Mika Heiskanen skrev:
Hello Peter,
Peter Simons wrote:
Invariant failures, however, are unexpected conditions. Invariants are not supposed to fail. If they do, it's a sign of incorrect program logic or faulty assumptions. Your program will generally not be able to recover from such an error, hence invariant checking functions like assert() typically abort the process on failure (and generate debugging information, such as a core dump).
Thank you for your explanation Peter. However, I do not see why an assert should be the first choice when a programming error can be detected by the program itself. For example, I would prefer my word processor to announce a programming error instead of producing a core dump. Am I missing some finer point on the nature of invariants?
That choice is also perfectly valid, and can be easily achieved with your own assert macro/error handler function. However, checking many preconditions/postconditions and invariants at runtime can be very expensive. http://www.artima.com/cppsource/deepspace.html might be interesting to read. -Thorsten