• Rex Couture "spamdump" (46/46) Jul 26 2002 Will you permit some questions and observations from a D newbie-to-be? ...
• Walter (40/79) Jul 26 2002 Sure! Fire away.
• Rex Couture <auser levee.wustl.edu (10/26) Jul 26 2002 I guess it's too late, but I sure like the Java idea of no pointer arith...
• Pavel Minayev (23/23) Jul 26 2002 On Fri=2C 26 Jul 2002 18=3A44=3A36 +0000 =28UTC=29 Rex Couture =3Causer=...
• Rex Couture (20/23) Jul 26 2002 Actually, I hope I'm not making enemies here, but all variants of the Ob...
• Pavel Minayev (23/36) Jul 27 2002 may
• Rex Couture (13/21) Jul 29 2002 I don't know much about the question about balance between power and saf...
• OddesE (9/11) Jul 29 2002 Use dynamic arrays.
• Pavel Minayev (27/34) Jul 29 2002 guys
• Rex Couture (20/27) Jul 29 2002 It sounds * very * encouraging that you have never needed pointers or po...
• Rex Couture (3/3) Jul 29 2002 P.S. Thanks to all about being good sports and letting me invade your
• Juan Carlos Arevalo Baeza (31/35) Jul 29 2002 needed
• Pavel Minayev (5/9) Jul 30 2002 These are covered by object references in D, which don't support arithme...
• Juan Carlos Arevalo Baeza (7/16) Jul 30 2002 arithmetic.
• Martin M. Pedersen (15/22) Jul 30 2002 Hi,
• Russ Lewis (11/18) Jul 30 2002 Yeah, when you absolutely need pointer arithmetic, all other options are...
• Juan Carlos Arevalo Baeza (18/29) Jul 30 2002 memory
• Pavel Minayev (5/9) Jul 30 2002 Then maybe just allow pointer arithmetic on void* as if it was char*?
• Burton Radons (2/15) Jul 30 2002 It's been in a long time. You can do it in GCC too, and maybe C99.
• anderson (17/27) Aug 01 2002 this
• anderson (6/13) Aug 01 2002 --I just thought of something. It's a rhetorical thing for me. If I was ...
• Pavel Minayev (14/23) Aug 01 2002 Yes, exactly.
• anderson (10/14) Aug 01 2002 wrote:
• anderson (7/7) Aug 01 2002 Whoops,
• Pavel Minayev (4/13) Aug 02 2002 Yes, it is impossible now.
• Burton Radons (16/37) Aug 01 2002 You should be able to eventually do (using my generics syntax):
• anderson (19/21) Jul 29 2002
• Pavel Minayev (11/18) Jul 30 2002 needed
• Walter (8/12) Aug 03 2002 It is controllable separately with a compiler switch. The -release switc...
• Walter (15/23) Aug 01 2002 needed
• Russ Lewis (10/21) Jul 29 2002 One of the things I'm very excited about is that D includes enough langu...
• anderson (47/69) Jul 29 2002 safety, and
• Burton Radons (37/49) Jul 26 2002 If you don't need them, you're certainly already coding in a style that
• OddesE (32/45) Jul 26 2002 arithmetic.
• Rex Couture (19/36) Jul 26 2002 That's good news. I think object references are really pointers by anot...
• Sean L. Palmer (25/31) Jul 31 2002 another
• anderson (10/42) Jul 31 2002 to
• Russell Lewis (11/17) Jul 31 2002 What about
• Burton Radons (6/21) Jul 31 2002 Walter has agreed that:
• Rex Couture (14/16) Jul 26 2002 The contracts implementation is very nice. There is one other very usef...
• Adam Connor (3/3) Jul 28 2002 You might want to take a look at Cyclone:

Rex Couture "spamdump" <auser levee.wustl.edu> writes:

Will you permit some questions and observations from a D newbie-to-be?  (Well,
maybe it's a soapbox or a challenge, but you can decide.)  I'm thinking of using
D, and I like what I see so far.  Still, I have some fundamental questions that
I think are essential measures of the quality of a programming language.  I
think most of the answers are "right", but I'd rather hear them from this
community.

1. Is it safe?  By that I mean, is it completely type-safe, even across compiled
modules?  Are memory violations possible?  Is pointer arithmetic allowed?  Is
the compiler capable of ensuring that all the rules of the language are
followed?  Are array subscript bounds always checked at run time?  (I will allow
that maybe it is necessary to turn this off in rare instances for lengthy
computations.  And yes, I know, probably nothing is completely safe.)

It seems to me that if memory and type violations are possible, they will occur.
Your own programs will not be as reliable as they could be, and if you use a
second- or third-party library, you can never be sure it won't crash and leave
you with the wreckage.


2. Is it simple?  I really like the philosophy of simplicity espoused on the
home page.  Maybe I'm mistaken, but I think I detect a certain pressure for
creeping featuritis.  If I can violate the rule against programming religion, I
would say, please, please keep the language simple.  All-powerful, but as simple
as possible.  And resist dialects at all costs.  My support goes to those of you
who have consistently advocated simplicity.

Please permit me some observations, if you will.  Programming is only part of my
job.  Although I'm not a professional programmer, as such, my programs have to
be right, and have to give the right answers, or I'm out of business.

My preferred language so far is Pascal -- you heard me right.  It's not without
problems, but when I started writing in Pascal, Fortran could not do the job,
and C++ was vaporware.  I also judged C and C++ to be dangerous, and apparently
the creators of D agree.  The interesting thing is that my very first, crude
Pascal program (about 1700 lines + communications libraries) has performed
complicated instrument-control functions flawlessly, day and night, for 15+
years.  (Well, actually, two errors surfaced during that time, but only two.)  I
can't remember ever writing a program with a memory violation (and yes, I use
pointers and OOP), and my programs almost always work right with little
debugging.  I attribute success not to programming prowess, but to the
simplicity and clarity of the language.

I would like to pass on one other observation.  There is a programmer who has
been using Component Pascal (an Oberon variant) extensively for a few years.
(I'm not really advocating that, for irrelevant reasons.)  The compiler and
environment are written in the same language.  The point is that he claims that
he has made just about every kind of mistake possible, including dangling
pointers, subtle type conversion errors -- you name it -- but he has not had a
single crash.  Maybe some infinite loops or other errors, but no memory
violations or type errors.

The $64 question:  can you match the simplicity and safety?  Please tell me you
can!

"Walter" <walter digitalmars.com> writes:

"Rex Couture spamdump" <auser levee.wustl.edu> wrote in message
news:ahrvec$2tdm$1 digitaldaemon.com...
 Will you permit some questions and observations from a D newbie-to-be?

Sure! Fire away.

 1. Is it safe?  By that I mean, is it completely type-safe, even across

compiled
 modules?

Yes.

  Are memory violations possible?  Is pointer arithmetic allowed?

Yes, and yes.

  Is
 the compiler capable of ensuring that all the rules of the language are
 followed?

No, although I try to note these areas in the spec.

  Are array subscript bounds always checked at run time?

No, it is enabled/disabled with a compiler switch. D requires that programs
not be coded in such a manner that they *depend* on array bounds checking
(this is different from Java).

 It seems to me that if memory and type violations are possible, they will

occur.
 Your own programs will not be as reliable as they could be, and if you use

a
 second- or third-party library, you can never be sure it won't crash and

leave
 you with the wreckage.

That's correct. On the other hand, D makes it largely unnecessary to use
practices that commonly lead in C to corrupted memory. An example is 'out'
parameters for functions.

 2. Is it simple?  I really like the philosophy of simplicity espoused on

the
 home page.  Maybe I'm mistaken, but I think I detect a certain pressure

for
 creeping featuritis.  If I can violate the rule against programming

religion, I
 would say, please, please keep the language simple.  All-powerful, but as

simple
 as possible.  And resist dialects at all costs.  My support goes to those

of you
 who have consistently advocated simplicity.

Where to draw that line between features and simplicity will make or break
D.

 My preferred language so far is Pascal -- you heard me right.  It's not

without
 problems, but when I started writing in Pascal, Fortran could not do the

job,
 and C++ was vaporware.  I also judged C and C++ to be dangerous, and

apparently
 the creators of D agree.  The interesting thing is that my very first,

crude
 Pascal program (about 1700 lines + communications libraries) has performed
 complicated instrument-control functions flawlessly, day and night, for

15+
 years.  (Well, actually, two errors surfaced during that time, but only

two.)  I
 can't remember ever writing a program with a memory violation (and yes, I

use
 pointers and OOP), and my programs almost always work right with little
 debugging.  I attribute success not to programming prowess, but to the
 simplicity and clarity of the language.

Modula 3 is derived from Pascal. I'd be interested then in your take on a
comparison between M3 and D.

 I would like to pass on one other observation.  There is a programmer who

has
 been using Component Pascal (an Oberon variant) extensively for a few

years.
 (I'm not really advocating that, for irrelevant reasons.)  The compiler

and
 environment are written in the same language.  The point is that he claims

that
 he has made just about every kind of mistake possible, including dangling
 pointers, subtle type conversion errors -- you name it -- but he has not

had a
 single crash.  Maybe some infinite loops or other errors, but no memory
 violations or type errors.
 The $64 question:  can you match the simplicity and safety?  Please tell

me you
 can!

I think that is possible, but only more experience doing large projects in D
will tell for sure.

Rex Couture <auser levee.wustl.edu writes:

"Rex Couture wrote
  Are memory violations possible?  Is pointer arithmetic allowed?


Walter's reply
Yes, and yes.

I guess it's too late, but I sure like the Java idea of no pointer arithmetic.
Of course, pointers are used, they just don't admit to it.


  Are array subscript bounds always checked at run time?

No, it is enabled/disabled with a compiler switch. D requires that programs
not be coded in such a manner that they *depend* on array bounds checking
(this is different from Java).

Now this is interesting!  How is this possible?  I missed this somehow.



 2. Is it simple?  I really like the philosophy of simplicity espoused on

the
 home page....

Where to draw that line between features and simplicity will make or break
D.

That's hard to say, isn't it?  Good luck!  I don't have any great wisdom here.


 My preferred language so far is Pascal -- you heard me right....  I attribute
success not to programming prowess, but to the
 simplicity and clarity of the language.


Modula 3 is derived from Pascal. I'd be interested then in your take on a
comparison between M3 and D.

I don't know.  Sorry, never tried M3.
It takes an enormous amount of effort to get into a language, with libraries and
all.  Unfortunately, Pascal and derivatives are plagued by dialects and division
of effort, as are all programming languages.


Thanks for your thoughtful reply.

Pavel Minayev <evilone omen.ru> writes:

On Fri=2C 26 Jul 2002 18=3A44=3A36 +0000 =28UTC=29 Rex Couture
=3Causer=40levee=2Ewustl=2Eedu 
wrote=3A

=3E I guess it's too late=2C but I sure like the Java idea of no pointer
arithmetic=2E
=3E Of course=2C pointers are used=2C they just don't admit to it=2E

Pointers =28and arithmetic=29 are necessary for low-level system programming=2E

But well=2C if you want safety=2C do you really =5Fneed=5F pointers=3F You've
got
references to objects - and these don't support arithmetic =28although
one could cast them to byte*=2C and then=2E=2E=2E=29=2C just like Java=2E

=3E=3ENo=2C it is enabled=2Fdisabled with a compiler switch=2E D requires that
programs
=3E=3Enot be coded in such a manner that they *depend* on array bounds checking
=3E=3E=28this is different from Java=29=2E
=3E 
=3E Now this is interesting!  How is this possible=3F  I missed this somehow=2E
 
This means that for debug builds=2C compiler inserts checks to throw
an exception whenever array index is out of bounds=2E However=2C this
is implementation detail=2C and you should NOT rely on it in your
programs - in other words=2C never ever do something like this=3A

=09try
=09=09array=5Bi=5D =3D 666=3B
=09catch =28EOutOfBounds=29
=09=09return=3B
 

Rex Couture <Rex_member pathlink.com> writes:

In article <CFN374639694477315 news.digitalmars.com>, Pavel Minayev says...

Pointers and arithmetic are necessary for low-level system programming.
But well if you want safety do you really need pointers?  You've got
references to objects - and these don't support arithmetic...

Actually, I hope I'm not making enemies here, but all variants of the Oberon
language completely prohibit pointer arithmetic.  Nevertheless, they have been
used extensively for systems programming, and at least two or three operating
systems have been written and ported to several platforms.  The compilers are
also completely written in Oberon.  You can easily verify that pointer
arithmetic is prohibited by searching Google for ' "pointer arithmetic" Oberon
'.  I don't know anything about the convenience of their approach, and they may
use a safe substitute of some sort, but I'm pretty sure that they don't give up
any capability by prohibiting pointer arithmetic.

I don't want to get into an argument about which is better (I don't use Oberon,
but I am considering D, after all), but 's very hard to convince me that pointer
arithmetic is either necessary or safe.  Maybe it's worth considering
alternatives.

I do like the idea of references to objects, which makes possible such
structures as linked lists.  I agree, I would never use pointer arithmetic for
my own software, but I would never be sure about compilers and libraries.

The majority of commercial programs that I own crash from time to time because
of memory violations.  D seems to be a big step in the right direction, but
could it be made even safer?

Pavel Minayev <evilone omen.ru> writes:

On Fri, 26 Jul 2002 21:25:50 +0000 (UTC) Rex Couture <Rex_member pathlink.com> 
wrote:

 '.  I don't know anything about the convenience of their approach, and they 

may
 use a safe substitute of some sort, but I'm pretty sure that they don't give 

up
 any capability by prohibiting pointer arithmetic.

I guess they just cast pointers to integers, then do arithmetic, then cast back.
At least I did so when writing programs in Borland Pascal, where pointer
arithmetic was forbidden as well. =)

Still I prefer the C way.
 
 I don't want to get into an argument about which is better (I don't use 

Oberon,
 but I am considering D, after all), but 's very hard to convince me that 

pointer
 arithmetic is either necessary or safe.  Maybe it's worth considering
 alternatives.

It is definitely not safe. But as long as you stick with references and
dynamic arrays, you don't even have to remember about this problem.
 
 I do like the idea of references to objects, which makes possible such
 structures as linked lists.  I agree, I would never use pointer arithmetic for
 my own software, but I would never be sure about compilers and libraries.

This would also assume that any program which has parts written in assembler
should not be trusted, nor can you trust OS API calls (because they could
use pointer arithmetic), nor drivers etc etc.

As long as it works correctly, why should I care if it uses pointer arithmetic
or not? It is a dangerous feature, indeed, but it is quite possible - and
not very hard, in fact - to use it properly. At least easier than inline 
assembler.
 
 The majority of commercial programs that I own crash from time to time because
 of memory violations.  D seems to be a big step in the right direction, but
 could it be made even safer?

At a cost of power. For an example of what it could then turn into, see Java.

Rex Couture <Rex_member pathlink.com> writes:

In article <CFN374644754512384 news.digitalmars.com>, Pavel Minayev says...
It is definitely not safe. But as long as you stick with references and
dynamic arrays, you don't even have to remember about this problem.

... It is a dangerous feature, indeed, but it is quite possible - and
not very hard, in fact - to use it properly. At least easier than inline 
assembler.

...This would also assume that any program which has parts written in assembler
should not be trusted, nor can you trust OS API calls (because they could
use pointer arithmetic), nor drivers etc etc.

I don't know much about the question about balance between power and safety, and
it probably seems awfully presumptuous of me to try to influence language
design.  I just think that if mistakes can be made, they will be.  It's the guys
who write my word processor, the guys who write all my security loopholes, the
guys who write my operating systems, etc., that I'm worried about.  Although
they're getting better, a lot of API calls and drivers are actually not very
reliable.  It would be very nice if D were to become the next preferred
language, and would eliminate memory errors forever.  It seems to close.  Inline
assembler will not be used very much.  But if pointer arithmetic is easy, it
will be commonly used, and mistakes will be made.  Are you sure that there isn't
a safe and effective way to avoid pointer arithmetic?

Thanks, Adam Connor, for the pointer to Cyclone.

"OddesE" <OddesE_XYZ hotmail.com> writes:

"Rex Couture" <Rex_member pathlink.com> wrote in message
news:ai45k0$ffo$1 digitaldaemon.com...
 a safe and effective way to avoid pointer arithmetic?

 Thanks, Adam Connor, for the pointer to Cyclone.

Use dynamic arrays.


--
Stijn
OddesE_XYZ hotmail.com
http://OddesE.cjb.net
_________________________________________________
Remove _XYZ from my address when replying by mail

Pavel Minayev <evilone omen.ru> writes:

On Mon, 29 Jul 2002 19:38:40 +0000 (UTC) Rex Couture <Rex_member pathlink.com> 
wrote:

 design.  I just think that if mistakes can be made, they will be.  It's the 

guys

Not sure if this is the right approach. I think it is better to state that
"if language requires using dangerous techniques, mistakes will be made".
C does (printf and all). D doesn't. All the code I've written in vanilla D
(no ports etc) so far does not use pointers at all simply because they are
not needed for my tasks. Why would anybody use pointers and PA while there
are better, simpler replacements provided by the language - dynamic arrays,
references, out parameters... I would only use a pointer where I need to -
and just in case I need them, I want them to be there.

 who write my word processor, the guys who write all my security loopholes, the
 guys who write my operating systems, etc., that I'm worried about.  Although

Well I doubt you can write an OS in a completely typesafe language. You'll
simply have to mess with the hardware and other low-level stuff too much
for this to work. You'll get down to asm anyhow, which is far from being safe.

 assembler will not be used very much.  But if pointer arithmetic is easy, it
 will be commonly used, and mistakes will be made.  Are you sure that there 

isn't

I don't understand why somebody would use PA "just because it is there". This
is not a criteria. After all, if somebody writes a program in such a manner,
well, we have free market, right? So you can always find someone who doesn't
abuse dangerous language features just for the sake of it.

 a safe and effective way to avoid pointer arithmetic?

Yes. Just don't use it. =)
Alternatively, something like Cyclone's "fat pointers" could be made. But
they are simply TOO fat, IMHO - making a check every time one subscripts
a pointer!

 Thanks, Adam Connor, for the pointer to Cyclone.

By the way, after taking a look at Cyclone, I've made a decision that it is
The Language I Would Never Ever Use. Nah, I'll beter stick to Delphi and C++
for now, and wait for D to grow mature.

..BTW, Walter, any plans on the next alpha (beta?) release?

Rex Couture <Rex_member pathlink.com> writes:

In article <CFN374670355875694 news.digitalmars.com>, Pavel Minayev says...

...  All the code I've written in vanilla D
(no ports etc) so far does not use pointers at all simply because they are
not needed for my tasks. Why would anybody use pointers and PA while there
are better, simpler replacements provided by the language - dynamic arrays,
references, out parameters... I would only use a pointer where I need to -
and just in case I need them, I want them to be there.


It sounds * very * encouraging that you have never needed pointers or pointer
arithmetic except for porting.

Here's my vision:  D becomes a language of choice, maybe the language of choice.
Millions of lines of code later, and there are no more memory errors.  With
luck, crashes could be a thing of the past.

Please allow me one last impudent suggestion.  If it's dangerous and not needed
except for comptibility (or maybe for some rare, unforseen circumstance), why
not forbid pointer arithmetic by default?  It could be allowed with a switch for
compatibility.

I see Russ Lewis has just posted that suggestion too.  I think it's a great
idea.  Otherwise, a lot of people will probably use old ways out of habit.

I'm also a little concerned that subscript range checking is always turned off
in the final compilation, whether this is really needed or not.  I certainly am
capable of leaving undetected subscript range errors in my programs.



Well I doubt you can write an OS in a completely typesafe language....You'll
get down to asm anyhow, which is far from being safe.

I believe the Oberon OS's and compilers were written entirely in the Oberon
language.  Assembly language was used to write part of the compiler, and the
compiler was then completely rewritten in its own language.  I don't know much
about this, but it certainly sounds like a safe way of operating.  I'm not
certain whether there might be some low-level, relatively unsafe language.

Rex Couture <Rex_member pathlink.com> writes:

P.S.  Thanks to all about being good sports and letting me invade your
discussion group like this and continue to press these questions.  Walter, sorry
to make all these suggestions and not be able to help with coding.

"Juan Carlos Arevalo Baeza" <jcab roningames.com> writes:

"Rex Couture" <Rex_member pathlink.com> wrote in message
news:ai4ege$pin$1 digitaldaemon.com...

 Please allow me one last impudent suggestion.  If it's dangerous and not

needed
 except for comptibility (or maybe for some rare, unforseen circumstance),

why
 not forbid pointer arithmetic by default?  It could be allowed with a

switch for
 compatibility.

   After all, what are pointers good for?

1- Referencing polymorphic classes.
2- Referencing elements of an array.
3- Converting raw memory into typed memory. Usually used for OS and such
type stuff.
4- Converting memory from one type of object to another.

   Did I forget any?

1- D automatically uses mutable references for polymorphic objects. Not an
issue in D.
2- Could become a "safe" pointer, like an iterator... Or could just use
indices. Not needed in D.
3- This is just a cast. It doesn't need arithmetic, as long as raw memory is
just represented by an integer.

conversion from typed to raw memory.

   The end result is that the only case really needed in D is number 3. And
all of it can be done easily by using integers for addresses, and converting
to/from typed pointers, so pointer arithmetic is definitely not needed. I'll
bet that's how the Oberon compilers and OSs and such do it this way, too. If
you just make the conversion functions nasty enough (like the C++ casts)
that they'll be used only when needed, you'll have the best of all worlds.

   Completely eliminating the possibility of dealing with raw memory makes
system programming impossible. But providing a simple and visible way of
doing it is definitely good enough.

Salutaciones,
                         JCAB

Pavel Minayev <evilone omen.ru> writes:

On Mon, 29 Jul 2002 16:50:58 -0700 "Juan Carlos Arevalo Baeza" 
<jcab roningames.com> wrote:

    After all, what are pointers good for?
 
 1- Referencing polymorphic classes.

These are covered by object references in D, which don't support arithmetic.

 2- Referencing elements of an array.

You can almost always cast a pointer to a dynamic array, which will
be bounds-checked.

"Juan Carlos Arevalo Baeza" <jcab roningames.com> writes:

"Pavel Minayev" <evilone omen.ru> wrote in message
news:CFN374676562744097 news.digitalmars.com...

 On Mon, 29 Jul 2002 16:50:58 -0700 "Juan Carlos Arevalo Baeza"
 <jcab roningames.com> wrote:

    After all, what are pointers good for?

 1- Referencing polymorphic classes.

 These are covered by object references in D, which don't support

arithmetic.

   My point exactly. Keep reading ;-)

 2- Referencing elements of an array.

 You can almost always cast a pointer to a dynamic array, which will
 be bounds-checked.

   That sounds like another reasonably good option.

Salutaciones,
                         JCAB

"Martin M. Pedersen" <mmp www.moeller-pedersen.dk> writes:

Hi,

"Juan Carlos Arevalo Baeza" <jcab roningames.com> wrote in message
news:ai4k20$10vp$1 digitaldaemon.com...
 "Rex Couture" <Rex_member pathlink.com> wrote in message
 news:ai4ege$pin$1 digitaldaemon.com...

 3- This is just a cast. It doesn't need arithmetic, as long as raw memory

is
 just represented by an integer.

    The end result is that the only case really needed in D is number 3.

And
 all of it can be done easily by using integers for addresses, and

converting
 to/from typed pointers, so pointer arithmetic is definitely not needed.

Making code depend on pointers fitting into integers will cause problems
with portability. For instance, AS/400 has very large pointers that will not
fit into any integral type. Another example is DOS' segmented memory model
where a pointer is 32 bit and an int is 16 bit wide. DOS might not be an
issue anymore, but we might very well see a segmented model again - next
time with 64 bit pointers and 32 bit integers, I suspect. Your solution to
the problem is IMHO bad practice.

Regards,
Martin M. Pedersen

Russ Lewis <spamhole-2001-07-16 deming-os.org> writes:

"Martin M. Pedersen" wrote:

 Making code depend on pointers fitting into integers will cause problems
 with portability. For instance, AS/400 has very large pointers that will not
 fit into any integral type. Another example is DOS' segmented memory model
 where a pointer is 32 bit and an int is 16 bit wide. DOS might not be an
 issue anymore, but we might very well see a segmented model again - next
 time with 64 bit pointers and 32 bit integers, I suspect. Your solution to
 the problem is IMHO bad practice.

Yeah, when you absolutely need pointer arithmetic, all other options are just
hacks.  However, we should try to push the language to a point where 99% of the
programs will never need it...

I sincerely hope we've learned our lesson from the segmented memory
nightmare...let's not do that again :(

--
The Villagers are Online! http://villagersonline.com

.[ (the fox.(quick,brown)) jumped.over(the dog.lazy) ]
.[ (a version.of(English).(precise.more)) is(possible) ]
?[ you want.to(help(develop(it))) ]

"Juan Carlos Arevalo Baeza" <jcab roningames.com> writes:

"Martin M. Pedersen" <mmp www.moeller-pedersen.dk> wrote in message
news:ai66ul$2rq1$1 digitaldaemon.com...

 "Juan Carlos Arevalo Baeza" <jcab roningames.com> wrote in message
 news:ai4k20$10vp$1 digitaldaemon.com...

 3- This is just a cast. It doesn't need arithmetic, as long as raw


memory
 is just represented by an integer.

 Making code depend on pointers fitting into integers will cause problems
 with portability. For instance, AS/400 has very large pointers that will

not
 fit into any integral type. Another example is DOS' segmented memory model
 where a pointer is 32 bit and an int is 16 bit wide. DOS might not be an
 issue anymore, but we might very well see a segmented model again - next
 time with 64 bit pointers and 32 bit integers, I suspect. Your solution to
 the problem is IMHO bad practice.

   On the contrary. I wasn't suggesting to make pointers fit any specific
integral type. I was suggesting creating a new integral type that would be
used to represent addresses in raw memory. I'd assume some operations would
be pretty much platform-specific, like separating the segment and offset
parts of it and such, but still it should support the basic arithmetic
operations. And making part of its interface platform-specific doesn't sound
like such a bad idea, as this type of stuff would only be needed for system
work, which is inherently non-portable at its core.

   So, this would be different from C/C++ pointers in general in that this
would be just raw addresses, kind of like a char*. It would not be like a
void*, because it would allow arithmetic. But it would be something similar
at its core.

Salutaciones,
                         JCAB

Pavel Minayev <evilone omen.ru> writes:

On Tue, 30 Jul 2002 12:23:18 -0700 "Juan Carlos Arevalo Baeza" 
<jcab roningames.com> wrote:

    So, this would be different from C/C++ pointers in general in that this
 would be just raw addresses, kind of like a char*. It would not be like a
 void*, because it would allow arithmetic. But it would be something similar
 at its core.

Then maybe just allow pointer arithmetic on void* as if it was char*?
I remember someone suggested it before, and it doesn't sound like
a bad idea to me.

Burton Radons <loth users.sourceforge.net> writes:

Pavel Minayev wrote:

 On Tue, 30 Jul 2002 12:23:18 -0700 "Juan Carlos Arevalo Baeza" 
 <jcab roningames.com> wrote:
 
 
   So, this would be different from C/C++ pointers in general in that this
would be just raw addresses, kind of like a char*. It would not be like a
void*, because it would allow arithmetic. But it would be something similar
at its core.

 
 Then maybe just allow pointer arithmetic on void* as if it was char*?
 I remember someone suggested it before, and it doesn't sound like
 a bad idea to me.

It's been in a long time.  You can do it in GCC too, and maybe C99.

"anderson" <anderson firestar.com.au> writes:

"Pavel Minayev" <evilone omen.ru> wrote in message
news:CFN374680226337732 news.digitalmars.com...
 On Tue, 30 Jul 2002 12:23:18 -0700 "Juan Carlos Arevalo Baeza"
 <jcab roningames.com> wrote:

    So, this would be different from C/C++ pointers in general in that


this
 would be just raw addresses, kind of like a char*. It would not be like


a
 void*, because it would allow arithmetic. But it would be something


similar
 at its core.

 Then maybe just allow pointer arithmetic on void* as if it was char*?
 I remember someone suggested it before, and it doesn't sound like
 a bad idea to me.

It may have been me.

Did you mean?
 Then maybe just allow pointer arithmetic ONLY on void* ...?

(I'm not syntax checking your gramma. I'm just wondering about the
semantics(meaning)?)

I'm wondering how do you get the datatype from a void* in D and also in C++?

--PS

The two reasons why I don't use D all that much are:

1) No MFC or equivalent OO-control based classes.
2) No editor specific (or as useful) for D as MVS has for Visual C++.

I'm sure this will probably change in the future. And perhaps I'll be able
to help with that (but not at the moment, I've got a hundred assignments,
and an a continual stackoverflow ;) ).

"anderson" <anderson firestar.com.au> writes:

"anderson" <anderson firestar.com.au> wrote in message
news:aibcpj$9ii$1 digitaldaemon.com...
 --PS

 The two reasons why I don't use D all that much are:

 1) No MFC or equivalent OO-control based classes.
 2) No editor specific (or as useful) for D as MVS has for Visual C++.

 I'm sure this will probably change in the future. And perhaps I'll be able
 to help with that (but not at the moment, I've got a hundred assignments,
 and an a continual stackoverflow ;) ).

--I just thought of something. It's a rhetorical thing for me. If I was to
add MFC support I'd like a good editor, but to build the editor in D I'd
need MFC. (Of course the editor could be developed in C++ (or in D with
win32), and MFC could be added without an editor.)

Pavel Minayev <evilone omen.ru> writes:

On Thu, 1 Aug 2002 21:29:10 +0800 "anderson" <anderson firestar.com.au> wrote:

 Did you mean?
 Then maybe just allow pointer arithmetic ONLY on void* ...?

 (I'm not syntax checking your gramma. I'm just wondering about the
 semantics(meaning)?)

Yes, exactly.
 
 I'm wondering how do you get the datatype from a void* in D and also in C++?

What do you mean, "get the datatype"? You just cast it to whatever it
actually is...
 
 The two reasons why I don't use D all that much are:
 
 1) No MFC or equivalent OO-control based classes.

I'm waiting for the next DMD alpha to continue the development of WinD.
In fact, as soon as I write class Bitmap, I'll release the first alpha.
But, oh well, it's quite different from MFC. =)

 2) No editor specific (or as useful) for D as MVS has for Visual C++.

The bad thing is, M$ doesn't give the SDK for MVS plugins for free.
For now, I've got stick with FAR + Colorer plugin, and wrote a
hilighting scheme for D. Works fine for me. But of course, an
IDE with integrated debugger, project manager, class browser, code
completion etc would be much better. =)

"anderson" <anderson firestar.com.au> writes:

"Pavel Minayev" <evilone omen.ru> wrote in message
news:CFN374700113674769 news.digitalmars.com...
 On Thu, 1 Aug 2002 21:29:10 +0800 "anderson" <anderson firestar.com.au>

wrote:
 I'm wondering how do you get the datatype from a void* in D and also in


C++?
 What do you mean, "get the datatype"? You just cast it to whatever it
 actually is...

Say you cast a void * to something else how do you get the previous
datatype? I think it's impossible at the moment (although I'm not sure)
without extra details. You need to data type to know the size of each memory
component in the array at least. Perhaps there should be a special type of
general array or perhaps (for the sake of learnability) something can be
added to void * that is worked out at compile time (ie like a template).

"anderson" <anderson firestar.com.au> writes:

Whoops,

Say you cast something to a void * how do you get the previous datatype? I
think it's impossible at the moment (although I'm not sure) without extra
details. You need to data type to know the size of each memory component
in the array at least. Perhaps there should be a special type of general
array or perhaps (for the sake of learnability) something can be added
to void * that is worked out at compile time (ie like a template).

Pavel Minayev <evilone omen.ru> writes:

On Fri, 2 Aug 2002 13:09:41 +0800 "anderson" <anderson firestar.com.au> wrote:

 
 Whoops,
 
 Say you cast something to a void * how do you get the previous datatype? I
 think it's impossible at the moment (although I'm not sure) without extra
 details. You need to data type to know the size of each memory component
 in the array at least. Perhaps there should be a special type of general
 array or perhaps (for the sake of learnability) something can be added
 to void * that is worked out at compile time (ie like a template).

Yes, it is impossible now.

Practically, what you're suggesting now is some kind of variant data type,
only it doesn't store the data, but the pointer to it.

Burton Radons <loth users.sourceforge.net> writes:

anderson wrote:

 "Pavel Minayev" <evilone omen.ru> wrote in message
 news:CFN374700113674769 news.digitalmars.com...
 
On Thu, 1 Aug 2002 21:29:10 +0800 "anderson" <anderson firestar.com.au>

 wrote:
 
I'm wondering how do you get the datatype from a void* in D and also in


 C++?
 
What do you mean, "get the datatype"? You just cast it to whatever it
actually is...

 
 Say you cast a void * to something else how do you get the previous
 datatype? I think it's impossible at the moment (although I'm not sure)
 without extra details. You need to data type to know the size of each memory
 component in the array at least. Perhaps there should be a special type of
 general array or perhaps (for the sake of learnability) something can be
 added to void * that is worked out at compile time (ie like a template).

You should be able to eventually do (using my generics syntax):

     struct Pointer
     {
         TypeInfo type;
         void *data;

         this ($type *data)
         {
             this.type = $type.next;
             this.data = data;
         }
     }

     int x;
     Pointer f = Pointer (&x);

     printf ("%s %d\n", f.type.kind, f.type.tsize);

Which will print "int 4".

"anderson" <anderson firestar.com.au> writes:

 not forbid pointer arithmetic by default?  It could be allowed with a

switch for
 compatibility.

<Babble>

dirty code work. Even without pointers and the like, there will still be
memory bugs. If a variable overflows, and the programmer simply tells the
system to reboot/shutdown, then you have rockets falling out of the sky (ie
ADA). In many cases, it's impossible to catch every error but it's possible
to reduce them by forcing the programmer to work a particular way like you
suggest with pointers. However, sometimes the best solution is to a product
that is reasonably bug free and use testing processes and end users to plug
the gaps.

In the defence of pointers. Sometimes pointers can reduce bugs because
things coded may be shorter and more readable. Also a I consider speed a
debugging issue. so for code that is meant to run efficiently but doesn't,
that's a bug. If pointer can solved this issue (most often they don't bring
much of a performance benefit), then that's what I'll use.

--One of the disadvantages of adding more language features to code is that
it gets harder to read. Of course you need to always weight this up against
efficiency, writability and flexibility.

Pavel Minayev <evilone omen.ru> writes:

On Mon, 29 Jul 2002 22:10:22 +0000 (UTC) Rex Couture <Rex_member pathlink.com> 
wrote:

 Please allow me one last impudent suggestion.  If it's dangerous and not 

needed
 except for comptibility (or maybe for some rare, unforseen circumstance), why
 not forbid pointer arithmetic by default?  It could be allowed with a switch 

for
 compatibility.

I wouldn't ming having something like that. Some sort of a subset of D,
with no pointer arithmetic, available from the compiler by request.

 I'm also a little concerned that subscript range checking is always turned off
 in the final compilation, whether this is really needed or not.  I certainly 

am
 capable of leaving undetected subscript range errors in my programs.

I think there should be a separate switch and/or language statement to
control subscript range checking. Having it on in debug builds, and off
in release builds seems suitable for most coders, but just in case you
also want it in release build, a switch should be there...

"Walter" <walter digitalmars.com> writes:

"Pavel Minayev" <evilone omen.ru> wrote in message
news:CFN374676588998264 news.digitalmars.com...
 I think there should be a separate switch and/or language statement to
 control subscript range checking. Having it on in debug builds, and off
 in release builds seems suitable for most coders, but just in case you
 also want it in release build, a switch should be there...

It is controllable separately with a compiler switch. The -release switch is
just a combination of the most popular options for a release build. The
point of having it is that it reduces the need for long lists of switches
common for doing a release build in C++. Also, I find many people new to a
compiler find it frustrating to have to decipher complex lists of switches
just to figure out how to get an optimized, release build.

"Walter" <walter digitalmars.com> writes:

"Rex Couture" <Rex_member pathlink.com> wrote in message
news:ai4ege$pin$1 digitaldaemon.com...
 Please allow me one last impudent suggestion.  If it's dangerous and not

needed
 except for comptibility (or maybe for some rare, unforseen circumstance),

why
 not forbid pointer arithmetic by default? It could be allowed with a

switch for
 compatibility. I see Russ Lewis has just posted that suggestion too.  I

think it's a great
 idea.  Otherwise, a lot of people will probably use old ways out of habit.

One of D's goals is to allow people to continue using their old style so
they can rapidly get up to speed using D. Over time, I expect they'll be
seduced by the D way of doing things, and their coding style will naturally
shift. I know this is how C++ became so popular. Eliminating pointers
completely will significantly raise the barrier to entry to D, enough I feel
to permanently marginalize it.

 I'm also a little concerned that subscript range checking is always turned

off
 in the final compilation, whether this is really needed or not.  I

certainly am
 capable of leaving undetected subscript range errors in my programs.

It would be your choice to leave that on or off in your release code.

Russ Lewis <Russ_member pathlink.com> writes:

In article <ai45k0$ffo$1 digitaldaemon.com>, Rex Couture says...
I don't know much about the question about balance between power and safety, and
it probably seems awfully presumptuous of me to try to influence language
design.  I just think that if mistakes can be made, they will be.  It's the guys
who write my word processor, the guys who write all my security loopholes, the
guys who write my operating systems, etc., that I'm worried about.  Although
they're getting better, a lot of API calls and drivers are actually not very
reliable.  It would be very nice if D were to become the next preferred
language, and would eliminate memory errors forever.  It seems to close.  Inline
assembler will not be used very much.  But if pointer arithmetic is easy, it
will be commonly used, and mistakes will be made.  Are you sure that there isn't
a safe and effective way to avoid pointer arithmetic?

One of the things I'm very excited about is that D includes enough language
features (dynamic arrays, in particular), that pointers are no longer necessary
for the vast majority of programs.

I fully expect that, in the future, D compilers will come with compiler switches
to turn on/turn off pointer arithmetic.  In fact, I believe that in most cases,
POINTER ARITHMETIC OFF will be the DEFAULT OPTION.

For those who still need it (systems programmers, perhaps some very
performance-sensitive game programmers), it will be there, but very few people
will ever use it.

"anderson" <anderson firestar.com.au> writes:

"Russ Lewis" <Russ_member pathlink.com> wrote in message
news:ai4als$kro$1 digitaldaemon.com...
 In article <ai45k0$ffo$1 digitaldaemon.com>, Rex Couture says...
I don't know much about the question about balance between power and


safety, and
it probably seems awfully presumptuous of me to try to influence language
design.  I just think that if mistakes can be made, they will be.  It's


the guys
who write my word processor, the guys who write all my security


loopholes, the
guys who write my operating systems, etc., that I'm worried about.


Although
they're getting better, a lot of API calls and drivers are actually not


very
reliable.  It would be very nice if D were to become the next preferred
language, and would eliminate memory errors forever.  It seems to close.


Inline
assembler will not be used very much.  But if pointer arithmetic is easy,


it
will be commonly used, and mistakes will be made.  Are you sure that


there isn't
a safe and effective way to avoid pointer arithmetic?

 One of the things I'm very excited about is that D includes enough

language
 features (dynamic arrays, in particular), that pointers are no longer

necessary
 for the vast majority of programs.

 I fully expect that, in the future, D compilers will come with compiler

switches
 to turn on/turn off pointer arithmetic.  In fact, I believe that in most

cases,
 POINTER ARITHMETIC OFF will be the DEFAULT OPTION.

 For those who still need it (systems programmers, perhaps some very
 performance-sensitive game programmers), it will be there, but very few

people
 will ever use it.

I think most compiler switches should be included in the code itself. That
way each peace of code should run without having to know what complier
switches are needed. This would expecially the case if you wanted to combine
projects/modules. I think there should be a standard on how things are
disabled/enabled in a program. It should be module based so that options
don't effect other modules.

My suggestion is that it could be block based and look something like this.

dEnable(D_POINTER_ARITHMETIC | ...);


dDiable(D_POINTER_ARITHMETIC | ...);

and...

//Parhaps a set command would be better in this particular case
dDisable(D_ALL); //Disables all
dEnable(D_STANDARD); //The d standards


and parhaps complier stacking....

dPushEnable();
dDisable(D_POINTER_ARITHMETIC)

dPopEnable(); //We're finished with it

This code of course would be worked out at compiler time so "if" statement
and the like wouldn't effect it. It would also be able to used in the global
area (anywhere in the code) because for example...

dEnable(D_POINTER_ARITHMETIC);

int *p; ect...

dDisable(D_POINTER_ARITHMETIC);


//This method needs pointers
int func()
{
    dEnable(D_POINTER_ARITHMETIC);

    p = NULL;
    ...

    dDisable(D_POINTER_ARITHMETIC);
}

That's just my thoughts on that matter.

Burton Radons <loth users.sourceforge.net> writes:

Pavel Minayev wrote:

 On Fri, 26 Jul 2002 18:44:36 +0000 (UTC) Rex Couture <auser levee.wustl.edu 
 wrote:
 
 
I guess it's too late, but I sure like the Java idea of no pointer arithmetic.
Of course, pointers are used, they just don't admit to it.

 
 Pointers (and arithmetic) are necessary for low-level system programming.


 But well, if you want safety, do you really _need_ pointers? You've got
 references to objects - and these don't support arithmetic (although
 one could cast them to byte*, and then...), just like Java.


If you don't need them, you're certainly already coding in a style that 
doesn't use them, so this issue is moot.  If you do need them, the 
language provides for it, so this issue is moot.

Cross-type casting is dangerous, and I don't mean just for portability 
reasons.  Consider the nonsense code:

     float g1, g2;

     float foo (int *p)
     {
         float res = g1 + g2;

         *p = 0;
         return res + g1 + g2;
     }

A compiler of C doesn't have to consider that "p" may point to "g1" or 
"g2", so it can freely mix the operation in such a way that it comes out 
all wrong if it does.  Type-based alias optimisations are pretty 
advanced, but they're becoming a reality in some compilers and 
definitely will be important in the future.  The solution is (if p could 
be one of g1 or g2):

     union e
     {
         float f;
         int i;
     }

     float foo (e *p)
     {
         float res = g1 + g2;

         p1->i = 0;
         return res + g1 + g2;
     }

Thus the compiler has to assume that p->f could be g1 or g2.

One way the language can help to keep this from being a problem is to 
prevent casting a pointer to anything but (void *), but allow (void *) 
to be casted to anything you want.  But this kind of error should be 
carefully written to make sure the programmer doesn't think the 
compiler's being gratuitously malicious or that there's no solution (see 
GCC's horrible error messages for longjmp).

"OddesE" <OddesE_XYZ hotmail.com> writes:

"Rex Couture" <auser levee.wustl.edu> wrote in message
news:ahs5ak$2ot$1 digitaldaemon.com...
"Rex Couture wrote
  Are memory violations possible?  Is pointer arithmetic allowed?


 Walter's reply
Yes, and yes.

 I guess it's too late, but I sure like the Java idea of no pointer

arithmetic.
 Of course, pointers are used, they just don't admit to it.

For the most parts, you don't need pointers. You can use
one-dimensional dynamic arrays and object references for
most occasions were you might have used pointers in C/C++.
Also, all member fields of objects and variables are
initialized on instantiation, so there are much smaller
risks of using uninitialized variables.

But when you need pointers, they are there. Also, because
of D's garbage collection, there is no need to free memory,
so much smaller risks of memory leakage. This even works
for pointers you have malloc'ed yourself, so not only for
object references.


  Are array subscript bounds always checked at run time?

No, it is enabled/disabled with a compiler switch. D requires that


programs
not be coded in such a manner that they *depend* on array bounds checking
(this is different from Java).

 Now this is interesting!  How is this possible?  I missed this somehow.

In debug mode arrays are bounds-checked, but this code is
removed in release builds. This ensures that your code will
run at full speed in release mode, while still giving you
an easy way to check your code in debug mode.
The same goes for contracts (Design By Contract), check it
out:  http://www.digitalmars.com/d/ section Contracts.

<SNIP>
 My preferred language so far is Pascal -- you heard me right....  I



attribute success not to programming prowess, but to the
 simplicity and clarity of the language.



I like Pascal too.

<SNIP>


Nice too see more and more people taking an interest in D!


--
Stijn
OddesE_XYZ hotmail.com
http://OddesE.cjb.net
_________________________________________________
Remove _XYZ from my address when replying by mail

Rex Couture <Rex_member pathlink.com> writes:

In article <ahsbn4$9ms$1 digitaldaemon.com>, OddesE says...
For the most parts, you don't need pointers. You can use
one-dimensional dynamic arrays and object references for
most occasions were you might have used pointers in C/C++.

That's good news.  I think object references are really pointers by another
name, but they do seem safe.

Also, all member fields of objects and variables are
initialized on instantiation, so there are much smaller
risks of using uninitialized variables.

Oooh!


But when you need pointers, they are there. Also, because
of D's garbage collection, there is no need to free memory,
so much smaller risks of memory leakage. This even works
for pointers you have malloc'ed yourself, so not only for
object references.

Aaah!  :-)


In debug mode arrays are bounds-checked, but this code is
removed in release builds.

Ouch!  I still have legacy Fortran code (my own, unfortunately) that
occasionally violates array bounds after "successful" debugging and years of
use.  Personally, I've never needed to turn off bounds checking, but I
acknowledge that it is necessary to do so for some applications.  One trick that
often can be used, incidentally, is to hand-code bounds checking outside the
loop, so it takes essentially no time.


The same goes for contracts (Design By Contract), check it
out:  http://www.digitalmars.com/d/ section Contracts.

I'll do it.  I'm getting an education here.


 My preferred language so far is Pascal -- you heard me right....



...Nice too see more and more people taking an interest in D!

Well, Pascal-derived languages all have some sort of limitation (like dialects
or missing essentials), and I am definitely considering alternatives for future
development.  There's a lot to like in D.  So far, all languages are a pain in
some way, but I am still hoping for improvements.  By the way, I have given my
share of grief to those Swiss guys too, trying to instigate some improvements.
Occasionally they say I'm right, but it's always too late.

Thanks again to you and Walter and Pavel.

"Sean L. Palmer" <seanpalmer earthlink.net> writes:

"Rex Couture" <Rex_member pathlink.com> wrote in message
news:ahsg4p$f0k$1 digitaldaemon.com...
 In article <ahsbn4$9ms$1 digitaldaemon.com>, OddesE says...
For the most parts, you don't need pointers. You can use
one-dimensional dynamic arrays and object references for
most occasions were you might have used pointers in C/C++.

 That's good news.  I think object references are really pointers by

another
 name, but they do seem safe.

Pointers which the compiler has complete control over, so it can do more to
ensure they're used safely.  References are pointers minus most of the sharp
nasty dangerous parts.

Those of you who are advocating using dynamic arrays instead of pointer
arithmetic:   Yes that's a step in the right direction (at least the
compiler can verify the validity of the array itself and bounds check the
index) but it doesn't prevent bad indices from occurring.  A lot of pointer
arithmetic is of the iteration form;   p++ or p+=4  instead of the more
risky p2 = p + x;

Adding the iterator concept to the language would eliminate the need for a
whole class of potential uses for pointer arithmetic, and also bypass its
close relative, the indexed array.  Indexing is (potentially) slower
performance than iteration anyway.  When in any doubt whatsoever about the
optimization ability of the compiler, it's better to write for (T* i =
&array[array.size]; --i >= &array[0]; ) *i = 0;  than for (int i =
array.size; --i >=0; ) array[i] = 0; just because the former is effectively
a pre-optimized form of the latter.  An even better optimizer may replace
the whole loop with a block fill (memset).

Just as iteration isn't a good substitute for indexing, indexing isn't a
good substitute for iteration.  True native language iteration allows
elimination of many range checks and safety holes.

Sean

"anderson" <anderson firestar.com.au> writes:

"Sean L. Palmer" <seanpalmer earthlink.net> wrote in message
news:ai866v$4r0$1 digitaldaemon.com...
 "Rex Couture" <Rex_member pathlink.com> wrote in message
 news:ahsg4p$f0k$1 digitaldaemon.com...
 In article <ahsbn4$9ms$1 digitaldaemon.com>, OddesE says...
For the most parts, you don't need pointers. You can use
one-dimensional dynamic arrays and object references for
most occasions were you might have used pointers in C/C++.

 That's good news.  I think object references are really pointers by

 another
 name, but they do seem safe.

 Pointers which the compiler has complete control over, so it can do more

to
 ensure they're used safely.  References are pointers minus most of the

sharp
 nasty dangerous parts.

 Those of you who are advocating using dynamic arrays instead of pointer
 arithmetic:   Yes that's a step in the right direction (at least the
 compiler can verify the validity of the array itself and bounds check the
 index) but it doesn't prevent bad indices from occurring.  A lot of

pointer
 arithmetic is of the iteration form;   p++ or p+=4  instead of the more
 risky p2 = p + x;

 Adding the iterator concept to the language would eliminate the need for a
 whole class of potential uses for pointer arithmetic, and also bypass its
 close relative, the indexed array.  Indexing is (potentially) slower
 performance than iteration anyway.  When in any doubt whatsoever about the
 optimization ability of the compiler, it's better to write for (T* i =
 &array[array.size]; --i >= &array[0]; ) *i = 0;  than for (int i =
 array.size; --i >=0; ) array[i] = 0; just because the former is

effectively
 a pre-optimized form of the latter.  An even better optimizer may replace
 the whole loop with a block fill (memset).

--Of course memsets can be faster then iteration, but memsets are considered
to be a slow block copying techniqiue (when compared to an ASM version), why
is this so? (I guess it's implementation dependent.)

 Just as iteration isn't a good substitute for indexing, indexing isn't a
 good substitute for iteration.  True native language iteration allows
 elimination of many range checks and safety holes.

 Sean

I agree.

Russell Lewis <spamhole-2001-07-16 deming-os.org> writes:

Sean L. Palmer wrote:
 Those of you who are advocating using dynamic arrays instead of pointer
 arithmetic:   Yes that's a step in the right direction (at least the
 compiler can verify the validity of the array itself and bounds check the
 index) but it doesn't prevent bad indices from occurring.  A lot of pointer
 arithmetic is of the iteration form;   p++ or p+=4  instead of the more
 risky p2 = p + x;

What about
     char[] a;
     ...
     a = a[1..a.length];

Which is, effectively, pointer arithmetic (with bounds checking, if that 
is turned on)?

You could even create a new property called "next" to do it for you:
     "<array>.next" is defined as "<array>[1..<array>.length]"

And then your array reference works with the same semantics as a 
(non-reversible) iterator :)

Burton Radons <loth users.sourceforge.net> writes:

Russell Lewis wrote:

 Sean L. Palmer wrote:
 
 Those of you who are advocating using dynamic arrays instead of pointer
 arithmetic:   Yes that's a step in the right direction (at least the
 compiler can verify the validity of the array itself and bounds check the
 index) but it doesn't prevent bad indices from occurring.  A lot of 
 pointer
 arithmetic is of the iteration form;   p++ or p+=4  instead of the more
 risky p2 = p + x;

 
 
 What about
     char[] a;
     ...
     a = a[1..a.length];

Walter has agreed that:

     a = a[1..];

Is a good idea, and it's already in my port of DMD.  So a next property 
isn't necessary, and IMO it wouldn't be a good name anyway, as it's 
already a massively overloaded word.

Rex Couture <Rex_member pathlink.com> writes:

In article <ahsbn4$9ms$1 digitaldaemon.com>, OddesE says...
The same goes for contracts (Design By Contract), check it
out:  http://www.digitalmars.com/d/ section Contracts.

The contracts implementation is very nice.  There is one other very useful way
of implementing this, which I can recommend if it fits your coding style.  It
not only complements assert statements, but it can be used if assert statements
are not available.

I often place pre- and post-conditions in comments.  Like the enforced
contracts, this encourages a formal way of looking at the contract, and it
encourages you to identify and examine all possibilities when you are coding.

It seems to me that this can be used to complement assert statements, in two
ways.  In particular, you can use it as a reminder to verify preconditions at
the coding stage, when using previously debugged functions.  In addition, you
may not be able to test all possibilities by example, during debugging, and it
encourages one more analysis of the possibilities.  The only drawback is that
you need to keep comments with the headers.

Adam Connor <adamconnor nospam.maildotcom> writes:

You might want to take a look at Cyclone:
http://www.research.att.com/projects/cyclone/ 

It attempts to create a safe C, and adds some other features as well.