|
Boost : |
Subject: Re: [boost] Looking for thoughts on a new smart pointer: shared_ptr_nonnull
From: Thorsten Ottosen (thorsten.ottosen_at_[hidden])
Date: 2013-10-07 06:04:54
On 07-10-2013 08:49, Gavin Lambert wrote:
> On 10/7/2013 6:56 PM, Quoth Matt Calabrese:
>> Again, if you can keep the system running in the case where you would be
>> passing the null pointer, then it is your responsibility to do that.
>
> I'm not disputing that.
The problem here is that to that in a world were the invariant is
verified with an assertion will require every use of non_null_shared_ptr
to be guarded by an if-statement explicitly checking for non-null. The
whole point was to avoid that.
>> An exception does not "avoid" anything. The mistake is still made and
>> it is
>> still a bug.
[snip]
>
> Again, in a perfect world these sorts of bugs will be caught in the
> debug build by the assert. But we do not live in a perfect world, and
> test coverage is rarely 100%.
>
Well, that is one of my points: even with 100% test coverage, you can't
tell if UB arises at runtime when the code is running with different
inputs than when you tested. This is a basic fact: 100% test coverage
doesn't prove much about correctness.
-Thorsten
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk