Boost logo

Boost :

From: Carlo Wood (carlo_at_[hidden])
Date: 2006-06-03 22:07:20


On Sat, Jun 03, 2006 at 02:54:53PM +0200, Maarten Kronenburg wrote:
> The assertion for unsigned_integer
> is an interesting possibility.
> In "C++ in a nutshell" I read:
> "If the expression evaluates to 0,
> assert prints a message to the standard
> error file and calls abort."
> Personally I would rather throw an
> exception, so that the user can determine
> what should happen if an unsigned_integer
> becomes negative.

There is nothing to decide, it is a bug when that happens.
The best you can do is to dump a core (which is what assert does)
so that the developer can examine as close as possible to
the bug what has happened.

Once the program works, an integer that should never
become negative will never become negative anymore,
and no testing for less than zero is needed.
You can still use a normal signed integer and just omit
the test (assertion).

Thus,

  void Foo::release(void)
  {
    assert(x > 0);
    if (--x == 0)
      do_something();
  }

where x can be perfectly a signed integer, and no
testing overhead is done in the final application.

rather than

  void Foo::release(void)
  {
    if (--x == 0)
      do_something();
  }

where x is a special type, solely to throw an exception
for the case that the program is bugged, needing not
only a total new type (with no mathematical meaning,
and no simularity with builtin-types*) ), but also the
cost of testing as part of the pre-decrement operator,
which can't be removed from the final application.

*) Because, at least unsigned int is modular:
   both int (assuming no overflow occurs) and unsigned
   int are rings. While an infinite precision unsigned
   integer wouldn't even be a proper group.

-- 
Carlo Wood <carlo_at_[hidden]>

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk