add formatChecked(), which does not crash on bad format strings
Summary:
This restore's format()'s behavior of crashing on invalid format
strings, and adds an alternative formatChecked() function to throw
instead of crashing.
Format strings are commonly programmer defined, and fixed at compile
time. Bad format strings are usually programmer errors, and crashing is
desirable to help catch these bugs early.
However, it is also useful to support dynamic format strings which are
not guaranteed to be well formed at compile time. formatChecked() makes
it safe to use dynamic format strings, as a bad format strings will not
crash the program.
This does change the throwing/crashing behavior slightly: the old
format() code also used to crash if the format string referred to a
non-existent key in one of the argument containers. I removed this,
since it seems like the argument containers are likely to be dynamic.
I also changed the code to crash on std::range_errors as well. Various
problems in format string arguments are caught in the Conv.h code, which
throws range_errors. The old crashing code did not crash on these
errors, but it seems useful to do so. The only minor concern here is
that this may also crash unintentionally if the Output callback throws a
range_error. This seems low-risk, but we can remove this behavior if
needed.
Test Plan:
Updated the BogusFormatString test to check both format() and
formatChecked().
Reviewed By: tudorb@fb.com
FB internal diff:
D1144301
projects / folly.git / commit