|
Boost : |
Subject: Re: [boost] [review][constrained_value] Review of Constrained Value Library begins today
From: Sebastian Redl (sebastian.redl_at_[hidden])
Date: 2008-12-21 08:02:46
Mika Heiskanen wrote:
> Hello Peter,
>
> Peter Simons wrote:
>
>> Invariant failures, however, are unexpected conditions. Invariants
>> are not
>> supposed to fail. If they do, it's a sign of incorrect program logic or
>> faulty assumptions. Your program will generally not be able to
>> recover from
>> such an error, hence invariant checking functions like assert()
>> typically
>> abort the process on failure (and generate debugging information,
>> such as a
>> core dump).
>
> Thank you for your explanation Peter. However, I do not see why an assert
> should be the first choice when a programming error can be detected by
> the program itself. For example, I would prefer my word processor
> to announce a programming error instead of producing a core dump.
And then what? The best thing it can do is do an emergency dump of the
currently open document and then abort. This is something a smart assert
can do as well.
If you detect a programming error through violation of an invariant,
what can you do? If you know exactly what damage the error has caused
and you have enough information to fix all that damage, then you should
know the error well enough that you could have fixed it in the first
place. If you can't fix all the damage, anything except aborting the
program is a major data corruption waiting to happen.
Sebastian
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk