Walter Bright is the "benevolent lifelong dictator" of the D programming language and founder of Digital Mars . He has more than a dozen years of experience in developing compilers and interpreters for several languages, including Zortech C ++, the first native C ++ compiler. He is also the creator of Empire , the main inspiration for Sid Meier's Civilization.
Are you tired of bugs that are easy to make and hard to find, that often do not surface during testing and destroy your carefully constructed castle after the code has gone into production? Over and over they cost you a lot of time and money. Ah, if only you were a better programmer, that wouldn't be happening, right?
Or maybe it's not you? I'll show you that these mistakes are not your fault: they are the fault of the tools, and if you only improve the tools, your lock will be safe.
And you don't even have to make any compromises.
Out of bounds of an array
Let's take a common program for calculating the sum of array values:
#include <stdio.h>
#define MAX 10
int sumArray(int* p) {
int sum = 0;
int i;
for (i = 0; i <= MAX; ++i)
sum += p[i];
return sum;
}
int main() {
static int values[MAX] = { 7,10,58,62,93,100,8,17,77,17 };
printf("sum = %d\n", sumArray(values));
return 0;
}The program should print:
sum = 449And that's exactly what it does - on my Ubuntu Linux machine: in gcc, clang, and even with a flag -Wall. I'm sure you already guessed what the error is:
for (i = 0; i <= MAX; ++i)
^^for (i = 0; i < MAX; ++i), , :
- - , ;
- -
<=.
, ! ? . , . , sumArray . :
- ,
sumArray, , . - , .
- ,
MAX.
, . sumArray , , , , , .
— , ? - , ? ? , . .
, , , . . . ( , gcc, clang , , - , ).
, — D -betterC. D , . , :
struct DynamicArray {
T* ptr;
size_t length;
}:
int[] a;:
import core.stdc.stdio;
extern (C): // use C ABI for declarations
enum MAX = 10;
int sumArray(int[] a) {
int sum = 0;
for (int i = 0; i <= MAX; ++i)
sum += a[i];
return sum;
}
int main() {
__gshared int[MAX] values = [ 7,10,58,62,93,100,8,17,77,17 ];
printf("sum = %d\n", sumArray(values));
return 0;
}
:
dmd -betterC sum.d:
./sum
Assertion failure: 'array overflow' on line 11 in file 'sum.d'- . <= < :
./sum
sum = 449 ? a , .
, .
MAX. a , :
for (int i = 0; i < a.length; ++i), D :
foreach (value; a)
sum += value; sumArray :
int sumArray(int[] a) {
int sum = 0;
foreach (value; a)
sum += value;
return sum;
} sumArray . , . , .
— ! — . — a sumArray , p . , , .
— , MAX , , :
int sumArray(int *p, size_t length);, . D , .
int sumArray(ref int[MAX] a) {
int sum = 0;
foreach (value; a)
sum += value;
return sum;
} ? a, ref, . MAX , . , sumArray, , .
— ! — . — D . , ? ? , !
, :
import core.stdc.stdio;
extern (C): // use C ABI for declarations
enum MAX = 10;
int sumArray(int* p) {
int sum = 0;
for (int i = 0; i <= MAX; ++i)
sum += p[i];
return sum;
}
int main() {
__gshared int[MAX] values = [ 7,10,58,62,93,100,8,17,77,17 ];
printf("sum = %d\n", sumArray(&values[0]));
return 0;
}, . , :
sum = 39479, 449, .
, ? @safe:
import core.stdc.stdio;
extern (C): // use C ABI for declarations
enum MAX = 10;
@safe int sumArray(int* p) {
int sum = 0;
for (int i = 0; i <= MAX; ++i)
sum += p[i];
return sum;
}
int main() {
__gshared int[MAX] values = [ 7,10,58,62,93,100,8,17,77,17 ];
printf("sum = %d\n", sumArray(&values[0]));
return 0;
}:
sum.d(10): Error: safe function 'sum.sumArray' cannot index pointer 'p', - grep, , @safe, .
, , , , . , . . , ! ( ).