czw., 5 gru 2019 o 09:59 Andrey Semashev via Boost
On 2019-12-05 11:15, Alexander Grund via Boost wrote:
``` void fixed_string<N>::resize(size_type s) { BOOST_FIXED_STRING_PRECONDITION(s <= this->capacity()); // then do the job } ```
+1 on that. I'm always advocating for safe-by-default and found it a huge mistake to make operator[] the unchecked one instead of at()
So using BOOST_FIXED_STRING_PRECONDITION which throws by default is the right choice IMO.
I'm strongly opposed. Make it a BOOST_ASSERT if you like but no checks in release mode, please.
What's the point of this check when your index is guaranteed to not exceed size()-1?
In my whole programming practice, not once did I need at(). Not only because I didn't need the check at this point, but also because even if I did need a check at some point before operator[] call, I also was not satisfied with the exception at() would throw.
Are you opposing against the idea of user-controlled BOOST_FIXED_STRING_PRECONDITION() in general, or to throwing by default of to performing runtime-checks in release builds regardless of what action is taken later? BOOST_ASSERT() does perform checks in release builds unless you go and define NDEBUG, which does not correspond 1-to-1 to release builds. Regards, &rzej;