On Fri, 17 May 2013 22:04:22 +0200, Luca Barbato <[email protected]> wrote: > On 05/17/2013 09:53 PM, Anton Khirnov wrote: > > A proper use for an assert is when the code following it would crash anyway > > if > > the assert wasn't there and the asserted condition was false. In such a > > case the > > assert makes it much easier to track what went wrong. It can also simplify > > understanding the author's intent. > > I consider this exactly an improper and dangerous use of assert(). > > If you know already that codepath would lead to a crash the proper > solution is to return an error to the caller. > > Imagine having your browser/vnc-terminal/chat-application crash because > of a network glitch because you put an assert() in a decoding routine > (e.g. the vorbis one pointed by j-b).
That is a bug in the decoder then, which should be fixed. It's not really different from any other bug that would cause a crash. Many kinds of code can cause a crash if there's a bug there, shall we remove all such code? That said, I'm not against replacing plain asserts with av_asserts, so people who prefer random hard to debug crashes over asserts can choose that. But I am against removing asserts on the grounds that 'it might crash if there is a bug in it'. A lot of code might crash if there is a bug in it. -- Anton Khirnov _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
