|
Boost : |
From: Andrzej Krzemienski (akrzemi1_at_[hidden])
Date: 2019-12-05 09:05:44
czw., 5 gru 2019 o 09:59 Andrey Semashev via Boost <boost_at_[hidden]>
napisaÅ(a):
> On 2019-12-05 11:15, Alexander Grund via Boost wrote:
> >
> >> ```
> >> void fixed_string<N>::resize(size_type s)
> >> {
> >> BOOST_FIXED_STRING_PRECONDITION(s <= this->capacity());
> >> // then do the job
> >> }
> >> ```
> >
> > +1 on that. I'm always advocating for safe-by-default and found it a
> > huge mistake to make operator[] the unchecked one instead of at()
> >
> > So using BOOST_FIXED_STRING_PRECONDITION which throws by default is the
> > right choice IMO.
>
> I'm strongly opposed. Make it a BOOST_ASSERT if you like but no checks
> in release mode, please.
>
> What's the point of this check when your index is guaranteed to not
> exceed size()-1?
>
> In my whole programming practice, not once did I need at(). Not only
> because I didn't need the check at this point, but also because even if
> I did need a check at some point before operator[] call, I also was not
> satisfied with the exception at() would throw.
>
Are you opposing against the idea of user-controlled
BOOST_FIXED_STRING_PRECONDITION() in general, or to throwing by default of
to performing runtime-checks in release builds regardless of what action is
taken later?
BOOST_ASSERT() does perform checks in release builds unless you go and
define NDEBUG, which does not correspond 1-to-1 to release builds.
Regards,
&rzej;
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk