Boost logo

Boost :

Subject: Re: [boost] Looking for thoughts on a new smart pointer: shared_ptr_nonnull
From: Gavin Lambert (gavinl_at_[hidden])
Date: 2013-10-07 20:42:11


On 10/8/2013 12:16 PM, Quoth Julian Gonggrijp:
> I'm sorry to say this, but I think you're now just being evasive. A
> few posts ago in a reply to Matt, you stated that you agreed that if
> the assertion is to be replaced by a throw, the precondition should be
> removed from the constructor. This means that you also agree that if
> the precondition is *not* removed from the constructor, the assertion
> should *not* be replaced by a throw (modus tollens).

That's not modus tollens, that's denying the antecedent. Which is a
fallacy.

> I don't think that anyone disagrees that in the ideal world, all
> conditions are always checked. Apparently we also agree that checks on
> preconditions should be assertions when a check is at all possible. So
> the discussion should be about whether not passing null to the
> constructor is a precondition.

I'm not trying to be "evasive" or anything, I just think I possibly
don't have the same definitions for some of the terms you are using.

I have I thought quite clearly stated that:
   - it should assert != null
   - it should throw if == null and it survived the assert

I don't really care what you call that behaviour, whether this is a
"precondition" because it's asserted or whether it's not because it's
checked for and thrown, or whatever.

Maybe this is not what you are saying, but I get the definite impression
from Matt's posts that he thinks that the act of declaring it as a
precondition of the constructor means that it must not be tested for in
the constructor except as an assert. I do not agree with not testing
this; you can read what you like into whether this means that I don't
agree with the earlier assertion in this paragraph or whether it means
that it shouldn't be a precondition.

If it doesn't fit within your worldview to do both things, then you
could leave out the assert (though I think this would be a mistake).

I don't think that leaving out the throw can ever be a good idea, for
reasons I have already explained. (The only reasonable justification
for not performing this sort of check is if it is hard to do -- which it
isn't; or if it will cause a performance hit -- which will be negligible
to nonexistent in this case.)


Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk