On Wed, May 14, 2014 at 04:59:58PM -0400, Carlos O'Donell wrote: > I will make my personal opinion clear: > > - Internal defects should raise immediate assertions. > > - Real problems like resource availability, deadlocks, and > other recoverable errors should result in the API returning > an appropriate error code that must not diverge from the POSIX > definitions for those codes (when such a definition exists). > > I'm not a believer in "only the hot path matters", there are such > things as robustness and error detection, and they matter.
Awesome. In case of doubt though, I would prefer a return to an assert, just in case userspace actually does know wtf its doing ;-) Granted, that seems to be very rare, but still, its entirely annoying for those few people who do care to get dead programs. Alternatively, we could have something like you have for the allocator (which is, afaik, also considered a hot path) these env variables like MALLOC_CHECK_ to influence this edge behaviour.
pgpESU9MmalQX.pgp
Description: PGP signature