httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gregory A Lundberg <lundb...@vr.net>
Subject Re: assert evilness
Date Sat, 09 May 1998 18:08:55 GMT
On Sat, 9 May 1998, Paul Sutton wrote:

> Am I the only person that thinks asserts() are basically evil? 

Ye Gods, I hope so!

> If there is a risk of an error occurring, we should trap it, log it, and
> do something logical, like move onto the next request or exit. Taking this
> code as an example, if an assert here gets triggered, we log an almost
> meaningless (to the end user) error ("assertion failed: n") or similar.
> The process then exits, killing all the other threads which may be
> processing requests. Modules don't get to clean themselves up, no cleanups
> are run. This client gets a no-data response. All other clients in
> progress get dropped whereever they are.
> 
> Of course, if assert itself is used (rather than ap_assert), things get
> even worse, since you lose the error tracking on release builds, thus
> potentially introducing errors (and buffer overruns) into the most
> important place where they should not exist: production code. 
> 
> In fact I'd go as far as proposing a new rule for the style guide:
> 
>  * assert()/ap_assert() should never be used. 

Users who build with -DDEBUG should know what they're seeing.  assert()
isn't for runtime errors.  It's for alpha testing.  

Use them.

Use them everywhere.

Break the knees of any programmer who removes them.

----

Gregory A Lundberg		Senior Partner, VRnet Company
1441 Elmdale Drive              lundberg@vr.net
Kettering, OH 45409-1615 USA    1-800-809-2195


Mime
View raw message