< Previous by Date Date Index Next by Date >
< Previous in Thread Thread Index Next in Thread >

Re: [reSIProcate] More problems with `assert'



On 11/6/06, Daniel Pocock <daniel@xxxxxxxxxxxxxxxxxxxxx> wrote:


Jason Fischl wrote:

> On 11/6/06, Daniel Pocock <daniel@xxxxxxxxxxxxxxxxxxxxx> wrote:
>
>>
>>
>> There is also a side issue on the use of assert: perhaps it would be
>> useful to have a configure option at compile time to decide if we want
>> to use assert() in a strict manner, or we would prefer to use `lazy'
>> alternative code that just logs an error and tries to carry on where
>> genuinely feasible.
>>
>> This already exists. If you build with optimization CODE_OPTIMIZE=1, the
>
> asserts are compiled out. Only the debug builds have assertions enabled.

It's not quite the same thing - the asserts are compiled out, but no
warnings or log messages are given in their place.

I think this is the correct behavior in a production system.

I'm not questioning the legitimacy of putting the asserts in the first
place - they are very valuable and show very clearly where problems may
occur - I'm just looking at practical ways of getting useful feedback
from systems that are in a production environment.

In my opinion, you should not be putting log messages in production systems that log programmer errors. This leads to a potential attack on the system.