On Fri, 23 Sep 2011 20:13:39 -0400, Walter Bright
<[email protected]> wrote:
On 9/23/2011 4:13 PM, Jonathan M Davis wrote:
But while C++'s const is not as good as D's const, it's still very
worthwhile
IMHO.
To me it's like buffer overflows. 99% of C/C++ code doesn't have buffer
overflows, and is perfectly reliable. But if someone hands you a
1,000,000 line program and asks "ensure there are no buffer overflows"
what are you going to do? What are you going to do when Junior
Programmer makes a patch to your perfectly correct C/C++ code base, and
now it has a subtle overflow bug? Start all over with the review process?
This is not an idle question, as a major focus of C static analysis
tools is to detect buffer overflows, and people spend a lot of effort &
money on them.
Faith based programming works in the small, but programs grow ever
larger in size and complexity. Switching from faith to static guarantees
is a much more scalable technique.
And where C++ const is really, really useless is when it comes to
multithreaded programming.
D's const system is also not impervious to Junior mistakes (even without
casts!), but it's certainly better than C++.
The truth is, the only time you get guarantees with D is when you have
pure functions and immutable data. Const doesn't guarantee anything.
Even immutable functions still can access global state.
-Steve
