ansaurus

Question

Answer 1

A:

My stupid answer, I leave it here just in case someone else comes up with the same bad idea:

The problem is I think that the object referred to is not const (B const & vs const B &), only the reference is const in your code.

jdehaan 2010-06-11 11:25:29

Nope. The whole idea of my code sample is to illustrate that there is no guarantee that a const-referenced object is not altered when altering the this-pointer.

NOP slider 2010-06-11 11:31:01

Alex B 2010-06-11 11:31:08

`const` applies to whatever stands left from it. `const` on the right is a syntax sugar. iow `const B const` is the same as `const B` and `B const`

Dummy00001 2010-06-11 11:34:00

@Alex by trying out I figured out it is exactly the same.

jdehaan 2010-06-11 11:36:19

Moreover, a const reference means nothing since it cannot be "reset" to alias another object.

Luc Touraille 2010-06-11 14:42:38

Answer 2

+17 A:

Obviously, the programmer is fooled by the constness of b

As someone once said, You keep using that word. I do not think it means what you think it means.

Const means that you cannot change the value. It does not mean that the value cannot change.

If the programmer is fooled by the fact that some other code else can change something that they cannot, they need a better grounding in aliasing.

If the programmer is fooled by the fact that the token 'const' sounds a bit like 'constant' but means 'read only', they need a better grounding in the semantics of the programming language they are using.

So if you have a getter which returns a const reference, then it is an alias for an object you don't have the permission to change. That says nothing about whether its value is immutable.

Ultimately, this comes down to a lack of encapsulation, and not applying the Law of Demeter. In general, don't mutate the state of other objects. Send them a message to ask them to perform an operation, which may (depending on their own implementation details) mutate their state.

If you make B.m_value private, then you can't write the Foo you have. You either make Foo into:

void Foo(const B &b)
{
    m_B.increment_by(b);
    m_B.increment_by(b);
}

void B::increment_by (const B& b)
{
    // assert ( this != &b ) if you like 
    m_value += b.m_value;
}

or, if you want to ensure that the value is constant, use a temporary

void Foo(B b)
{
    m_B.increment_by(b);
    m_B.increment_by(b);
}

Now, incrementing a value by itself may or may not be reasonable, and is easily tested for within B::increment_by. You could also test whether &m_b==&b in A::Foo, though once you have a couple of levels of objects and objects with references to other objects rather than values (so &a1.b.c == &a2.b.c does not imply that &a1.b==&a2.b or &a1==&a2), then you really have to just be aware that any operation is potentially aliased.

Aliasing means that incrementing by an expression twice is not the same as incrementing by the value of the expression the first time you evaluated it; there's no real way around it, and in most systems the cost of copying the data isn't worth the risk of avoiding the alias.

Passing in arguments which have the least structure also works well. If Foo() took a long rather than an object which it has to get a long from, then it would not suffer aliasing, and you wouldn't need to write a different Foo() to increment m_b by the value of a C.

Pete Kirkham 2010-06-11 11:45:27

+1 for translating `const` to `readonly`!

xtofl 2010-06-11 11:46:53

By the way, Stroustrup originally wanted the keyword `readonly`, but the C (!) committee insisted on naming it `const`.

FredOverflow 2010-06-11 12:01:53

That's what the sample illustrates, yes. Obviously, I wasn't clear enough. There must be some rules to follow (guidelines) to make sure the mistake in the code cannot happen.

NOP slider 2010-06-11 12:13:00

If the behaviour is to be based on the values of the arguments at the point at which the function is called, then store those values in temporary variables. Some compilers support `restrict` to highlight aliasing. But there aren't any simple guidelines to avoid aliasing; assume that the values might be aliased unless told otherwise.

Pete Kirkham 2010-06-11 12:41:57

Answer 3

+1 A:

The real problem here is atomicity. The precondition of the Foo function is that it's argument doesn't change while in use.

If e.g. Foo had been specified with a value-argument i.s.o. reference argument, no problem would have shown.

xtofl 2010-06-11 11:45:57

Exactly. Perhaps such preconditions should be considered when choosing to return a reference or a value?

NOP slider 2010-06-11 11:55:18

@Kristoffer: this precondition is quite hard to rely on if you pass an argument by-reference. So either you build a system that doesn't allow changing arguments to be used (i.e. by locking the argument or the like), or you take a snapshot of the argument (if that can be done atomically).

xtofl 2010-06-11 12:05:12

Answer 4

+1 A:

Frankly, A::Foo() rubs me the wrong way more than your original problem. Anyhow I look at it, it must be B::Foo(). And inside B::Foo() check for this wouldn't be that outlandish.

Otherwise I do not see how one can specify a generic rule to cover that case. And keep teammates sane.

From past experience, I would treat that as a plain bug and would differentiate two cases: (1) B is small and (2) B is large. If B is small, then simply make A::getB() to return a copy. If B is large, then you have no choice but to handle the case that objects of B might be both rvalue and lvalue in the same expression.

If you have such problems constantly, I'd say simpler rule would be to always return a copy of an object instead of a reference. Because quite often, if object is large, then you have to handle it differently from the rest anyway.

Dummy00001 2010-06-11 11:50:16

Answer 5

+1 A:

Grant Peters 2010-06-11 15:35:37

ansaurus

tags:

views:

answers:

C++ const-reference semantics?

related questions