On Sat, Oct 31, 1998, Ben Laurie wrote:

> > > >[...]
> > > > | nRead=saferead(nFD,&usLength,sizeof usLength);
> > > > | assert(nRead == sizeof usLength);
> > > >
> > > > Here the assert makes sure that really the requested number of bytes are read.
> > > > But when an I/O error or some other communication problem occurs the actual
> > > > number of read bytes can be different. Then the gcache process falls down.
> > > > And I've seen exactly gcache exits with this assertion on my boxes (Solaris
> > > > 2.6) while I was mostly sure that no personal attacker was involved. Instead
> > > > I really assume it was just some I/O communication error...
> > >
> > > This is exactly where it failed when gcache was crashing because of a
> > > bug. Could it be that you assumed there was a network error instead?
> > > Since gcache was fixed I have had no reports of this assertion failing.
> > 
> > May be, I've the error messages no longer available.
> 
> I assume you log something when it happens. Do you see the log message?

It was in the error_log, yes. But a quick grep over my error log archive of
www.engelschall.com currently results in nothing. Either it was not this
particular box or I've to search in even older error logs. I'll search for
the entry in more depth the next days, Ben.

>[...]
> > But always do good prevention is another good maxim, too ;-)
> 
> I do. That's why I back my assumption up with an assertion. The
> assertion is not intended to catch a condition I believe will ever occur
> in normal operation. It is a symptom that something is wrong. Isn't this
> where we came in?

Yes, and the only problem is that although we both are the opinion that
something is wrong under those situations we still differ in the opinion which
action should be done. I'm still convinced that it's not really reasonable to
use assertions (which do the exit of the process). But as we discovered by our
discussion now there is no generally correct way. So your assertion-based
approach can be acceptable although it makes life of the users nasty.
Nevertheless I _personally_ prefer non-assertion based error checking where
error codes are passed up to the callers and where the processed don't die.

And I would appreciate when Apache-SSL's gcache would use the same approach.
That's why we discussed this topic.

                                       Ralf S. Engelschall
                                       [EMAIL PROTECTED]
                                       www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List               [EMAIL PROTECTED]
Automated List Manager                       [EMAIL PROTECTED]

Reply via email to