Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Panics serve two purposes: to bring down the program in case of an invariant violation, and to reset a state machine, like setjmp/longjmp in C. See the template package to see what I mean by the latter. The former should not be recovered from. The latter should not cross package boundaries. If they are, it's a bug because only the package author should reset that state machine. Packages should be imune to malicious input. There should be no invariant violations if you supply unexpected input. If you get a panic from a package, it means there's a buga and you shouldn't try to recover from it.


Thanks. I just wonder whether this fairly nuanced convention is or will actually be adhered to by library authors.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: