C++检查返回码
是否值得检查不应失败的方法的返回码?
例如,我通常这样做:
char buf[MAXBUF];
snprintf(buf, sizeof(MAXBUF), "%s.%d", str, time);
即使我知道,检查 snprintf 的返回码是否是一个好的做法 MAXBUF 对于我的目的来说足够大吗?这样做似乎很有意义 即使代码变得更加冗长。
Is it worthwhile checking return codes for methods that should not fail ?
For example, I usually do:
char buf[MAXBUF];
snprintf(buf, sizeof(MAXBUF), "%s.%d", str, time);
Is it good practice to check the return code for snprintf even if I know
that MAXBUF is large enough for my purposes? It seems to make sense to do this
even though the code becomes more verbose.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
简短回答:是的
长回答:是的,因为它会捕获如下所示的愚蠢错误。
C 代码的主要问题是人们实际上并没有检查返回代码(因为他们认为代码永远不会失败)。所以这个故事的寓意是不要假设和检查。它实际上并没有给代码添加太多内容。如果不应该出错的事情实际上出错了,你可能应该退出/中止,然后你会在测试周期的早期发现它们。
C++解决方案:
Short Answer: Yes
Long Answer: Yes because it catches silly mistakes like the below.
The main problem with C code is that people don't actually check the return codes (because they thought the code could never fail). So the moral of the story is don't assume and check. It does not actually add much to the code. You should probably exit/abort if things that should not go wrong actually go wrong and then you will find them early in the testing cycle.
C++ solution:
这取决于。 MAXBUF 或格式字符串或输入值将来是否可能会发生变化?如果调用失败,您的代码可以采取什么实际的操作方案?答案完全取决于您的应用程序。
一种可能性是简单地
断言返回值符合预期,而不是默默地失败。这不会在生产构建中花费任何成本,并且不会增加源代码的冗长程度。It depends. Is it possible that either
MAXBUFor the format string or the input values are ever going to change in the future? What realistic course of action could your code take if the call were to fail? The answer depends entirely on your application.One possibility is to simply
assertthat the return values are as expected, rather than failing silently. This will cost you nothing in production builds, and will add little to the verbosity of your source code.这可能是最好的,以防万一,但如果您确定 MAXBUF 的大小永远不会被超过,那么它只会增加几个时钟周期。
It would probably be best, just incase, but if your sure the size of MAXBUF will never be exceeded then it will only be an added few clock cycles.
您正在权衡编写代码时进行简单错误检查的一次性成本,与根据上下文决定是否检查错误的重复成本,如果没有,则可能由于误解假设或其他人后期维护而出现生产错误。
在大多数情况下,这是理所当然的。
You are weighing the onetime cost of a simple error check when the code is written, versus the repeated cost of deciding whether or not to check it depending on context, and if not, possible production bugs due to misunderstood assumptions or later maintenance by other people.
That's a no brainer in most cases.
如果缓冲区太小,则字符串将被截断。您希望您的测试能够发现这一点,因为您会产生不正确的结果。
话又说回来,检查返回值并不需要增加太多的冗长内容。正如 Oli 所说,
assert很便宜:说实话,我不会总是检查,但这取决于为什么我认为
str不能那么长。如果这是出于真正根本的原因(比如它是来自dirent结构的文件名,并且MAXBUF是根据MAX_FILENAME定义的),那么我可能不会打扰。如果是因为在其他地方进行了一些检查,或者调用者有责任仅传入特定长度的字符串,那么断言可能是一个想法,只是有机会捕获其他人的字符串有一天会出现错误。显然,如果str是任何类型的未经检查的外部输入,那么就必须进行测试。If the buffer ever is somehow too small, then the string will be truncated. You'd hope that your tests will catch this, since you will produce incorrect results.
Then again, checking the return value needn't add much verbosity. As Oli says,
assertis cheap:To be honest I wouldn't always check, but it depends why I think
strcan't be that long. If it's for a really fundamental reason (like it's a filename from adirentstructure, andMAXBUFis defined in terms ofMAX_FILENAME), then I probably wouldn't bother. If it's because there's some check elsewhere, or it's the caller's responsibility to pass in a string only of a certain length, then it might be an idea toassert, just on the off-chance of catching someone else's bug some day. Obviously ifstris any kind of unchecked external input then it's essential to test.