Symbian3/PDK/Source/GUID-D5FD665E-333B-50FF-A46F-6B22C0877285.dita
author Dominic Pinkman <dominic.pinkman@nokia.com>
Wed, 16 Jun 2010 10:24:13 +0100
changeset 10 d4524d6a4472
parent 5 f345bda72bc4
child 14 578be2adaf3e
permissions -rw-r--r--
removal of PIPS 'antiword' example pending a decision on its license

<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License 
"Eclipse Public License v1.0" which accompanies this distribution, 
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
    Nokia Corporation - initial contribution.
Contributors: 
-->
<!DOCTYPE concept
  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
<concept xml:lang="en" id="GUID-D5FD665E-333B-50FF-A46F-6B22C0877285"><title>Defensive Programming</title><prolog><metadata><keywords/></metadata></prolog><conbody><p>To help Symbian developers identify potential problems early in development, macros are provided to test for error conditions in functions (asserts) and objects (class invariants). Casting is one well known source of hard-to-find errors. <xref href="GUID-D5FD665E-333B-50FF-A46F-6B22C0877285.dita#GUID-D5FD665E-333B-50FF-A46F-6B22C0877285/GUID-A0253DF3-098C-5427-9B45-3CEC4F4875AB">Casting</xref> discusses its use. </p> <section id="GUID-55EB9D07-65F1-572B-8F36-9A442F69B9C2"><title>Testing conditions with asserts and invariants</title> <p>One method of catching errors early is to identify conditions that should be true at the beginning and end of functions, and raise errors if they are not. </p> <p>Two mechanisms support this programming style. </p> <ul><li id="GUID-620C4F53-5465-5A53-9880-7DC27EF752FF"><p>asserts </p> </li> <li id="GUID-9A1881EA-4C72-5359-9D16-553806070556"><p>class invariants </p> </li> </ul> <p><b>Asserts</b> </p> <p>Two macros are supplied for asserting specific conditions in functions: </p> <ul><li id="GUID-9481684E-5E9D-54B1-87E0-3539F4A29157"><p> <codeph>__ASSERT_ALWAYS</codeph> to catch run-time invalid input, for both release and debug builds </p> </li> <li id="GUID-4BAF939D-03D4-5D1E-A1BD-79537D930E93"><p> <codeph>__ASSERT_DEBUG</codeph> to catch programming errors, for debug builds only </p> </li> </ul> <p><b>Class Invariants</b> </p> <p>Class invariants are used to test that an object is in a valid state. They are used only in debug builds. </p> <ul><li id="GUID-F79328BA-61FD-5CB6-9D09-4C4DF6A2459B"><p>Define class invariants for non-trivial classes using <codeph>__DECLARE_TEST</codeph>. The class must supply functions that specify its allowed stable states. </p> </li> <li id="GUID-541758DE-21E9-5599-A12B-0208867240CA"><p>To ensures that the object is in a stable state prior to executing the function, call the invariant at the start of all public functions using <codeph>__TEST_INVARIANT</codeph>. </p> </li> <li id="GUID-20FFC383-0371-5494-8887-D0B3888162EE"><p>For non-const functions, you can ensure that the object has been left in a stable state by also calling the invariant at the end of the function. </p> </li> </ul> </section> <section id="GUID-A0253DF3-098C-5427-9B45-3CEC4F4875AB"><title>Casting</title> <p>Casts, as in other operating systems, should be used with caution. If a cast seems to be needed, check that this does not reflect a design weakness. </p> <p>The C++ <codeph>dynamic_cast</codeph> operator should not be used because the Symbian platform does not use C++ exceptions in user code. </p> <p>Note that in early versions of the OS (pre v6.0), the GCC compiler did not support the C++ casting operators. The idiom was then to use instead one of the macros <codeph>REINTERPRET_CAST</codeph>, <codeph>STATIC_CAST</codeph>, <codeph>CONST_CAST</codeph>, and <codeph> MUTABLE_CAST</codeph>, which were defined as simple C style casts for that compiler. </p> </section> </conbody></concept>