New Safe C++ Proposal

Pages: 1... 345
If something like pointer arithmetic is done, it can be right or wrong - hence I don't think it should be restricted.
Following what I said above, dangerous features should not be restricted, they should be made cumbersome. The path of least resistance should be safe, and it should take effort to go the dangerous route.
Pointer arithmetic is plainly a mistake. That T * has no size component and that it can be arbitrarily added to to obtain another T * is just looking for trouble. The type of a single pointer and the type of a pointer to an array should be entirely unrelated. I would imagine it like
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
T *p = new T;
//Equivalently: T[1] *p = new T;
T[14] *p2 = new T[14];
assert(p2.size() == 14);
T[] *p3 = new T[n];
assert(p3.size() == n);
T[13] *p4 = p2 + 1;
assert(p3.size() == 13);
//Equivalently, T[13] *p4 = p2.slice(1);
T[] *p5 = p4;
assert(p5.size() == 13);

//f(p + _);         //Error
//f(p[_]);          //Error
f(p2[13]);
//f(p2[14]);        //Error
//f(p2[i]);         //Error. No bounds checking.
if (i >= 0 && i < p2.size())
    f(p2[i]);       //OK?
f(p2.at(i));        //Bounds-checked
f(p3[x]);           //Bounds-checked
f(p3.slice(x, 1));  //Bounds-checked 
A T[N] * should be explicitly convertible to, say, std::legacy::pointer<T> that behaves as a naked pointer.
Registered users can post here. Sign in or register to post.
Pages: 1... 345