On 26/11/14 12:09, Alexandros Frantzis wrote: > Hi all, > > in a recent review the subject of how to deal with precondition failures > in the client API came up again. In discussions we had yesterday the > consensus was that we should abort the process. This has the benefit of > catching the error as early as possible, making debugging much easier. > > The drawback versus a more forgiving approach is that and some programs > may not be able to deal with such abrupt failures well. However, > programs that absolutely need to do some critical cleanup should handle > such failures anyway, regardless of whether they come from the Mir > client library or not. > > This is not a new discussion, but we hadn't explicitly stated any > guidelines before, so we had not been actively encouraging such handling > of precondition failures during reviews. > > So, the proposed guideline is: abort on precondition failures in client > API functions. This can be best achieved with a mir_assert() or similar > function/macro that will be always on regardless of the build type. > > Thoughts?
Firstly we ought to be clear that a precondition failure is the calling code failing to meet its requirements. Not about unexpected runtime conditions (like the server socket suddenly closing). If the calling code can't ensure the condition is met then it isn't a precondition for the call. Secondly, while not wishing to disturb the "consensus" I think we should make no *promise* about what to do. We should make any cheap precondition tests (without committing to doing so). However, some preconditions are impossible to validate cheaply. (E.g. someone passes a pointer to a random piece of memory where we were expecting something meaningful.) If & when we detect a precondition failure then the question arises what to do and I agree that abort is the right approach. Failing quickly and loudly is appropriate as anything else could lead to an error being overlooked during development and failing in a production environment. -- Mir-devel mailing list Mir-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/mir-devel
