In case the question was not very clear. Say I have the following code:
1 2 3 4 5 6 7 8 9 10 11 12 13
int sum(int * x, size_t N)
{
int sx;
/* returns sum of elements in x */
return sx;
}
int main()
{
int * xn = (int *) calloc(5, sizeof(int));
int sxn = sum(xn, 5);
return 0;
}
I'm curious to know whether there is a way that ensures a function does not modify the memory pointed to by a pointer.
To make that cast on a compliant compiler, sum() would have to do int *bart = (int *)x;
or equivalent. If the function does that, it's a bug. The behavior of a program that removes constness by casting is undefined.
@coder777
I'm using the GNU GCC compiler that comes with Code::Blocks MinGW 12.11, that's a relatively recent release of C::B at least (dunno about the compiler though)
@helios
Why do I need a cast? I agree it is a bug, definitely. But was hoping to ask for the compilers help to catch such bugs for me.
I thought of that, but in sum, I could have the following:
If this is going to be one of those threads then let's just skip it altogether. The answer is ultimately no. They would have to call std::remove_const() first but if someone wants to intentionally circumvent your type definitions then in the end you can't do anything about it. Academically I guess you could wrap your array in a class that keeps the real data private and only has a public constructor and a get function that copies the real array into a separate static allocation and then returns a const pointer to the isolated instance when it is called. But that is stupid and there would be ways around that by inheriting the class. Physical access is total access; there is no such thing as privileged data in any language that allows DMA.
One of those threads where we present a solution but you don't think it's correct because there are mechanisms to undo them. C++ is intended to be a Turing complete language. That means that, ostensibly, everything that you could want to do should be possible.
Things like const and private data members aren't there to take control away from the programmer. They are there to remind the programmer that the data isn't intended to be used directly and that there is probably a better way to accomplish what ever it is that they are trying to do.
BTW, that is supposed to be C and not C++.
[...]
Why do I need a cast? I agree it is a bug, definitely. But was hoping to ask for the compilers help to catch such bugs for me.
C has almost none of the mechanisms C++ has to catch programmer errors. So no, there is no solution.