On 2/4/16 1:08 AM, Raphaƫl Londeix wrote:
The problem with this is that the usage of safe<int> changes the meaning of the program.
int i; // i not initialized .... // program has weird behavior
In this particular case, the fact that the program was relying on UB means that the program had no meaning at all. So it adds a meaning maybe :)
However I see your point ; you expect people to do something like:
#ifdef DEBUG typedef safe<int> my_int; #else typedef int my_int; #endif
Note that the safe<T> is really safe<T, exception_policy = default_ep, promotion_policy = default_pp>. there are several policies of each kind to choose from. One of the exception policies is ignore - but I don't think it currently actually works. What I actually expect is: a) some wierd bug can't be found. b) in desperation some intern just replaces all the ints with safe<T> c) problem is discovered - the safe... stuff is backed out and everyone (who is old enough) has a beer to congratulate themselves on how smart they are and the product is shipped. d) In some cases, someone might unintentionally leave the safe stuff in - since shipping is already way overdue. e) Or maybe some crusty old geezer who is tired of fixing this stuff after doing 50 times will game the system by doing: i) change all the int... to my_safe<int> ii) insert template<typename T> using my_safe<T> = safe<T>; then in one place in the program he can switch settings for all his integer types - without using macros. It's also possible I could use policies to optionally include initialization checking - which I see as relatively expensive. Robert Ramey