On Feb 15, 2015, at 8:52 AM, k...@shike2.com wrote: >> Maybe still add an assert() against the divisor != 0 before the code in the >> other patch. >> >> Just so people in the future will know that if it does == 0 there is a logic >> error elsewhere in the program. > > I don't like this idea, because it means we have to add an assert before > any division, and before the usage of any * or -> ...
I think the base assumptions programmers have about pointers is different from integers. Pointers with null values are universally known to be special and a case that should be checked for. With integers, it's not obvious what the valid range is supposed to be, in many cases 0 is okay. For stateful integers, it's tedious and error-prone to force the programmer to re-infer what valid state is. Without this knowledge its less clear who the perpetrator of the bug is. If you consider an assert() to be redundant in this case, at least add a comment next to the member definition saying "this should never be zero." Just so a future contributor will know for certain where the bug is (or isn't). You will get higher quality patches that way.
