Re: Proper Validation
In article <482abea5-e8c1-4905-892a-3844645e73a1
@o20g2000vbh.googlegroups.com>, Immortal_Nephi@hotmail.com says...
[ ... ]
Set and Get member functions are very important because you want to
validate data members to avoid incorrect value. Sometimes, they use
if keyword. Sometimes, they find a way to modify data members without
needing to use if keyword.
I've said for years, and remain convinced, that Get and Set member
functions are usually a mistake. They usually result from starting with
a variable of the wrong type (i.e. a type that doesn't have the desired
semantics) and then attempting to enforce those semantics externally.
I think it's generally better to define a type that as the semantics you
really want, and then use it directly.
class CPU
{
[ ... ]
private:
void opcode_1() // Good Software Engineering Practice
{
set_reg_a( ram[reg_pc] );
increment_reg_pc();
}
I don't think this is really good practice of software engineering or
much of anything else. You're doing exactly what I've described above:
starting with an unsigned variable, and then attempting to enforce
different semantics (in this case, an unsigned of a specified number of
bits) externally. C and C++ provide that particular possibility
directly:
unsigned reg_a:8;
unsigned reg_x:8;
unsigned reg_y:8;
unsigned reg_pc:16;
However, in many cases you want semantics that aren't already directly
suppoorted, and in such a case you normally have to use a rather
different route to enforce the desired constraints. In this case, you
could define your code something like this:
// constraint: 'bits' must be no larger than the number of bits in an
// unsigned in whatever implementation you're using. Could probably be
// enforced, but code to do so would hide most of what we care about.
//
template <unsigned bits>
class reg {
unsigned data;
static const unsigned max = (1 << bits) - 1;
public:
reg const &operator=(unsigned value) {
data = value & max;
return *this;
}
// technically unnecessary micro-optimization.
// see commmetary below for more.
reg const &operator=(reg value) {
data = value.data;
return *this;
}
operator unsigned() {
return data;
}
void operator++() {
data = (data + 1) & max;
}
void operator++(int) {
data = (data + 1) & max;
}
reg() : data(0) {}
};
void opcode_1_bad() // Modifying data member directly is bad practice
{
reg_a = ram[reg_pc];
reg_a &= 0xFF;
reg_pc++;
reg_pc &= 0xFFFF;
}
While I agree that this is far from ideal, IMO, your code for opcode_1
wasn't much better. In particular, it still required ALL the code in the
CPU class to be aware of the chosen names for assigning, incrementing,
etc., the registers, rather than using the names that are native to C++.
OTOH, if we define our registers using the template above:
reg<8> reg_a, reg_x, reg_y;
reg<16> pc;
then the opcode implementation can look like this:
void opcode_1_good() {
reg_a = ram[reg_pc];
reg_pc++;
}
The assignment looks like an assignment and the increment looks like an
increment. It's much easier for client code to follow the desired
semantics than to bypass them. We've reduced coupling and increased
cohesion. This isn't purely theoretical either -- it's easy (at least
for me) to imagine a quick hack in the original code bypassing the
desired constraints, but in this version you'd have to do quite a bit of
extra work to do so.
As a bonus, this version will generally improve run-time performance as
well. The second assignment operator in the code isn't entirely
necessary, but speeds up (many) assignments by eliminating range
enforcement when the source and destination operands match, assuring us
that the source will fit into the destination as-is. There's often
another improvement as well: giving nearly absolute assurance that the
proper checks happen in one place can nearly eliminate the desire to add
them elsewhere "just in case".
--
Later,
Jerry.
The universe is a figment of its own imagination.