 |
C++Talk.NET
C++ language newsgroups
|
| View previous topic :: View next topic |
| Author |
Message |
John Potter
Guest
|
 Posted: Sat Aug 23, 2003 8:13 am Post subject: Type safe pointers |
 |
|
Looking for expectations for an implementation which maintains type
information for pointers and reports misuse when dereferenced.
long li(42);
short si;
For each of the following, indicate performs, error, undefined behavior.
Note that unknown value is different from undefined behavior.
si = li;
si = *reinterpret_cast<short*>(&li);
si = *static_cast<short*>(static_cast<void*>(&li));
Since this is a discussion group, why is also of interest.
Thanks,
John
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
 |
John Potter
Guest
|
| Posted: Sun Aug 24, 2003 11:34 pm Post subject: Re: Type safe pointers |
|
|
On 23 Aug 2003 13:56:41 -0400, [email]pdimov (AT) mmltd (DOT) net[/email] (Peter Dimov) wrote:
| Quote: | John Potter <jpotter (AT) falcon (DOT) lhup.edu> wrote
Looking for expectations for an implementation which maintains type
information for pointers and reports misuse when dereferenced.
|
Note the above.
| Quote: | si = *reinterpret_cast<short*>(&li);
si = *static_cast<short*>(static_cast<void*>(&li));
Undefined behavior. 3.10/15.
|
You expect the implementation to fail to detect and report either?
John
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Shay
Guest
|
| Posted: Mon Aug 25, 2003 10:11 pm Post subject: Re: Type safe pointers |
|
|
In article <g02dkvk3s6uikrjnq4ndblc0mhkmlpvju3 (AT) 4ax (DOT) com>,
[email]jpotter (AT) penguin (DOT) lhup.edu[/email] wrote:
| Quote: | Looking for expectations for an implementation which maintains type
information for pointers and reports misuse when dereferenced.
long li(42);
short si;
[snip]
si = li;
|
assert( si == 42 );
| Quote: | si = *reinterpret_cast<short*>(&li);
|
reinterpret_cast<> says we know what we're doing, so do what's most
natural for the implementation. The value depends on the architecture,
most likely 0 or 42 depending on endian-ness.
| Quote: | si = *static_cast<short*>(static_cast<void*>(&li));
|
Here we're lying, so an implementation which maintained type information
for void* should give us a runtime error even if there is no dereference.
Basically I would expect void* to behave similar to this:
class void_ptr {
void* p;
std::type_info const* type;
public:
template<typename T>
void_ptr( T* t ) : p( t ), type( &typeid (t) ) { }
template<typename T>
operator T () const {
assert( typeid (T) == *type );
return static_cast<T> (p);
}
};
The alternative, to delay the error until dereference, would require all
pointer types to be able to hold a pointer to any type of object. I have
something like this in mind:
unsigned const seg_size = 0x1000000;
class segment_ptr {
char seg;
public:
segment_ptr( void* p ) :
seg( reinterpret_cast<unsigned> (p) / seg_size ) {
assert( *this == p );
}
operator void* () const {
return reinterpret_cast<void*> (seg * seg_size);
}
};
--
Shay
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Peter Dimov
Guest
|
| Posted: Mon Aug 25, 2003 10:27 pm Post subject: Re: Type safe pointers |
|
|
John Potter <jpotter (AT) falcon (DOT) lhup.edu> wrote
| Quote: | On 23 Aug 2003 13:56:41 -0400, [email]pdimov (AT) mmltd (DOT) net[/email] (Peter Dimov) wrote:
John Potter <jpotter (AT) falcon (DOT) lhup.edu> wrote
Looking for expectations for an implementation which maintains type
information for pointers and reports misuse when dereferenced.
Note the above.
|
Noted, although it's somewhat ambiguous; is the type information
maintained by the compiler or are pointers "fat"?
| Quote: | si = *reinterpret_cast<short*>(&li);
si = *static_cast<short*>(static_cast<void*>(&li));
Undefined behavior. 3.10/15.
You expect the implementation to fail to detect and report either?
|
Hm. Considering "maintains type information for pointers and reports
misuse when dereferenced" I would expect a compile-time warning and/or
a runtime error in both cases.
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
llewelly
Guest
|
| Posted: Tue Aug 26, 2003 12:39 am Post subject: Re: Type safe pointers |
|
|
John Potter <jpotter (AT) falcon (DOT) lhup.edu> writes:
| Quote: | Looking for expectations for an implementation which maintains type
information for pointers and reports misuse when dereferenced.
long li(42);
short si;
For each of the following, indicate performs, error, undefined behavior.
Note that unknown value is different from undefined behavior.
si = li;
si = *reinterpret_cast<short*>(&li);
|
I would expect this to result in si containing an
implementation-defined value, 'unsurprising' to one familar with
the implementation's representations of both long and short,
endianess, etc. I would expect no warnings or errors from this.
| Quote: | si = *static_cast<short*>(static_cast<void*>(&li));
[snip] |
I assume this example is intended to represent cases where the two
static_cast's occur in seperate hunks of code as well.
I would expect a runtime report of misuse for this.
Conceptually, I see static_cast as a tool which reverses a
conversion. The static_cast to short* does not reverse the
original conversion - instead it converts to an unrelated
type. Note it is short* and long* I consider unrelated, not short
and long, which are obviously related.
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Michiel Salters
Guest
|
| Posted: Tue Aug 26, 2003 12:45 am Post subject: Re: Type safe pointers |
|
|
John Potter <jpotter (AT) falcon (DOT) lhup.edu> wrote
| Quote: | Looking for expectations for an implementation which maintains type
information for pointers and reports misuse when dereferenced.
long li(42);
short si;
For each of the following, indicate performs, error, undefined behavior.
Note that unknown value is different from undefined behavior.
si = li;
// Works
si = *reinterpret_cast<short*>(&li);
// Error (runtime)
si = *static_cast<short*>(static_cast<void*>(&li));
// Error (runtime)
Since this is a discussion group, why is also of interest.
|
The error cases are because such a hypothetical implementation will
have access to the dynamic type of each object, i.e. given a void*
it will be able to determine the type(s) that it points to.
These cases are easy, in that a short and a long are sufficiently
different. It would have been harder if we had a struct {long}*
Regards,
--
Michiel Salters
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
llewelly
Guest
|
| Posted: Tue Aug 26, 2003 7:07 pm Post subject: Re: Type safe pointers |
|
|
[email]pdimov (AT) mmltd (DOT) net[/email] (Peter Dimov) writes:
| Quote: | John Potter <jpotter (AT) falcon (DOT) lhup.edu> wrote
On 23 Aug 2003 13:56:41 -0400, [email]pdimov (AT) mmltd (DOT) net[/email] (Peter Dimov) wrote:
John Potter <jpotter (AT) falcon (DOT) lhup.edu> wrote
Looking for expectations for an implementation which maintains type
information for pointers and reports misuse when dereferenced.
Note the above.
Noted, although it's somewhat ambiguous; is the type information
maintained by the compiler or are pointers "fat"?
si = *reinterpret_cast<short*>(&li);
si = *static_cast<short*>(static_cast<void*>(&li));
Undefined behavior. 3.10/15.
You expect the implementation to fail to detect and report either?
Hm. Considering "maintains type information for pointers and reports
misuse when dereferenced" I would expect a compile-time warning and/or
a runtime error in both cases.
|
What about the cultural notion that a cast is 'a way to tell the
implementation I know what I'm doing' ?
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Peter Dimov
Guest
|
| Posted: Wed Aug 27, 2003 10:12 pm Post subject: Re: Type safe pointers |
|
|
llewelly <llewelly.at (AT) xmission (DOT) dot.com> wrote
| Quote: | pdimov (AT) mmltd (DOT) net (Peter Dimov) writes:
John Potter <jpotter (AT) falcon (DOT) lhup.edu> wrote
On 23 Aug 2003 13:56:41 -0400, [email]pdimov (AT) mmltd (DOT) net[/email] (Peter Dimov) wrote:
John Potter <jpotter (AT) falcon (DOT) lhup.edu> wrote
Looking for expectations for an implementation which maintains type
information for pointers and reports misuse when dereferenced.
Note the above.
Noted, although it's somewhat ambiguous; is the type information
maintained by the compiler or are pointers "fat"?
si = *reinterpret_cast<short*>(&li);
si = *static_cast<short*>(static_cast<void*>(&li));
Undefined behavior. 3.10/15.
You expect the implementation to fail to detect and report either?
Hm. Considering "maintains type information for pointers and reports
misuse when dereferenced" I would expect a compile-time warning and/or
a runtime error in both cases.
What about the cultural notion that a cast is 'a way to tell the
implementation I know what I'm doing' ?
|
A cast is a way to tell the implementation that you know what it does.
Testing the code on another implementation, one specifically intended
to catch pointer misuse, implies that you want to know whether your
code is portable, i.e. does not take advantage of undefined behavior
that happens to do the right thing on your platform.
That's how I understand it, at least. I may be missing something.
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Stefan Heinzmann
Guest
|
| Posted: Fri Aug 29, 2003 10:57 am Post subject: Re: Type safe pointers |
|
|
John Potter wrote:
| Quote: | Looking for expectations for an implementation which maintains type
information for pointers and reports misuse when dereferenced.
|
Even after reading some other postings I'm not sure whether you want the
compiler or the runtime system to keep type info for pointers. I'm
leaning towards the latter, but maybe you should make it a bit clearer
what your aim is.
| Quote: | long li(42);
short si;
For each of the following, indicate performs, error, undefined behavior.
Note that unknown value is different from undefined behavior.
si = li;
|
Performs, but I would expect a compiler warning (as is the case with
many a compiler)
| Quote: | si = *reinterpret_cast<short*>(&li);
|
Neither compiler error nor runtime error, but undefined behaviour. The
reinterpret_cast is the trust-me-blindly cast for me that defeats any
type checking except for const qualification. I would expect the content
of si to depend on the machine's endianness, but for odd machines I
would think that worse effects are possible (such as access violations).
| Quote: | si = *static_cast<short*>(static_cast<void*>(&li));
|
Given that you're really checking at runtime, I'd report misuse here. I
wouldn't report misuse if the outer cast were to char* instead of
short*, since I would see this as a legitimate way to get at the machine
representation of the long.
But I'm dithering here. Runtime checking of void* in C++ is a dodgy
notion to me.
Cheers
Stefan
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
Anthony Williams
Guest
|
| Posted: Fri Aug 29, 2003 3:17 pm Post subject: Re: Type safe pointers |
|
|
llewelly <llewelly.at (AT) xmission (DOT) dot.com> writes:
| Quote: | John Potter <jpotter (AT) falcon (DOT) lhup.edu> writes:
Looking for expectations for an implementation which maintains type
information for pointers and reports misuse when dereferenced.
long li(42);
short si;
For each of the following, indicate performs, error, undefined behavior.
Note that unknown value is different from undefined behavior.
si = li;
si = *reinterpret_cast<short*>(&li);
I would expect this to result in si containing an
implementation-defined value, 'unsurprising' to one familar with
the implementation's representations of both long and short,
endianess, etc. I would expect no warnings or errors from this.
|
Agreed.
| Quote: | si = *static_cast<short*>(static_cast<void*>(&li));
[snip]
I assume this example is intended to represent cases where the two
static_cast's occur in seperate hunks of code as well.
I would expect a runtime report of misuse for this.
|
I would expect the runtime error to occur with the dereference, not the cast.
| Quote: | Conceptually, I see static_cast as a tool which reverses a
conversion. The static_cast to short* does not reverse the
original conversion - instead it converts to an unrelated
type. Note it is short* and long* I consider unrelated, not short
and long, which are obviously related.
|
I am inclined to think that the following is valid:
assert(static_cast<long*>(
static_cast<void*>(
static_cast<short*>(
static_cast<void*>(&li))))==&li);
as round-tripping through void* is permitted, and short has lesser alignment
requirements than long on most (all?) platforms. However, I would expect
assert(static_cast<short*>(
static_cast<void*>(
static_cast<long*>(
static_cast<void*>(&si))))==&si);
To fail some of the time, on some implementations, where long has stricter
alignment requirements, because the cast to long* will essentially lose the
information, e.g. by masking the value. Indeed, I would be unsurprised by a
runtime error if the actual short was at an address that couldn't be cast to a
long*. The code should compile, though.
Anthony
--
Anthony Williams
Senior Software Engineer, Beran Instruments Ltd.
Remove NOSPAM when replying, for timely response.
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
