K
Kelsey Bjarnason
[snips]
You *almost* have it right, but not quite.
The documentation tells me how the library is _supposed_ to work. In the
case of glib, it is _supposed_ to terminate the application on allocation
failure. In fact, it says so, right there in the documentation.
It *also* says that there is no point even *checking* whether an
allocation succeeded or not, because it _will_ succeed or the app will
terminate.
Thus, if I write code according to how glib is _supposed_ to work, I will
find myself, sooner or later, in a situation such as this:
type_t *ptr = g_allocation_function(...);
/* no check for ptr being NULL */
memset( ptr, 0, size ); /* or some equivalent */
If glib does *not* work as documented, then it *can* return a NULL, and
the code written to the documented guarantee that a NULL will not be
returned is now going to fail.
So it either fails on allocation failure, which, frankly, I find
unacceptable, or it violates its own documented guarantees, breaking the
code that uses it. I don't see how either of these makes it a good idea
to use this library.
Now I got it. You don't care about how the library actually works, you
only need one bogus sentence from docs to be able to talk about how the
library works
You *almost* have it right, but not quite.
The documentation tells me how the library is _supposed_ to work. In the
case of glib, it is _supposed_ to terminate the application on allocation
failure. In fact, it says so, right there in the documentation.
It *also* says that there is no point even *checking* whether an
allocation succeeded or not, because it _will_ succeed or the app will
terminate.
Thus, if I write code according to how glib is _supposed_ to work, I will
find myself, sooner or later, in a situation such as this:
type_t *ptr = g_allocation_function(...);
/* no check for ptr being NULL */
memset( ptr, 0, size ); /* or some equivalent */
If glib does *not* work as documented, then it *can* return a NULL, and
the code written to the documented guarantee that a NULL will not be
returned is now going to fail.
So it either fails on allocation failure, which, frankly, I find
unacceptable, or it violates its own documented guarantees, breaking the
code that uses it. I don't see how either of these makes it a good idea
to use this library.