[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-hackers
Subject:    Re: kernel assertions
From:       Michael Hancock <michaelh () cet ! co ! jp>
Date:       1996-07-29 15:08:41
[Download RAW message or body]

On Mon, 29 Jul 1996, David Greenman wrote:

> >In our code:
> >	void
> >	foo(char *buf, int i
> >	{
> >		ASSERT(buf,("foo(%p, %d): buf is zero",buf,i));
> >		...
> >	}
> 
>    Blech. Macros are evil unless they actually do something real to improve
> the code. Please, let's NOT adopt this practice.

They can reduce conceptual pollution.  A conscientious programmer might
integrate various checks into code that is trying to do something else and
as a side-effect makes the code more complicated for readers and even
compiler optimizers.

Assertions are the most under-rated software engineering tool I can think
of. 

If you want more information, stringify the expression in the assertion
failure message or add a description parameter.

At least give us the benefit of the doubt and try applying this to some
random sample of code to see the difference it makes.

I can think of 3 types of programmers who don't use assertions:

1) The god who writes all the code with zero bugs and doesn't need
assertions. 

2) The conscientious defensive programmer who integrates a lot of code
checks in his code.  The code has lots of nested structures and is
complicated to read.

3) The programmer who gives up on the writing the checks because it's
hell.  His code is probably the source of very hard to find bugs.

Assertions are simple to use and let's you write code for the problem at
hand.  There's no question as to where the responsibilities of the caller
or callee lie.

Mike Hancock

[prev in list] [next in list] [prev in thread] [next in thread]