Christopher Coale wrote: > Thomas Hruska wrote: >> I'm probably the most guilty party here. My view is that pointers are >> an _advanced topic_. It doesn't mean you shouldn't learn how to use >> them nor use them at all. >> > > I'm moreso referring to this question by Paul Herring, "Why are you > using pointers in C++?" That seems to imply that we should not use > pointers in C++. I agree with you that pointers should not be taught > right away, and most formal curricula do not teach it right away (in > fact, you'll probably go at least half a semester before reaching them).
Because exposed pointers at the Application layer almost always shows a lack of understanding of what templates and classes are for. > In a formal curriculum, C++ is not the first language you take. > Generally you start with "Computer Logic" (which is an introduction to a > language like Java, VB.net, etc.), followed by C/pascal, then C++. So > generally, all they need to do is carry over the same logic but adapt to > the C syntax (which is really just memorization, the logic is the same). > They won't be "learning" basic code structures, but rather learning the > C++ syntax and how to adapt their logic to it. But if you are talking > about simple tutorials to learn C++, then I agree. You must be living in a completely different world from the one I live in. Most educational institutions I'm aware of that teach C/C++ start with C/C++ with _optional_ starter courses in another language. >> C++ makes it possible to defer teaching pointers until MUCH later on. >> > I agree. > > So here is my conclusion: you should *not* avoid pointers in C++. If > they consistently cause your program to develop memory leaks and > crashes, then you need to go back and re-learn how pointers work. I > agree that pointers should not be taught too early when learning C++ > (and they usually aren't in a formal curriculum). By "much later on", I mean several years, not half a semester. And I am extremely well-versed in pointers. They may be useful but are advanced and dangerous. Improper use causes crash bugs, memory leaks, memory corruption, _security vulnerabilities_, etc. After watching http://nvd.nist.gov/ for several months, I became entirely convinced that pointers at the Application layer are a VERY bad idea. Currently at 12 vulnerabilites per _day_. And those are the ones that are found AND reported. Assume a 10% reporting rate and half are major - that results in a whopping 21,900 _major_ software vulnerabilities per year in publicly released software products with most of those going unreported. I read that as "programmers can't write stable software to save their lives." Every major security vulnerability that says "crash" or "buffer overflow" or "exploitable memory leak", etc. is caused by a programmer mismanaging their pointer logic. And they are mismanaging their pointer logic because they don't know how to develop software. They don't know how to develop software because they weren't taught how to develop software in school. Migrating pointers to a Library layer and then not using pointers at the Application layer introduces a level of stability to the Application layer not otherwise achieved. Libraries are viewed as reusable code that generally stabilize over time. Even within my own Library layer, I prefer to migrate pointer use to templates only (specifically, Block and BString handle almost everything I need). So, if the same Library is used from year to year with enhancements and fixes as the students go along, it becomes possible to create incredibly powerful, yet stable programs WITHOUT using pointers in the Application layer. I'd love to see first-year students leveraging files, databases, sockets, and GUIs in C++ without having to worry about silly things like pointers, crash bugs, memory bounds, etc. This is a very realistic goal. Without such progress, C++ will die as a viable language. If we constantly have to teach the same things over and over (teaching the wheel?), we will get nowhere. I'd rather see students leaving college with solid software development practices under their belt than wrestling with the unnecessary nuances of pointers and, still not understanding them, introducing vulnerable software into the wild. (There are other significant advantages to this way of software development as well.) I know you will disagree with me on several (perhaps all) points. I see C++ as a stagnant language with numerous problems in danger of dying. I see the future being in mobile devices - and none of the currently popular mobile OS platforms host C/C++ as a native compiled language for the apps that run on those platforms. That says to me that the authors of mobile OSes see C++ as unusable in a mobile environment. I can't blame them. Plenty of historical evidence exists to show that neither language is suitable for mobile platform applications as-is. And it all boils down to the dangers of pointers in the Application layer. -- Thomas Hruska CubicleSoft President Ph: 517-803-4197 *NEW* MyTaskFocus 1.1 Get on task. Stay on task. http://www.CubicleSoft.com/MyTaskFocus/
