Offensive Programming :)

Warning! Some information on this page is older than 5 years now. I keep it for reference, but it probably doesn't reflect my current knowledge and beliefs.

Wed
28
May 2014

Generally, defensive programming is a very good idea. But many times I've seen this following C++ code explained as an example of defensive programming:

if(pointer != NULL) {
   pointer->SomeMethod();
   // Some other things with pointer.
}

If the pointer here is expected to always point to a valid object and not NULL, otherwise it's a programmer's bug somewhere else in the code, then I believe such practice is very, very bad. I think there should be an assertion instead, like this:

assert(pointer != NULL);
pointer->SomeMethod();
// Some other things with pointer.

First of all, assertion is compiled only in debug configuration, while condition would be additional code executed in all builds, unnecessarily impacting performance. Second and more important argument is that when there is a bug and the pointer is NULL, we should know about it as soon as possible and be able to debug this particular place. That's easy when we put an assert. That's also easy when we dereference NULL pointer, because then the application would crash, which is also possible to catch in the debugger. On the other hand, when there is a condition around code using this pointer and the pointer is NULL, the code inside is just not executed, which may somehow corrupt or just propagate corrupted state of the program, hide the bug or defer its appearance for later time and to different place of the code, making it harder to find. Recommending to crash the app could sound radical, so let's call this "offensive programming" :)

Comments | #c++ Share

Comments

[Download] [Dropbox] [pub] [Mirror] [Privacy policy]
Copyright © 2004-2019