Re: [reSIProcate] More problems with `assert'
On 11/6/06, Daniel Pocock <daniel@xxxxxxxxxxxxxxxxxxxxx> wrote:
Jason Fischl wrote:
> On 11/6/06, Daniel Pocock <daniel@xxxxxxxxxxxxxxxxxxxxx> wrote:
>
>>
>>
>> There is also a side issue on the use of assert: perhaps it would be
>> useful to have a configure option at compile time to decide if we want
>> to use assert() in a strict manner, or we would prefer to use `lazy'
>> alternative code that just logs an error and tries to carry on where
>> genuinely feasible.
>>
>> This already exists. If you build with optimization CODE_OPTIMIZE=1, the
>
> asserts are compiled out. Only the debug builds have assertions enabled.
It's not quite the same thing - the asserts are compiled out, but no
warnings or log messages are given in their place.
I think this is the correct behavior in a production system.
I'm not questioning the legitimacy of putting the asserts in the first
place - they are very valuable and show very clearly where problems may
occur - I'm just looking at practical ways of getting useful feedback
from systems that are in a production environment.
In my opinion, you should not be putting log messages in production
systems that log programmer errors. This leads to a potential attack on
the system.