[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [RFC] Replacement for "assert" in the libraries

From: David Glasser <glasser_at_davidglasser.net>
Date: Fri, 13 Jun 2008 11:00:19 -0700

On Fri, Jun 13, 2008 at 9:21 AM, Julian Foad <julianfoad_at_btopenworld.com> wrote:
> -------
> The standard C assertion, typically used at the beginning of a function
> in statements like
> assert(arg1 != NULL);
> is an extremely useful self-checking tool for catching bugs, but in a C
> library it has the unfortunate property that the program using the
> library can't trap it. When that program is something big like an IDE or
> the Windows desktop, the result of the ensuing crash is too destructive.
> Subversion's standard error reporting mechanism, which is mainly used
> for reporting logical exceptions, can also be used to report bugs:
> if (! arg1)
> return svn_error_create
> _("foo() cannot be called with a NULL arg1"));
> However, when written like this, it causes unnecessarily a decrease in
> readability (4 lines just to indicate one simple fact) and an increase
> in translator effort.
> --------
> A new macro:
> which expands to something suitable, like the above code snippet,
> returning an svn_error_t if the assertion fails.
> Why does this seem too simple to be true?

I do think that there is value in having a way of assert/aborting from
anywhere in the code (not just svn_error_t-returning functions) which
can't be ignored accidentally by forgetting to write SVN_ERR and
friends. Additionally, assert/abort generally gives good stack traces
when run in gdb, whereas it's trickier to track down the source of our
error objects.

However, I continue to agree with Stefan Kung's oft-stated objection
to using assert() and abort() themselves for this purposes, since
these calls have a far-too-drastic effect in the context of Subversion
libraries embedded in a long-running program (like the Windows
explorer). I still think the right answer is to replace assert and
abort with SVN_ASSERT and SVN_ABORT, which are #defined by default to
assert/abort but which can be redefined at compile time to more
appropriate functions for applications like Tortoise.


David Glasser | glasser@davidglasser.net | http://www.davidglasser.net/
To unsubscribe, e-mail: dev-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: dev-help_at_subversion.tigris.org
Received on 2008-06-13 20:00:39 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.