in C++.


September 09, 2007
Lutger wrote:
> I think this is good idea. It will help to find this class of bugs, which although one shouldn't make, if it is there it will be sneaky one.
> 
> Note that if you want to cast the underlying types too it will be quite ugly:
> 
> auto q = cast(long*)cast(!const)p;
> 
> You might agree that the syntax of !const can be something different, it doesn't really matter as long as it achieves the same thing: catching casting away const by accident. I personally don't care if it's foobar_cast or whatever, if it's recognizable that's fine.
> 
> It will also allow you to grep your or other peoples source for this kind of cast, which is currently not possible at all in D, but is in C++.
> 
> 
My earlier proposal was:
cast(break const)
for essentially the same thing. But we really need something for this, whatever the syntax.
September 09, 2007
> It will also allow you to grep your or other peoples source for this kind of cast, which is currently not possible at all in D, but is in C++.

Actually, it's not possible is C++, because even though you can grep for const_cast, you can't grep for the old-fashioned C way of casting, and that's still legal in C++.

D would automatically become the winner.
September 09, 2007
Janice Caron wrote:
>> It will also allow you to grep your or other peoples source for this kind of cast, which is currently not possible at all in D, but is in C++.
> 
> Actually, it's not possible is C++, because even though you can grep for const_cast, you can't grep for the old-fashioned C way of casting, and that's still legal in C++.

But can be disallowed by coding conventions, and reported by tools; working in a sensible subset that bans C-style casts, and grepping is effective.

(I'm oversimplifying unfortunately, as C++ also has functional style casts, which have the same semantics as C-style casts.)

> D would automatically become the winner.

;)

-- James
September 10, 2007
Lutger wrote:
> I think this is good idea. It will help to find this class of bugs, which although one shouldn't make, if it is there it will be sneaky one.
> 
> Note that if you want to cast the underlying types too it will be quite ugly:
> 
> auto q = cast(long*)cast(!const)p;

What's wrong with:

auto q = cast(!const long*)p;

as the almost opposite of:

auto q = cast(const long*)p;

Regan
September 10, 2007
Yeah, that works too.


September 10, 2007
Janice Caron wrote:
> When I mentioned this on another thread, I got misunderstood, so I'm
> going to try again, only this time being very, very clear, so
> hopefully it will all make sense this time.
> 
> I propose that it shall be a compile-time error to cast away constness
> or invariance with the existing syntax.
> 
> For example
> 
> const int n = 42;
> auto p = &n;
> auto q = cast(int *)p; /* Currently compiles. I propose that it should
> be a compile error */
> 
> Since D is a nuts-and-bolts language, and Walter doesn't actually want
> to prevent you from doing stupid things, there must be a way of
> getting round that restriction. The intent is not to /prevent/ you
> from being stupid - I mean, doing low level nuts-and-bolts things -
> it's to require you to use a different syntax, so that you damn well
> can't do it by accident. The syntax that I suggest for this is:
> 
> auto q = cast(!const)p;
> 
> This would allow the existing cast syntax to be made const-safe, and
> is also consistent with the exisiting cast(const) syntax.

This issue has been brought up before, and many of us also agree it is a problem:
http://www.digitalmars.com/d/archives/digitalmars/D/D2.0_an_example_of_use-case_for_casting_invariant_away_54620.html

I noted on that thread that "cast(!const)" can be made just as well using D's meta programming capabilites. A new syntax is not needed, although nonetheless, this construct should be on the standard library.


-- 
Bruno Medeiros - MSc in CS/E student
http://www.prowiki.org/wiki4d/wiki.cgi?BrunoMedeiros#D
September 11, 2007
Don Clugston wrote:
> My earlier proposal was:
> cast(break const)
> for essentially the same thing. But we really need something for this, whatever the syntax.

IIRC, that alternative was the most popular in the original thread.

Personally, I won't like the const framework until there is a safe way of converting to/from the various types of constness.  I have ideas on the topic, but I don't know if my issues are considered a problem or not.
September 11, 2007
vote++


« First   ‹ Prev
1 2
Top | Discussion index | About this forum | D home