Hi,
At Sun, 11 Nov 2001 19:11:45 +0100 (CET),
Richard Guenther wrote:
>
> Hi!
>
> I have some serious concerns about the usage of assert()s in the
> alsa library code. As any public API function is guarded with
> asserts() against calls with incorrect arguments (and more
> asserts for other stuff), a call with incorrect arguments of any
> alsa API function will unconditionally _terminate_ the application.
> This is of course strictly discouraged operation of a library.
>
> Also, assert() is _not_ designed for being used as checks against
> user errors, but to assure _internal_ consistency - so its correct
> to guard not-exported functions with asserts(), if and _only_ if
> these asserts are not supposed to trigger and if they do, its
> a real _bug_ in the library implementation.
>
> This way a compile with -DNDEBUG is possible without crashing within
> alsalib on application/user errors.
>
> Note that with the current use of assert()s error checking is not
> possible from the application, as f.i. a bad device string entered
> by the user does simply terminate the application (if started from
> X even without any clue what happened).
>
> So the following steps need to be done before releasing 1.0:
> - remove all assert()s from exported API functions, instead
> replace them with usual checks and return appropriate errors
> instead (and document this). F.i.
I agree that the function should return instead of terminate the
program.
One conern is whether to put a warning/error message when an invalid
argument is given. It's helpful but sometime annoying.
So...
> const char *snd_pcm_name(snd_pcm_t *pcm)
> {
> assert(pcm);
> return pcm->name;
> }
> should become
> const char *snd_pcm_name(snd_pcm_t *pcm)
> {
> if (!pcm)
> return NULL;
> return pcm->name;
> }
Adding another macro (like snd_assert in alsa-driver) instead of
standard assert? The behavior can be dependent upon the compile
condition, i.e. with full debug message, return only, replaced with
the normal assert macro, or even ignored.
const char *snd_pcm_name(snd_pcm_t *pcm)
{
snd_assert(pcm, return NULL);
return pcm->name;
}
/* replace with assert */
#define snd_assert(expr, ...) assert(expr)
/* debug message and action */
#define snd_assert(expr, ...) do {\
if (!(expr)) {\
fprintf(stderr, "alsa-lib assert: %s in %s\n",\
__STRING(expr), __PRETTY_FUNCTION__);\
__VA_ARGS__;\
}\
} while (0)
/* action only */
#define snd_assert(expr, ...) do {\
if (!(expr)) { \
__VA_ARGS__;\
}\
} while (0)
/* ignore check */
#define snd_assert(expr, ...) /**/
Takashi
_______________________________________________
Alsa-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/alsa-devel
