Re: let g_warn_if_fail replace g_assert

[Tim Janik <timj imendio com>]

On Fri, 19 Oct 2007, Federico Mena Quintero wrote:

> On Wed, 2007-10-17 at 11:56 +0200, Tim Janik wrote:
> > - extend the g_assert() docs to note that:
> >    1) programmers are more likely to want to use g_warn_if_fail instead
> >       (particularly for libraries, allthough the destabilizing effects
> >       of g_assert are also worth avoiding in applicaiton code);
>
> This is the part I don't like.  Making failed sanity checks not exit the
> program will *not* make your program more robust; it will just make
> people ignore broken programs.  Nobody paid attention to critical
> warnings until we started actively crashing programs that printed them
> during development versions --- grep for g_log_set_always_fatal() in
> gnome-session/main.c.

the fact that a crasher gets more attention than a warning doesn't
make it better usability wise.
an example for a better solution would be an unconditional dialog along:

  === Warning: stability compromised ===================================

   Application <foobar> failed an internal integrity check. Please save
   your data and exit as soon as possible. Additionally, it'd be nice
   if you reported the failure notice detailed below to the upstream
   project.

     +-[>]--- Details ------------------------------------------+
     | Bug reporting: htttp://upstream/bugzilla/url             |
     | Failure notice:                                          |
     | ** WARNING **: frobnicate(): assertion 'ref_count != 0'  |
     | failed.                                                  |
     +----------------------------------------------------------+


such a thing should be triggered upon every critical/warning (and most
if not all assertions should be turned into a warning).

>  Federico

---
ciaoTJ