Author: Mike Hearn 2014-06-04 10:51:15
Published on: 2014-06-04T10:51:15+00:00
The current assertion system in Bitcoin Core is designed to prevent incorrect behavior that could be costly. However, it comes at a price: assertions must meet certain performance requirements and therefore can't do expensive, redundant checks in performance-critical code. Assertions are intended for checks like ensuring a hash hasn't changed, a tree structure remains a tree, data is sorted, or data structures are in sync. Some assert concerns could be resolved if the currently used asserts were changed to a nicer definition independent of NDEBUG, and a second class of debugging asserts was introduced exclusively for expensive, redundant checks and disabled by NDEBUG. Although it's common for professional codebases to require assertions be enabled, Bitcoin Core currently will fail to build if assertions are disabled. This decision was made due to an abundance of caution, and in the real world, errors happen here and there, so making robust software involves defense in depth. Using their own assertion macros would probably be superior since they can give better reporting and don't have the baggage ordinary assertions have. However, as the codebase is a production thing, making larger changes all at once to satisfy aesthetics would be unwise. Simply refusing to compile in that untested, unsupported configuration is prudent for the time being.
Updated on: 2023-06-08T23:34:45.413631+00:00