Boost :

From: Andrey Semashev (andrey.semashev_at_[hidden])
Date: 2019-12-05 08:59:11

• Next message: Andrzej Krzemienski: "Re: [Boost-users] [review][fixed_string] FixedString review starts Nov 25"
• Previous message: Andrey Semashev: "Re: [review][fixed_string] End of review periodapproaching and a plea"
• In reply to: Alexander Grund: "Re: [review][fixed_string] Andrzej's feedback"
• Next in thread: Andrzej Krzemienski: "Re: [review][fixed_string] Andrzej's feedback"
• Reply: Andrzej Krzemienski: "Re: [review][fixed_string] Andrzej's feedback"

On 2019-12-05 11:15, Alexander Grund via Boost wrote:
>
>> ```
>> void fixed_string<N>::resize(size_type s)
>> {
>>    BOOST_FIXED_STRING_PRECONDITION(s <= this->capacity());
>>    // then do the job
>> }
>> ```
>
> +1 on that. I'm always advocating for safe-by-default and found it a
> huge mistake to make operator[] the unchecked one instead of at()
>
> So using BOOST_FIXED_STRING_PRECONDITION which throws by default is the
> right choice IMO.

I'm strongly opposed. Make it a BOOST_ASSERT if you like but no checks
in release mode, please.

What's the point of this check when your index is guaranteed to not
exceed size()-1?

In my whole programming practice, not once did I need at(). Not only
because I didn't need the check at this point, but also because even if
I did need a check at some point before operator[] call, I also was not
satisfied with the exception at() would throw.

• Next message: Andrzej Krzemienski: "Re: [Boost-users] [review][fixed_string] FixedString review starts Nov 25"
• Previous message: Andrey Semashev: "Re: [review][fixed_string] End of review periodapproaching and a plea"
• In reply to: Alexander Grund: "Re: [review][fixed_string] Andrzej's feedback"
• Next in thread: Andrzej Krzemienski: "Re: [review][fixed_string] Andrzej's feedback"
• Reply: Andrzej Krzemienski: "Re: [review][fixed_string] Andrzej's feedback"

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk