Infrastructure Functions Should Trust Their Users

Infrastructure functions that are used extensively should adopt the “trust the programmer” policy by not performing additional error checking. This policy is widely used in C/C++ standard libraries. For example, it would be safer if strcpy() examined its arguments and made sure they are not null pointers. However, if it did, the incurred performance overhead would be unacceptable for many applications. Similarly, the overloaded operator [ ] in STL is as efficient as a built-in array subscript. If it performed additional checking for out of range subscript, it wouldn’t be as efficient. Instead, the language trusts that the users know what they are doing.

Share the Post:
Share on facebook
Share on twitter
Share on linkedin


Recent Articles: