Potential sub-goal: guidelines to avoid panics #158
Description
The more I wonder about this, the more it makes sense to me: perhaps we want to make a broad guideline, or family of guidelines, aiming towards avoiding panics.
Because panics are game-over in Safety Critical, right?
There are a good few functions and operations in core that can trigger panics. Thanks in big part however, to the Rust for Linux work, most if not all essential operations should be available in a no-panicking form. We might be able to use those as footing for this set of guidelines.
How does that sound?