Hi Chad,
on Sun, Mar 18, 2012 at 07:18:01PM -0400, Chad wrote:
I'd also add that the behavior of assertions vary based on configuration, which is confusing at best.
Being able to vary based on configuration actually is a feature. An essential one. It lowers assert's impact on performance. But there is no need to mess with configuration. asserts work out of the box. You are only given the possibility to turn them off.
The same holds true for the very software MediaWiki is built on. The software uses and relies on asserts, but gives you the possibility to turn assertion checking off. * MySQL uses asserts [1]. * PHP uses asserts [2].
asserts and the possibility to turn them on and off is not confusing there.
But MySQL and PHP are not the only adopters of asserts. Just take about any quality software. The source code takes advantage of asserts (e.g.: Libreoffice [3])
But it's not only practical software engineering. Literature is also strongly in favor of using asserts as well: In books: E.g.: S. McConnell. Code Complete [4] In papers: E.g.: G. Kudrjavets, N. Nagappan, T. Ball. Assessing the Relationship between Software Assertions and Code Quality: An Empirical Investigation [5] In talks: E.g.: T. Hoare. Assert early, assert often [6]
Kind regards, Christian
[1] E.g.: ./mysql-5.1.59/regex/engine.c:199--206 in the MySQL 5.1.59 tarball:
-----8<-----BEGIN-----8<----- assert(dp == NULL || dp == endp); if (dp != NULL) /* found a shorter one */ break;
/* despite initial appearances, there is no match here */ NOTE("false alarm"); start = m->coldp + 1; /* recycle starting later */ assert(start <= stop); -----8<-----END-----8<-----
And here you clearly see what asserts buy you. With just this snippet of code, the first assert tells you what to expect from “dp” at this point. At development time, this contract is automatically checked and a breach thereof is signalled. On production systems, the asserts are deactivated and are ignored.
[2] E.g.: main/streams/memory.c:86--97 in the PHP 5.3.9 tarball:
-----8<-----BEGIN-----8<----- static size_t php_stream_memory_read(php_stream *stream, char *buf, size_t count TSRMLS_DC) { php_stream_memory_data *ms = (php_stream_memory_data*)stream->abstract; assert(ms != NULL);
if (ms->fpos + count >= ms->fsize) { count = ms->fsize - ms->fpos; stream->eof = 1; } if (count) { assert(ms->data!= NULL); assert(buf!= NULL); -----8<-----END-----8<-----
Again, the asserts tell you what to expect from “ms” etc.
[3] E.g.: sc/source/core/data/markdata.cxx:241--243 in the libreoffice-calc 3.4.4.2 tarball:
-----8<-----BEGIN-----8<----- if ( bMultiMarked ) { DBG_ASSERT(pMultiSel, "bMultiMarked, aber pMultiSel == 0"); -----8<-----END-----8<-----
(At this point, you see the German StarOffice roots of LibreOffice/OpenOffice.org. The German “aber” means “but” in English. So the assertion message would be bMultiMarked, but pMultiSel == 0 in English)
[4] isbn:9780735619678
[5] http://research.microsoft.com/pubs/70290/tr-2006-54.pdf
[6] http://research.microsoft.com/en-us/people/thoare/assertearlyassertoften.ppt Be sure to read the notes within the ppt.