Re: invalid arguments to public API: g_assert, g_return_if_fail or continue with undefined behavior

On Tue, 2005-09-13 at 12:48 +0200, Christian Neumair wrote:

> I'd really like to have a GNOME-wide policy for dealing with public API
> and invalid arguments. 

The GNOME Programming Guidelines are pretty clear on this:

See the "Assertions and Preconditions" section on that page.

Summary:  use g_return_*() in library entry points to ensure that no
garbage is fed into your library.  Use g_assert() internally to ensure
that you are in a consistent state.

> If we feel like the traditional C route is good,
> we can remove all of these codeblocks for the sake of performance. I
> think some of the asserts/return_if_fail statements were left out for
> exactly that reason. I suppose this has a measurable performance impact
> for little helpers that are often called.

As Chris says, one needs to measure this first.

The g_return_*() and g_assert*() macros use G_LIKELY when compiled with
GCC; this helps the processor in predicting the right branches.

We can't really ship with checks disabled until a good test run produces
zero warnings in ~/.xsession-errors.  Right now, unfortunately, this is
far from being true :)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]