 |
C++Talk.NET
C++ language newsgroups
|
| View previous topic :: View next topic |
| Author |
Message |
Peter Most
Guest
|
 Posted: Tue Dec 06, 2005 6:17 pm Post subject: A safer/better C++? |
 |
|
Hello everybody,
I would like to get some opinions about whether it would make sense to
change the C++ design principles, so it would become safer for beginner?
I'm assuming there are two kind of beginner:
1) A beginner who, through reading and education, will eventually become an
advanced developer and maybe even an expert developer. For this discussion
I simple call them "novice" developer.
2) A beginner who doesn't read or educate himself and simply muddles
through. I would like to call this kind of developer "ignorant" developer.
Now both kind of developers start to program and sooner or later they start
to use arrays. Both will probably at some point start to use a vector. I'm
also assuming that both developers have difficulties with the index and the
designer of vector obviously also assumed this, why else would there an
at()?
The novice developer reads more about vector and learns, that there are two
ways to access the elements. A fast but unsafe way via the operator[] and a
version which is little slower but safer way via at(). He starts to use at()
because it is a lot safer and he doesn't need that last bit of speed.
The ignorant developer also starts to use vector but doesn't learn that
there a two interface, so he still uses operator[] and still has problems
and bugs with the index access.
So my question is now, would it not have been better to reverse the semantic
of the two versions, meaning operator[] checks the index and throws an
exception and at() would allow an unchecked access? I'm assuming of course
that either beginner starts to use the vector via the operator[]. If this
assumption would be correct, then a beginner would start with the safe
version and maybe, if he needs that additional speed, later use the at()
version.
This is of course easiest done in libraries, because then the language
doesn't have to be changed. But I wonder whether it would make sense also
in a new language design. It wouldn't be C++ anymore, because it would break
backwards compatibility, but maybe a worthy C++ successor?
To give some background on this thoughts:
I'm developing in C++ for about 15 years and in recent years I got the
feeling, that C++ is loosing ground to other languages like Java and C#. I
simply love the sheer power I have with C++ and if I shoot myself in the
foot, so to speak, I simply learn to aim better, but I also learned, that
for beginners it is often to difficult to learn. There are simply to many
mistakes a beginner can make and only trough education does he learn to
avoid those beginner mistakes. Mind you, I'm only referring to unsafe
constructs which led to crashes. I'm not talking about supposedly complex
features like operator overloading or multiple inheritance. If a beginner
doesn't understand these features he probably won't use them. But because
of the forementioned ignorant developers, the language is getting a bad
reputation for it's "unsafety" which also influences decision makers to
abandon C++ projects. I read of course Bjarne Stroustrup's excellent
posting (http://www.research.att.com/~bs/blast.html) where he addresses
some of the issues. But the questions remains:
Should C++ changed to be a more beginner friendly language?
I'm very interested in hearing your opinions.
Kind regards
Peter
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
 |
Bob Hairgrove
Guest
|
| Posted: Wed Dec 07, 2005 2:02 pm Post subject: Re: A safer/better C++? |
|
|
On 6 Dec 2005 13:17:34 -0500, Peter Most <Peter_Most (AT) gmx (DOT) de> wrote:
| Quote: | Hello everybody,
I would like to get some opinions about whether it would make sense to
change the C++ design principles, so it would become safer for beginner?
I'm assuming there are two kind of beginner:
1) A beginner who, through reading and education, will eventually become an
advanced developer and maybe even an expert developer. For this discussion
I simple call them "novice" developer.
2) A beginner who doesn't read or educate himself and simply muddles
through. I would like to call this kind of developer "ignorant" developer.
Now both kind of developers start to program and sooner or later they start
to use arrays. Both will probably at some point start to use a vector. I'm
also assuming that both developers have difficulties with the index and the
designer of vector obviously also assumed this, why else would there an
at()?
The novice developer reads more about vector and learns, that there are two
ways to access the elements. A fast but unsafe way via the operator[] and a
version which is little slower but safer way via at(). He starts to use at()
because it is a lot safer and he doesn't need that last bit of speed.
The ignorant developer also starts to use vector but doesn't learn that
there a two interface, so he still uses operator[] and still has problems
and bugs with the index access.
So my question is now, would it not have been better to reverse the semantic
of the two versions, meaning operator[] checks the index and throws an
exception and at() would allow an unchecked access? I'm assuming of course
that either beginner starts to use the vector via the operator[]. If this
assumption would be correct, then a beginner would start with the safe
version and maybe, if he needs that additional speed, later use the at()
version.
|
It's an interesting idea, but I think the way it is now is more
intuitive. Arrays do no checking when using [], so why should
vector::operator[]? The fact that at() doesn't exist for arrays
implies (to me) that it is more special and has enhanced functionality
(i.e. does checking of the index).
| Quote: | This is of course easiest done in libraries, because then the language
doesn't have to be changed. But I wonder whether it would make sense also
in a new language design. It wouldn't be C++ anymore, because it would break
backwards compatibility, but maybe a worthy C++ successor?
To give some background on this thoughts:
I'm developing in C++ for about 15 years and in recent years I got the
feeling, that C++ is loosing ground to other languages like Java and C#. I
simply love the sheer power I have with C++ and if I shoot myself in the
foot, so to speak, I simply learn to aim better, but I also learned, that
for beginners it is often to difficult to learn. There are simply to many
mistakes a beginner can make and only trough education does he learn to
avoid those beginner mistakes. Mind you, I'm only referring to unsafe
constructs which led to crashes. I'm not talking about supposedly complex
features like operator overloading or multiple inheritance. If a beginner
doesn't understand these features he probably won't use them. But because
of the forementioned ignorant developers, the language is getting a bad
reputation for it's "unsafety" which also influences decision makers to
abandon C++ projects. I read of course Bjarne Stroustrup's excellent
posting (http://www.research.att.com/~bs/blast.html) where he addresses
some of the issues. But the questions remains:
Should C++ changed to be a more beginner friendly language?
|
No ... isn't that why we have Java, C# and Visual Basic? ;)
One might argue that knives should be outlawed because you can cut
yourself with them.
--
Bob Hairgrove
[email]NoSpamPlease (AT) Home (DOT) com[/email]
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
David Abrahams
Guest
|
| Posted: Wed Dec 07, 2005 2:05 pm Post subject: Re: A safer/better C++? |
|
|
Peter Most <Peter_Most (AT) gmx (DOT) de> writes:
| Quote: | Hello everybody,
I would like to get some opinions about whether it would make sense to
change the C++ design principles, so it would become safer for beginner?
I'm assuming there are two kind of beginner:
1) A beginner who, through reading and education, will eventually become an
advanced developer and maybe even an expert developer. For this discussion
I simple call them "novice" developer.
2) A beginner who doesn't read or educate himself and simply muddles
through. I would like to call this kind of developer "ignorant" developer.
Now both kind of developers start to program and sooner or later they start
to use arrays. Both will probably at some point start to use a vector. I'm
also assuming that both developers have difficulties with the index and the
designer of vector obviously also assumed this, why else would there an
at()?
The novice developer reads more about vector and learns, that there are two
ways to access the elements. A fast but unsafe way via the operator[] and a
version which is little slower but safer way via at(). He starts to use at()
because it is a lot safer and he doesn't need that last bit of speed.
|
Safer how? It won't make an unintentional out-of-bounds access any
more correct. Incorrect code can always have unintended (i.e. unsafe)
behaviors.
--
Dave Abrahams
Boost Consulting
www.boost-consulting.com
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Alf P. Steinbach
Guest
|
| Posted: Wed Dec 07, 2005 2:07 pm Post subject: Re: A safer/better C++? |
|
|
* Peter Most:
The Internet Gods refuse to honor my request to see that page,
teleporting me instead to ...
Argh, on the third try, to copy the URL I get redirected to, they
finally let me through to that page, but, there is evidently something
that doesn't quite work as it should.
I meant to write,
"did you mean <url:
http://www.research.att.com/~bs/new_learning.pdf>?",
but now, well, I still think that's relevant! ;-)
PS: Regarding Bjarne's comments on the statement "C++ sucks", I think he
may have misunderstood. All those who state that "C++ sucks" simply
mean that they're drawn inexorably towards C++. That's how good it is!
--
A: Because it messes up the order in which people normally read text.
Q: Why is it such a bad thing?
A: Top-posting.
Q: What is the most annoying thing on usenet and in e-mail?
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Sektor van Skijlen
Guest
|
| Posted: Wed Dec 07, 2005 2:10 pm Post subject: Re: A safer/better C++? |
|
|
Dnia 6 Dec 2005 13:17:34 -0500, Peter Most skrobie:
| Quote: | Hello everybody,
I would like to get some opinions about whether it would make sense to
change the C++ design principles, so it would become safer for beginner?
|
Regarding what you mean in the "beginner" term, I think it would, but with
your proposition it wouln't either.
The problem of safety in C++ is not only in case of indexing vector out of
bounds, but also other things, like accessing objects in freed memory. I'd
rather see the solution in making appropriate high-level environment in which
the program in C++ runs so that every invalid access will end up with an
exception. Cheching bounds in [] can be added by an implementation as well, on
a direct request.
This change in Standard terms would change also existing programs, which is
not what "non-beginners" want.
| Quote: | To give some background on this thoughts:
I'm developing in C++ for about 15 years and in recent years I got the
feeling, that C++ is loosing ground to other languages like Java and C#. I
simply love the sheer power I have with C++ and if I shoot myself in the
foot, so to speak, I simply learn to aim better, but I also learned, that
for beginners it is often to difficult to learn. There are simply to many
mistakes a beginner can make and only trough education does he learn to
avoid those beginner mistakes. Mind you, I'm only referring to unsafe
constructs which led to crashes. I'm not talking about supposedly complex
features like operator overloading or multiple inheritance. If a beginner
doesn't understand these features he probably won't use them. But because
of the forementioned ignorant developers, the language is getting a bad
reputation for it's "unsafety" which also influences decision makers to
abandon C++ projects. I read of course Bjarne Stroustrup's excellent
posting (http://www.research.att.com/~bs/blast.html) where he addresses
some of the issues. But the questions remains:
Should C++ changed to be a more beginner friendly language?
|
This thought is still worth taking into consideration. But still the only way
that leads to a safe usage of C++ is learning. So if a developer is assigned
to a work in a production environment, there must be someone to look at this
code and detect such problematic usages. I heard, for example, that inability
to overload operators in Java is its advantage. Why? Because it prevents
immature developers from doing stupid things. However a language, which is
suitable for beginners is rather not suitable for professionals. C++ can be
made safer, but only by cost of removing features, which professionals would
require in this language. That's why it depends, which developers the project
needs, which of them can be allocated for a project.
When I started learning C++ a couple years ago, I just accepted it as it is
and I never had problems with its safety. Of course, I did mistakes many times
and there was also a lot of problems very hard to detect, but I never thought
that hardening it is a way the C++ should walk. For "ignorant" developers
maybe Java would be more suitable.
For a complicated language (that is, a language that provides a lot of
capabilities and programming paradigms) there is only one way to use it
correctly: learning. And for "ignorant" developers there's no hope. Hardening
C++ is not a help for that.
--
// _ ___ Michal "Sektor" Malecki <sektor(whirl)kis.p.lodz.pl>
\ L_ |/ `| /^ ,() <ethourhs(O)wp.pl>
// _ | / _/ / C++ bez cholesterolu: http://www.intercon.pl/~sektor/cbx
"I am allergic to Java because programming in Java reminds me casting spells"
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Rob
Guest
|
| Posted: Wed Dec 07, 2005 2:23 pm Post subject: Re: A safer/better C++? |
|
|
Peter Most wrote:
| Quote: | Hello everybody,
I would like to get some opinions about whether it would make sense to
change the C++ design principles, so it would become safer for
beginner?
I'm assuming there are two kind of beginner:
1) A beginner who, through reading and education, will eventually
become an advanced developer and maybe even an expert developer. For
this discussion I simple call them "novice" developer.
2) A beginner who doesn't read or educate himself and simply muddles
through. I would like to call this kind of developer "ignorant"
developer.
Now both kind of developers start to program and sooner or later they
start to use arrays. Both will probably at some point start to use a
vector. I'm also assuming that both developers have difficulties with
the index and the designer of vector obviously also assumed this, why
else would there an at()?
|
I'll leave that one for someone who knows something about the design
rationale of the STL. :-)
| Quote: |
The novice developer reads more about vector and learns, that there
are two ways to access the elements. A fast but unsafe way via the
operator[] and a version which is little slower but safer way via
at(). He starts to use at() because it is a lot safer and he doesn't
need that last bit of speed.
|
No. The novice developer is unlikely to pick up on existance of at(),
but will be more careful in use of operator[]. This isn't a fault of
the novice: it's because most examples (at least those that don't
involve using iterators) in introductory texts use operator[]
| Quote: |
The ignorant developer also starts to use vector but doesn't learn
that there a two interface, so he still uses operator[] and still has
problems and bugs with the index access.
|
In my experience, vector is a step up for the ignorant developer. They
are more likely to do this (for an array of ints);
int *array;
array[some_index] = 42;
The only way you could prevent this would be to remove pointers from
the language.
| Quote: |
So my question is now, would it not have been better to reverse the
semantic of the two versions, meaning operator[] checks the index and
throws an exception and at() would allow an unchecked access? I'm
assuming of course that either beginner starts to use the vector via
the operator[]. If this assumption would be correct, then a beginner
would start with the safe version and maybe, if he needs that
additional speed, later use the at() version.
This is of course easiest done in libraries, because then the language
doesn't have to be changed. But I wonder whether it would make sense
also in a new language design. It wouldn't be C++ anymore, because it
would break backwards compatibility, but maybe a worthy C++ successor?
|
What you are describing is the same sort of thinking that resulted in
Java: they removed features from the language they din't like, and
added others that they claimed were safer.
The problem with that is that such a language is offputting to someone
with any experience. With a disciplined approach, the benefits of a
"safe" language or library are relatively limited. And can actually be
limiting, by eliminating some powerful techniques.
| Quote: |
To give some background on this thoughts:
I'm developing in C++ for about 15 years and in recent years I got the
feeling, that C++ is loosing ground to other languages like Java and
C#. I simply love the sheer power I have with C++ and if I shoot
myself in the foot, so to speak, I simply learn to aim better, but I
also learned, that for beginners it is often to difficult to learn.
|
C++ is losing ground to languages like Java and C# in problems areas
that are better suited to using Java or C#. That's the way it should
be. If you are doing a job that Java is designed to do well, you are
better off using Java than C++. But if you are doing a job that is
outside the realm of what Java does well, you will be better off
choosing another language (and C++ may well be the better choice).
| Quote: | There are simply to many mistakes a beginner can make and only trough
education does he learn to avoid those beginner mistakes. Mind you,
I'm only referring to unsafe constructs which led to crashes. I'm not
talking about supposedly complex features like operator overloading
or multiple inheritance. If a beginner doesn't understand these
features he probably won't use them. But because of the forementioned
ignorant developers, the language is getting a bad reputation for
it's "unsafety" which also influences decision makers to abandon C++
projects. I read of course Bjarne Stroustrup's excellent posting
(http://www.research.att.com/~bs/blast.html) where he addresses some
of the issues. But the questions remains:
Should C++ changed to be a more beginner friendly language?
|
My experience with decision makers (at least the rational ones) who
abandon C++ in favour of a language like Java is that they don't do it
because of safety. They do it because they find they are doing things
that are better suited to Java. One company I know of uses Java for
initial rapid prototyping (eg convince potential users that particular
features are worthwhile) but then hand the specification over to
another team that uses C++ to implement the "production version" in
which things like runtime performance are more critical.
There is some element of Java advocacy in a lot of new recruits (in
part because universities have gotten onto the bandwagon of teaching
Java). That is actually a self-licking icecream: it is easier to find
developers who know Java, but it is just as difficult to find a *good*
developer who knows Java as it is to find a good developer in C++. So
going back to Java simply because it is "safer" has a side-effect of
encouraging mediocre development standards because it is easier to find
programmers who can program with that safety net.
That's not a fault of Java (or any other language), per se. It is a
problem with the expectations that some managers have because they are
using a "safe" language --- they lower the standards when selecting
developers. The reality is that a good developer will be a good
developer regardless of programming language (as long as they are given
time and mentoring to learn a new language effectively)
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Walter Bright
Guest
|
| Posted: Wed Dec 07, 2005 2:24 pm Post subject: Re: A safer/better C++? |
|
|
"Peter Most" <Peter_Most (AT) gmx (DOT) de> wrote
| Quote: | I would like to get some opinions about whether it would make sense to
change the C++ design principles, so it would become safer for beginner?
|
C++ has been around for over 20 years now, an eternity in the software
business. I've been working on C++ compilers since 1986 or so. It certainly
makes sense every once in a while to take a step back, and see if the
feature set is the best fit for current thinking and coding practice. For
example, C++'s notion of strings is based on past ideas about character sets
and is out of step with current UTF technology.
I, however, am less concerned with making C++ a safe language for beginners
than looking at it from the standpoint of, for professional programmers:
1) improving programmer productivity
2) improving program reliability
3) improving program portability
4) improving program performance
5) improving documentation
6) improving managability
7) reducing the effort necessary to master it
 making internationalization of apps much easier
So what might such a reengineering look like? One example is the D
programming language, from www.digitalmars.com/d/
-Walter Bright, www.digitalmars.com
Digital Mars - C, C++, D programming language compilers
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
kanze
Guest
|
| Posted: Wed Dec 07, 2005 2:29 pm Post subject: Re: A safer/better C++? |
|
|
Peter Most wrote:
| Quote: | I would like to get some opinions about whether it would make
sense to change the C++ design principles, so it would become
safer for beginner?
|
Making the language safer is in general a good idea, even for
non-beginners. The question is rather how, and at what price.
(Note that some languages which claim "safety" are actually less
safe than C++, at least in the hands of someone who knows what
he is doing.)
| Quote: | I'm assuming there are two kind of beginner:
1) A beginner who, through reading and education, will
eventually become an advanced developer and maybe even an
expert developer. For this discussion I simple call them
"novice" developer.
2) A beginner who doesn't read or educate himself and simply
muddles through. I would like to call this kind of developer
"ignorant" developer.
|
I'd hesitate to call that one a developer.
| Quote: | Now both kind of developers start to program and sooner or
later they start to use arrays. Both will probably at some
point start to use a vector. I'm also assuming that both
developers have difficulties with the index and the designer
of vector obviously also assumed this, why else would there an
at()?
|
Why there is a function at() is a good question? There are
probably specific cases where it is reasonable to wait for the
vector itself to verify the validity of an index, and to report
the error with an exception, but the are certainly rare.
| Quote: | The novice developer reads more about vector and learns, that
there are two ways to access the elements. A fast but unsafe
way via the operator[] and a version which is little slower
but safer way via at(). He starts to use at() because it is a
lot safer and he doesn't need that last bit of speed.
|
What makes you say that there is any difference in speed. I
would expect that in the default mode, operator[] and at() have
about the same performance. The only difference is that at()
raises an exception, so represents an error which is, in some
way, expected (or expectable), albeit exceptional, where as
operator[] will provoke an immediate core dump -- an assertion
failure.
Like other assertions, of course, this can be turned of in
production code, if the profiler shows it necessary.
Regretfully, I fear that in most library implementations,
turning off checking is an all or nothing proposition, and some
of the other checks are expensive enough that one will have to
turn them off in production code. This is a weakness of the
current implementations, however, and not of the standard.
| Quote: | The ignorant developer also starts to use vector but doesn't
learn that there a two interface, so he still uses operator[]
and still has problems and bugs with the index access.
|
A developer who has problems with indexes has problems.
Regardless of what the library does. Using operator[], and
crashing immediately, is probably the best solution. But note
that if he has problems with indexes, it won't always be
apparent -- accessing the index 2 when the data needed is at
index 1 will not cause an immediate error if the vector has a
size of 10, but will result in something worse than a program
crash -- a silently incorrect result.
| Quote: | So my question is now, would it not have been better to
reverse the semantic of the two versions, meaning operator[]
checks the index and throws an exception and at() would allow
an unchecked access?
|
That sounds like a good way of increasing the danger.
The C++ standard has no concept of "must crash" (except in the
case of the library functions assert() and abort()). Maybe this
is what is needed. And a requirement that operator[] act as if
an assertion failure had occured in the case of an illegal
index. (If this is done, of course, one should add an unsafe_at
function which could be used in cases where the profiler
indicates that bounds checking is a bottle neck.)
[...]
| Quote: | To give some background on this thoughts:
I'm developing in C++ for about 15 years and in recent years I
got the feeling, that C++ is loosing ground to other languages
like Java and C#.
|
For some things. The reasons have nothing to do with the
relative safety of the languages, however, but with the
available infrastructure -- it's possible to write server side
dynamic web pages in C++, but the available infrastructures make
it far easier in Java.
It's interesting to note that Java hasn't replaced C++ in
critical applications, because it isn't safe enough. In the
hands of an organization which knows what it is doing, C++ is in
fact far safer than Java.
| Quote: | I simply love the sheer power I have with C++ and if I shoot
myself in the foot, so to speak, I simply learn to aim better,
but I also learned, that for beginners it is often to
difficult to learn. There are simply to many mistakes a
beginner can make and only trough education does he learn to
avoid those beginner mistakes. Mind you, I'm only referring to
unsafe constructs which led to crashes. I'm not talking about
supposedly complex features like operator overloading or
multiple inheritance. If a beginner doesn't understand these
features he probably won't use them. But because of the
forementioned ignorant developers, the language is getting a
bad reputation for it's "unsafety" which also influences
decision makers to abandon C++ projects. I read of course
Bjarne Stroustrup's excellent posting
(http://www.research.att.com/~bs/blast.html) where he
addresses some of the issues. But the questions remains:
Should C++ changed to be a more beginner friendly language?
|
I think that there are some things that do need improvement.
Not just for beginners -- I've over fifteen years experience
with the language, and I still occasionally end up declaring a
function when I mean to define a variable. I'm not convinced
that safety, per se, is the problem, however.
--
James Kanze GABI Software
Conseils en informatique orientée objet/
Beratung in objektorientierter Datenverarbeitung
9 place Sémard, 78210 St.-Cyr-l'École, France, +33 (0)1 30 23 00 34
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
benben
Guest
|
| Posted: Wed Dec 07, 2005 2:30 pm Post subject: Re: A safer/better C++? |
|
|
Peter Most wrote:
Hello Peter!
| Quote: |
I would like to get some opinions about whether it would make sense to
change the C++ design principles, so it would become safer for beginner?
[snipped]
The ignorant developer also starts to use vector but doesn't learn that
there a two interface, so he still uses operator[] and still has problems
and bugs with the index access.
|
Actually, I don't see how this happens. If you are accessing an element
out of range both operator[] and at() will fail. The only difference is
that operator[] almost always crash the program immediately, whereas the
at() will throw an exception. Now to handle the exception gracefully is
a much more challenging task than knowing at() and operator[] in itself.
It is very unlikely that the Ignorant will care to handle the exception
properly. Therefore the program crashes all the same.
| Quote: |
So my question is now, would it not have been better to reverse the semantic
of the two versions, meaning operator[] checks the index and throws an
exception and at() would allow an unchecked access? I'm assuming of course
that either beginner starts to use the vector via the operator[]. If this
assumption would be correct, then a beginner would start with the safe
version and maybe, if he needs that additional speed, later use the at()
version.
|
I am not too sure about this. Perhaps the designer decides to make the
overhead more "visible" to the user. Viz. most people feel just from the
accessing code that at() is potentially a more costly operation because
it looks like so (consider ++a and increment(a).)
Furthermore, it is not impossible for the C++ system to have a safe
operator[] optionally for debug builds.
| Quote: |
This is of course easiest done in libraries, because then the language
doesn't have to be changed. But I wonder whether it would make sense also
in a new language design. It wouldn't be C++ anymore, because it would break
backwards compatibility, but maybe a worthy C++ successor?
|
In fact, if you want to make this little change to the core language
then possible many people will want their changes, too, in the core
language. You will have an inexhaustible list of demands and that alone
will make the language several times bigger and more complex than what
C++ already is.
The reason why C++ is so complex (as most people think) is, in my
opinion, that C++ tries to address to a wide range of audience. So
within the core language which everyone needs to make an agreement upon
the only viable version of accessing an array is, well, the unsafe built
in array.
Others who thinks the built in array facility is a bad idea can
implement their own version the suit their needs. This is the beauty of
C++ you rarely see in other languages. After all, these better versions
mostly will make use of the "unwanted" built in array facility or other
implementations which uses the built in array facility. This justifies
why the built in array is there.
| Quote: |
To give some background on this thoughts:
I'm developing in C++ for about 15 years and in recent years I got the
feeling, that C++ is loosing ground to other languages like Java and C#. I
simply love the sheer power I have with C++ and if I shoot myself in the
foot, so to speak, I simply learn to aim better, but I also learned, that
for beginners it is often to difficult to learn. There are simply to many
mistakes a beginner can make and only trough education does he learn to
avoid those beginner mistakes. Mind you, I'm only referring to unsafe
constructs which led to crashes. I'm not talking about supposedly complex
features like operator overloading or multiple inheritance. If a beginner
doesn't understand these features he probably won't use them. But because
of the forementioned ignorant developers, the language is getting a bad
reputation for it's "unsafety" which also influences decision makers to
abandon C++ projects. I read of course Bjarne Stroustrup's excellent
posting (http://www.research.att.com/~bs/blast.html) where he addresses
some of the issues. But the questions remains:
|
Here are some points to make:
1. You simply can't expect the Igorants to become a good programer. Not
in C++, nor in any other languages (such as Java)
2. Every language have their own set of unsafe constructs. C++ does, do
do Java, C#, Ada, etc. For example, the array in Java is not 100% type
safe. These unsafe constructs are inevitable because they are essential,
or compromises to balance other potential unsafeties. The bottom line
is, unsafe construct must look obvious. Honestly, there are many
not-so-obvious dangers in C++ which you and me and many other users will
have to face, but compare to the real world programming, the lauguage
itself is usually a small chapter of a long story.
3. C++ was never an educational language, IMO, and it will be unlikely
to be so in the near future. I am under the impression that an
educational language will stay an educational language (Pascal); a RAD
language will stay a RAD language (Visual Basic.)
4. The ugliest part of C++ IMO is things like declaring a const pointer,
a pointer to const object, a const pointer to a function taking a const
reference to a const object and returns a reference to a pointer to a
const object, etc. Today, shame to say, I still don't master this area
in the language. Fortunately, I can typedef all these in templates,
which is very useful.
5. Sometimes an immediate crash is not a bad thing. This means the
problem is determinible and can mostly caught by a debugger. Exceptions
too can crash the program if not handled properly. The point is, never
let the program run with a problem unnoticed.
| Quote: |
Should C++ changed to be a more beginner friendly language?
|
Yes. But probably not in a way you have described.
| Quote: |
I'm very interested in hearing your opinions.
Kind regards
Peter
|
Regards,
Ben
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Branimir Maksimovic
Guest
|
| Posted: Wed Dec 07, 2005 2:33 pm Post subject: Re: A safer/better C++? |
|
|
Peter Most wrote:
| Quote: | Hello everybody,
I would like to get some opinions about whether it would make sense to
change the C++ design principles, so it would become safer for beginner?
No. C++ is good in it's area. You can easilly write real word |
applications
that will perform as expected. No run time surprises there. You get
what you write.
| Quote: |
Should C++ changed to be a more beginner friendly language?
|
If that means complex compilers then answer is no, for sure.
Those friendly languages get ugly when tryng to do some
havy duty stuff with reasonable performance and resource usage
.. In that case they are not beginner friendly as all unsafe features
are there multiplied by lack of support for them in "safe"
environment. Also begginer friendly languages usually limit the number
of ways in which program architecture can be implemented.
So C++ will never be some easy language but many things can
be done more quickly and more easilly then many others once
you grasp it.
It's just a pragmatic thing. Whenever is possible to use some
other language I always prefer other, but in many cases
it's just not applicable or I'm not satisfied with performance
or behavior of other language and that I can't usually change
without waiting for patch or next version of language or.....
Greetings, Bane.
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
John Christopher
Guest
|
| Posted: Wed Dec 07, 2005 2:59 pm Post subject: Re: A safer/better C++? |
|
|
It is more a question of writing a tutorial that introduces as few features
as possible and still allows the novice to do things. I would not advice to
change the language; it is pretty good like that and stability is such a
virtue.
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Kai-Uwe Bux
Guest
|
| Posted: Wed Dec 07, 2005 3:59 pm Post subject: Re: A safer/better C++? |
|
|
David Abrahams wrote:
| Quote: | Peter Most <Peter_Most (AT) gmx (DOT) de> writes:
Hello everybody,
I would like to get some opinions about whether it would make sense to
change the C++ design principles, so it would become safer for beginner?
[claim that at() is safer than operator[] in std::vector]
Safer how? It won't make an unintentional out-of-bounds access any
more correct.
|
Safer in that it avoids undefined behavior, which can (and for some classes
of mistakes -- like out of bounds access or dereferencing a deleted object
-- often does) result in behavior that covers up the bug.
| Quote: | Incorrect code can always have unintended (i.e. unsafe) behaviors.
|
Still, there is nothing wrong with thinking about how to reduce the
likelihood.
Best
Kai-Uwe Bux
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Kai-Uwe Bux
Guest
|
| Posted: Wed Dec 07, 2005 4:00 pm Post subject: Re: A safer/better C++? |
|
|
Peter Most wrote:
| Quote: | Hello everybody,
I would like to get some opinions about whether it would make sense to
change the C++ design principles, so it would become safer for beginner?
[snipped: suggestion to swap at() and operator[] in std::vector]
|
I do not think this is a good idea. I would rather have operator[] do
something like:
reference operator[] ( size_type pos ) {
assert( pos < this->size() );
return ...;
}
so that if DEBUG is defined I will have bug detection, and I do not have a
performance penalty in production code.
It might be even better to have a second incarnation of assert for like
std_assert that is used by the standard library to enforce contracts and
that kicks in whenever _STD_ENFOCRE_CONTRACTS is defined. The idea would be
to turn as much undefined behavior into defined runtime errors as feasible.
Best
Kai-Uwe Bux
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Peter Most
Guest
|
| Posted: Wed Dec 07, 2005 4:03 pm Post subject: Re: A safer/better C++? |
|
|
David Abrahams wrote:
| Quote: | Peter Most <Peter_Most (AT) gmx (DOT) de> writes:
Hello everybody,
I would like to get some opinions about whether it would make sense to
change the C++ design principles, so it would become safer for beginner?
I'm assuming there are two kind of beginner:
1) A beginner who, through reading and education, will eventually become
an advanced developer and maybe even an expert developer. For this
discussion I simple call them "novice" developer.
2) A beginner who doesn't read or educate himself and simply muddles
through. I would like to call this kind of developer "ignorant"
developer.
Now both kind of developers start to program and sooner or later they
start to use arrays. Both will probably at some point start to use a
vector. I'm also assuming that both developers have difficulties with the
index and the designer of vector obviously also assumed this, why else
would there an at()?
The novice developer reads more about vector and learns, that there are
two ways to access the elements. A fast but unsafe way via the operator[]
and a version which is little slower but safer way via at(). He starts to
use at() because it is a lot safer and he doesn't need that last bit of
speed.
Safer how? It won't make an unintentional out-of-bounds access any
more correct. Incorrect code can always have unintended (i.e. unsafe)
behaviors.
|
Safer in the way that it is not simply crashing, but throws an exception
which hopefully will be caught somewhere. At least that way you can add a
toplevel exception handler and know that this error won't crash your
program.
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Peter Most
Guest
|
| Posted: Wed Dec 07, 2005 6:53 pm Post subject: Re: A safer/better C++? |
|
|
Sektor van Skijlen wrote:
| Quote: | Dnia 6 Dec 2005 13:17:34 -0500, Peter Most skrobie:
|
[snip]
| Quote: | Regarding what you mean in the "beginner" term, I think it would, but with
your proposition it wouln't either.
The problem of safety in C++ is not only in case of indexing vector out of
bounds, but also other things, like accessing objects in freed memory. I'd
|
Well I have to start somewhere ;-)
| Quote: | rather see the solution in making appropriate high-level environment in
which the program in C++ runs so that every invalid access will end up
with an exception. Cheching bounds in [] can be added by an implementation
as well, on a direct request.
This change in Standard terms would change also existing programs, which
is not what "non-beginners" want.
But would it change existing programs for the worse? |
[snip]
| Quote: | This thought is still worth taking into consideration. But still the only
way that leads to a safe usage of C++ is learning. So if a developer is
assigned to a work in a production environment, there must be someone to
look at this code and detect such problematic usages. I heard, for
example, that inability to overload operators in Java is its advantage.
Why? Because it prevents immature developers from doing stupid things.
|
I tried to find examples of such "stupid things" and couldn't find a good
example. The best I could find was some example where a developer overloads
the '+=' for a container but actually removes an element (or something like
that). The argument goes on to explain that with methods this doesn't
happen, completely ignoring that a developer could write an 'add' method
which also removes an element or formats your harddrive.
So if an immature developer would overload the '+=' operator in such a way,
who can say if he wouldn't write the 'add' in a similar way?
| Quote: | However a language, which is suitable for beginners is rather not suitable
for professionals. C++ can be made safer, but only by cost of removing
features, which professionals would require in this language. That's why
it depends, which developers the project needs, which of them can be
allocated for a project.
|
The idea was to provide 2 sets of features, like the vector example. One
safe (default) feature for the beginner i.e. operator[] with range check
and a second set i.e. at() without range check.
Kind regards Peter
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
