Norbert Unterberg wrote ...
> Now it is time to add my noise to the topic ... though I am not a
> subversion developer.
[...]
> As one of the first posters in this thread, I know the "Writing Solid
> Code" book by Steve Maguire, and I can only highly recommend it.
[...]
> Trust your code! assert is a valuable debugging aid. Debug the debug
> version, but release the release version! Do not let the
> customer (well,
> end-user) debug your code.
I'm not a Subversion developer (yet), but I did read Maguire's book many
moons ago, as well as _Object-Oriented Software Construction_, where
Bertrand Meyer explains the use of preconditions, postconditions and
invariants in the Eiffel language, in a similar manner. However, as a
database developer I know it is preferable to crash a DBMS server--as
long as doing so doesn't corrupt the user data or the indices, instead
of issuing an error and moving right along, or worse yet, not executing
a critical check in a production environment (it is even better to
terminate an offending thread within a server, assuming its problem
cannot affect the rest).
Assertions, preconditions, postconditions and invariants are all
valuable, but there are a few places where you must say, "as unlikely as
it may seem, if this condition occurs, we're in deep trouble and we HAVE
to bail out". The use of an explicit abort() call in those places (or a
similar radiation_levels_too_high() :-), appears preferable to "masking"
the issue with a verify() call.
Joe
Joe Abbate
Senior Software Engineer
Ingres Development
Computer Associates
joseph.abbate@ca.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Nov 12 15:20:27 2004