Fixing C's Biggest Mistake
Max Samukha
maxsamukha at gmail.com
Sat Jan 14 10:59:38 UTC 2023
On Wednesday, 11 January 2023 at 13:38:42 UTC, Dukc wrote:
>
> Your observation does not contradict the original idea. An
> unrecoverable assertion failure is a recoverable input error
> from perspective of the operating system or a separate watchdog
> process - recoverable by restarting the crashed program. The
> point is, Each program needs to distinguish what it can handle
> by itself, and where it must consider itself out of control and
> leave it up to others to restart (or ditch) it.
My point is you can rarely decide upfront how to handle input to
a public API, because the decision depends on how the API will be
used:
(1)
```
to!int(readln); // "bad input error", expected to be recoverable
```
(2)
```
string s = <computation that may contain a logic error>
to!int(s); // "logic error", expected to panic
```
If you decide on 'assert', then (1) will require a redundant
'enforce'. If you decide on 'enforce', then (2) will require a
redundant 'assert'.
More information about the Digitalmars-d
mailing list