Subject: Re: [boost] [variant2] Andrzej's review
From: Niall Douglas (s_sourceforge_at_[hidden])
Date: 2019-04-13 15:57:35
On 13/04/2019 16:33, Peter Dimov via Boost wrote:
> Niall Douglas wrote:
>> I just do not understand the antipathy here to a
>> double-buffered-by-default design, and thus the strong guarantee can
>> be easily made, rather than a worse-than-useless basic guarantee which
>> is only technically valid, but is certainly surprising.
> First off, the basic guarantee isn't worse than useless, it's the
> minimum standard that every non-broken component must meet, and everyone
> who argues otherwise isn't worth listening to.
Sorry, that's the wrong bunching of my words (my fault).
What I specifically meant was "worse-than-useless choice of
implementation by variant2 of the basic guarantee which is only
technically valid, but is certainly surprising".
So, to be clear here, my issue is with *your* choice of how to meet the
basic guarantee. I think you're ticking the box technically, breaking
the guarantee in spirit.
> What happens here is that on the last line, `v` on the left owns the `X`
> value on the right. So when the implementation first destroys the old
> contents of `v` to make room for the new `X`, the right hand side is
> destroyed, and then undefined behavior occurs when we try to copy it
> into `v`.
I'd re-recommend my original advice that you ship a double buffer
variant, and a single buffer variant, and let the user choose when they
want to use which.
The documentation ought to recommend to the double buffer variant as the
correct default choice. And document the many tradeoffs, including
far-too-easy-to-do-UB, randomly permuting state (another source of
bugs), etc in the single buffer variant. In other words, single buffer
variant is a power users choice, not to be chosen without caution.
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk