Skip to content

allow unreachable, and expand when to use panic #13636

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ShahakShama wants to merge 1 commit into
base: shahak/style-guide-when-to-return-result
Choose a base branch
from
Open

allow unreachable, and expand when to use panic #13636

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 10 additions & 5 deletions style.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,12 +166,17 @@ async fn test_delayed_operation() {

## Error Handling & Safety


Use `Result<T, E>` for recoverable errors and `panic!` only for bugs.
Use `panic!` for:
- Unrecoverable states (e.g. corrupt data, missing compile-time guarantees at runtime).
- Bugs where you prefer to stop the system and investigate rather than continue in a potentially broken state. In this case, make sure that panicking the process would actually stop the system (e.g. the process is not automatically restarted in a loop).

Use `todo!` for to-be-completed code sections.

Don't use `unreachable!` and `unimplemented!`, as they are very similar in meaning to `panic!` and `todo!` and it's not worth the headache of figuring which one fits better.
Use `unreachable!` when you are 100% certain a code path can never be reached, e.g:
- An invariant that's enforced someplace else (Though you should try to avoid this. See [Unnecessary panics](#unnecessary-panics))
- Code after a loop that never breaks or guaranteed to `return`.

Don't use `unimplemented!`, as it is very similar in meaning to `todo!` and it's not worth the headache of figuring which one fits better.

Error structs and enums should have names ending with `Error` (e.g. `StorageError`, `ParseTransactionError`).

Expand All @@ -181,9 +186,9 @@ Return a `Result` only when the caller is expected to handle the error. If a fai

Similarly, do not return a `Result` if the error is meant to be ignored. If a failure has no impact on the program's flow or integrity, handle it internally (e.g. log it). Forcing callers to write `let _ = ...` or `.ok()` just to silence the compiler obscures the function's true contract.

### expect message
### Unreachable messages

Write `expect` messages for code readers, not for the program runner. Explain _why_ the error should never happen, not _what_ is the error. State the invariant rather than saying that it broke.
Write `unreachable!` messages (and `expect` messages when used for cases that should never happen) for code readers, not for the program runner. Explain _why_ the error should never happen, not _what_ is the error. State the invariant rather than saying that it broke.

```rust
// BAD
Expand Down
Loading