|
|
|
|
|
|
by exDM69
4519 days ago
|
|
|
> Accessing the fields of vc before the NULL check seems like an error. Also, would it not be simpler to change type of the size parameter to size_t so that it's the same type as the size field of the vector struct? What should be done in case vc is NULL? Currently it almost certainly causes a segfault, but I've seen people insist on returning an error code when a NULL argument is given but that might go unchecked. A segfault is easy to debug, a forgotten error code is not. int poke_foo(struct foo *foo) {
// if you're writing a library, this is asking for trouble...
if(foo == NULL)
return -1; // eventually someone forgets to check for this
foo->bar += 1;
return 0;
}
The only sensible thing you can do is add an assert. That will stop the program when the error happens and make it easy to debug. int poke_foo(struct foo *foo) {
assert(foo != NULL); // asseting here...
foo->bar += 1; // ... is not much better than segfaulting here
return 0;
}
But in the end, we're still reliably crashing the program if NULL is passed and it is as easy to debug as a segfault would. The assert may keep your static analysis tool (like Coverity) happy but it won't really make a huge difference.NULL pointers are generally not very difficult to debug, what is hard is dealing with free()'d pointers and other non-null invalid pointer values. |
|
|
I'm on a weird embedded platform where segfaults are almost impossible to debug; the only way to get information out is a log facility over USB that loses the most recent lines of log when it segfaults and resets :(