On Mon, 08 Feb 2010 08:53:26 -0600 Anthony Liguori <anth...@codemonkey.ws> wrote:
> On 02/05/2010 11:14 AM, Markus Armbruster wrote: > >> Run time asserts are a terrible way to deal with reasonably expected > >> errors. > >> > > Yes. But what's reasonably expected entirely depends on the contract > > between the function and its callers. > > > > I think we need a function that cannot fail and shouldn't used with > > untrusted arguments (for what it's worth, that's how we use > > qobject_from_jsonf() now). Having related functions with different > > contracts is fine with me. > > > > I think the key point is that if we're going to establish these > contracts, it must be obvious. > > A reasonable programmer is going to assume that if a function can return > a NULL, it can possibly return an error. If you want to deviate from > those semantics, you either have to name the function appropriately or > put a big comment above the declaration explaining the semantics. Given that qobject_from_jsonf() is already a good and long name, I prefer to add the comment. I will do that and re-submit.