Proposed addition to CodingStyle web page about assert(a && b)
Matthieu Herrb
matthieu at herrb.eu
Sun May 5 07:11:27 UTC 2019
On Sat, May 04, 2019 at 03:47:31PM -0700, Adam Richter wrote:
> Hi, everyone.
>
> I would like to propose that whoever has the ability to edit the web
> page add a line like the following to
> https://www.x.org/wiki/CodingStyle/ :
>
> - Separate assert(a && b) into assert(a) and assert(b).
>
>
> Thanks in advance for any input on this.
Hi,
I'm not sure if this advice belongs to this wiki page which is more
oriented on the appearance of the code than on semantics or
development good practices.
On the development good practices side, I think assert() should be
banned as much as possible form libraries and drivers.
You don't know anything about the caller context and having it beeing
brutally abort()ing is brutal and my lead to security issues
(data leaks in the core file for instance) or data corruption.
In libraries assert() should never be used to reject bad user input or
any other error condition that can happen for some known reason. It
should really only be used to document conditions that should really
never happen. In all other cases the function should be able to return
an error to the caller (which should of course not ignore them).
--
Matthieu Herrb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 793 bytes
Desc: not available
URL: <https://lists.x.org/archives/xorg-devel/attachments/20190505/b08bb9ad/attachment.sig>
More information about the xorg-devel
mailing list