Jeffrey Walton <noloa...@gmail.com> writes: > No asserts, period. They should not get through an audit.
I see that you have a strong opinion on the subject. I'll state my opinion, but I don't want to get into a heated debate. When the condition in an assert is fails, that's evidence of a software bug. In my experience, it's usually prefable to crash immediately and in a controlled manner, to reduce risk of silent data corruption, exploitable buffer overruns, and the like. I guess there are a few applications where it might be better for the program to continua running and hope for the best, but those are exceptions. > What happens when the abort happens? That depends on various per-process and system-level settings. Thaere are lots of possibly software bugs that can lead to a crash of the process, not all involving any asserts. I think it's common practice in security critical applications to disable core dumps using the standard ulimit facility. I can't see asserts as a problem at all in this context. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance. _______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
