Re: abort vs. assert

bug-gnulib

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: abort vs. assert

From:	Bruno Haible
Subject:	Re: abort vs. assert
Date:	Mon, 15 Mar 2010 21:13:32 +0100
User-agent:	KMail/1.9.9

Jim Meyering wrote:
> These days, I prefer to use assert(e) over "if (!e) abort();".
> We used to have to avoid using assert due to portability issues,
> but those went away many years ago.

I disagree. The reason why I never use 'assert(e)' is to make sure
the safety checks are actually present.

There are two kinds of assertions:

1) Assertions at the entry of some function or module.

   Here, the purpose of 'if (!e) abort();' in production code is to
   limit the effects of buggy code or invalid data that comes into
   _our_ modules but originated outside our modules. If invalid data
   is present, I prefer it to be caught before it enters my module,
   than to have complaints that my module produced wrong output.

2) Assertions in the middle or at the end of some function.

   Here, when someone uses 'assert', it may happen that deployed, supposedly
   "production quality" code runs into bugs that the developer thought he
   had guarded against. But the guard was defined away by someone who compiled
   with -DNDEBUG.

   It is ironic: in the development environment, where consequences
   of buggy code would be minor, we want to have safety checks. But
   in production code, where the consequences of bugs can be major,
   some people want to be able to remove the safety checks? And when
   the bug then hits, of course, the responsibility is with us, the
   developers!

Bruno

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Chen Guo, 2010/03/08
- Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Bruno Haible, 2010/03/08
  - Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Chen Guo, 2010/03/08
  - Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Chen Guo, 2010/03/08
    - Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Bruno Haible, 2010/03/14
    - Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Paolo Bonzini, 2010/03/15
    - Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Jim Meyering, 2010/03/15
    - Re: abort vs. assert, Bruno Haible <=
    - Re: abort vs. assert, Jim Meyering, 2010/03/15
    - Re: abort vs. assert, Bruno Haible, 2010/03/15
    - Re: abort vs. assert, Paolo Bonzini, 2010/03/16
  - Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Chen Guo, 2010/03/10
    - Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Pádraig Brady, 2010/03/11
    - Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Chen Guo, 2010/03/11
    - Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Pádraig Brady, 2010/03/11
    - Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited., Bruno Haible, 2010/03/14

Prev by Date: Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited.
Next by Date: Re: abort vs. assert
Previous by thread: Re: [PATCH] (x)memcoll: performance improvement when input is known to be NUL delimited.
Next by thread: Re: abort vs. assert
Index(es):
- Date
- Thread