English subtitles

← 01-21 When To Use Assertions

01-21 When To Use Assertions

Get Embed Code
1 Language

Showing Revision 2 created 07/16/2014 by Udacity Robot.

  1. What I'm going to do now is read a short quote from Julian Seward,
  2. the author of the Valgrind Tool.
  3. If you haven't used Valgrind and if you're a serious C++ developer, you really should.
  4. It's an amazing tool that runs dynamic checks on your running program.
  5. and it looks for errors such as null pointer references,
  6. out-of-bounds array accesses, and other things.
  7. He said, "This code is absolutely loaded with assertions, and these are permanently enabled.
  8. As Valgrind has become more widely used, they have shown they worth,
  9. pulling up various bugs
  10. which would otherwise have appeared as hard-to-find segmentation faults.
  11. I am of the view that it's acceptable to spend 5%
  12. of the total running time doing assertion checks."
  13. So, what Julian is saying here is that he's going to cost everybody 5% of total running time
  14. in order to make testing and debugging of Valgrind easier.
  15. I've included this somewhat long quote because I really agree with Julian here.
  16. I think it's generally worth our time to try to make our code fail early, fail fast,
  17. rather than keeping going and failing in confusing ways later
  18. or even providing people with completely wrong results.
  19. On the other hand, let's imagine we're working at NASA or someplace like that,
  20. and we're writing software that's going to be controlling a spaceship
  21. as it lands on Mars or some other planet.
  22. We have to ask ourselves the question do we want
  23. to enable assertions checks for this kind of a mission?
  24. I actually talked to a NASA engineer some time ago
  25. who had worked on the software for one of the Mars missions.
  26. What he told me was for most of the mission--
  27. that is to say for the launch phase, for the cruise phase, for orbiting Mars--
  28. they had plenty of assertions enabled in the actual mission software--
  29. that is to say, in the software running on the spacecraft.
  30. On the other hand, for a short period of time during which the spacecraft
  31. was actually landing they disabled all of the assertions
  32. on the idea that they got only one shot to land on the planet
  33. and that if anything went wrong with the software during the landing process
  34. it was better to just try to keep going,
  35. because an assertion violation leading to a system reset
  36. could cause the lander to become unstable
  37. in such a way that it wouldn't have been recoverable.
  38. That gives us a summary.
  39. If you're doing something so critical that it keeps going that it resembles landing
  40. a spaceship on Mars, then go ahead and turn off assertions in your production software.
  41. Otherwise, you're probably better off leaving them enabled.