On 2024-12-19 7:45 a.m., Bielow, Chris wrote:
|| I think it would be really misleading to have code that routinely
|| ignored the assert() calls. In a year would you remember that those
|| asserts were effectively just comments, not being acted on without
|| some trickery to enable them?
|
|Or have a user with different compiler flags without the NDEBUG ... and now
you have different behavior on different installation which is not great.
There are plenty of compiler flags which change program behavior (think
--ffast-math or -fno-exceptions), which the user obviously needs to accept
if he uses them.
Different behavior on different platforms is not necessarily a bad thing,
since it sometimes catches bugs which you never would have dreamed could
happen.
But I think we can all agree that the behavior should be as safe as possible
on all platforms.
|
|| You'd be much safer if you used a different function specific to R
|| that triggered an R error if the assertion was false.
|
|Seconded.
|
That's a fair point, but know you changed the subject.
The original documentation discourages assert() since it may crash the R
session. Now, you are arguing that assert is not routinely enabled (due to
NDEBUG) and does thus not serve any purpose. Even to the contrary it may
suggest a kind of false safety when looking at code (since assert() is
usually a noop).
Completely different reasoning which still calls for an update of the docs
and which should (repeating myself) contain a mention of static_assert.
Right now, that part of the docs read as "Don't use assert, it's bad", which
may translate to "Please don't write defensive/correct code" in some
people's head.
I think your original message said two things:
- code should use assert()
- the docs about assert() need fixing.
As you say, both Dirk and I were mainly addressing the first of these
points. Why don't you give a suggested rewrite of the two mentions of
assert() in the docs to fix them? (I'm not sure that there are only two
mentions, I'm just going by the two mentions you quoted in your first
message.)
Duncan Murdoch
|We trade run-time and compile-time off in other ways so this should be a
run-time check, with e.g. Rf_error() or Rcpp::stop() returning to the R
prompt with an error message. If you feel you must program your C++
components with assert() you could still do so in an external library
effectively hiding it from CRAN check. But that's cheating.
______________________________________________
R-package-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-package-devel
