|
From: | Anthony Liguori |
Subject: | Re: [Qemu-devel] [PATCH 1/4] qjson: Improve debugging |
Date: | Mon, 08 Feb 2010 08:53:26 -0600 |
User-agent: | Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.5) Gecko/20091209 Fedora/3.0-4.fc12 Lightning/1.0pre Thunderbird/3.0 |
On 02/05/2010 11:14 AM, Markus Armbruster wrote:
Run time asserts are a terrible way to deal with reasonably expected errors.Yes. But what's reasonably expected entirely depends on the contract between the function and its callers. I think we need a function that cannot fail and shouldn't used with untrusted arguments (for what it's worth, that's how we use qobject_from_jsonf() now). Having related functions with different contracts is fine with me.
I think the key point is that if we're going to establish these contracts, it must be obvious.
A reasonable programmer is going to assume that if a function can return a NULL, it can possibly return an error. If you want to deviate from those semantics, you either have to name the function appropriately or put a big comment above the declaration explaining the semantics.
Regards, Anthony Liguori
[Prev in Thread] | Current Thread | [Next in Thread] |