Using assertions versus throwing exceptions?
-
22-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Often when I write a functions I want to make sure the inputs to it are valid in order to detect such errors as early as possible (I believe these are called preconditions). When a precondition fails, I've always thrown an exception. But I'm beginning to doubt whether this is the best practice and if not assertions would be more appropriate.
So when should I do which: when is it appropriate to use an assertion and when is it appropriate to throw an exception?
Solution
Assertions should only be used to verify conditions that should be logically impossible to be false (read: sanity checks). These conditions should only be based on inputs generated by your own code. Any checks based on external inputs should use exceptions.
A simple rule that I tend to follow is verifying private functions' arguments with asserts, and using exceptions for public/protected functions' arguments.
OTHER TIPS
Assertions are used to find programming errors. Your programs must work just as well when all assertions are removed.
Exceptions, on the other hand, are for situations that can happen even when the program is perfect; they are caused by external influences, like hardware, network, users etc.
Typical programming practice is to compile out assertions from production/release builds. Assertions will help only during internal testing to catch failure of assumptions. You should not assume the behavior of external agencies, so you should not assert on events from the network or user. Also it is a good practice to write handling code for production builds in case an assertion fails.
For example in C,
int printf(const char *fmt, ...)
{
assert(fmt); // may fail in debug build but not in production build
if (!fmt) return -1; // handle gracefully in production build
...
}
Exceptions are meant to be built into production builds. The alternative for exception is returning error and not assertions.
One problem with asserts for me is that they are disabled by default in Java.
We use a fail-first strategy where the program - which may have been running unattended for years - needs to crash as early as possible to avoid data corruption in case of bad data (on an unexpected form). This is what we use the checking for, and by using asserts we basically risk them not being active.
