LibTiff Mailing List
TIFF and LibTiff Mailing List Archive
February 2009
Previous Thread
Next Thread
Previous by Thread
Next by Thread
Previous by Date
Next by Date
Contact
The TIFF Mailing List Homepage
This list is run by Frank Warmerdam
Archive maintained by AWare Systems
Thread
2009.02.06 15:05 "Re: assertions, and building with DEBUG/NDEBUG", by Frank Warmerdam
Joris Van Damme (AWare Systems) wrote:
> In a related place in the code I find the following:
>
> assert(fi!=0xFFFFFFFF);
> if (fi==0xFFFFFFFF)
> {
> TIFFErrorExt(...)
> return();
> }
>
> That might just be code by my hand, as I do such constructs. It means
> that I'm about 99.99% sure it's a safe assumption that fi cannot
> possibly equal 0xFFFFFFFF at that point. I'd like to get some
> reassurance from the testing stage that my assumption is indeed correct,
> and some feedback if/when it isn't, and some proper warning if
> auxilliary code should change in such a way that it has an impact on the
> correctness of this assumption here, so I put in the assert. And I'm
> also considering it's (very) remotely possible my assumption might be
> incorrect in some very obscure case that doesn't get caught in the
> testing stage, so this not being a critical path I'm putting in extra
> security with a safe and correct error return if ever my assumption
> should turn out incorrect in the production software stage where the
> assert is compiled out.
Joris,
I also use assert()'s in a situation like the above. That is, I put
in an assert() for a case I'm pretty sure should never arise, but out
of an excess of caution I put in runtime error handling so a production
system would still recover. But the assert is valuable in bringing
it to my attention if my assumption about a case never possibly arising
proves to be wrong - well it brings it to my attention in a developer
build anyways.
The conclusions I've come to on this whole thread are:
o I will remove asserts and provide appropriate runtime error handling
for cases that can actually occur in the the real world (for instance
in the face of corrupt files).
o I will leave asserts anywhere that I/we as developers believe a
condition can never occur.
o I will leave it to those building the software to define NDEBUG if they
want the assertions out.
o I can see there are a variety of opinions on appropriate use of assert().
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | Geospatial Programmer for Rent