Always-assert: recoverable assertions for Rust

matklad · January 26, 2021, 6:00pm

A version of assert macros inspired by The Use Of assert() In SQLite

if never!(impossible_condition) {
    // The impossible happened 💔
    // This would have panicked in debug.
    // in release we get a chance for best-effort recovery.
    return None;
}

This is useful for long-running applications, which can't just printf("Sucks to be you"); exit(666) if things go south. I am somewhat embarrassed that that it took me so long to realize this pattern exists: seems obvious in retrospect!

cuviper · January 26, 2021, 6:53pm

It would be nice to have #[must_use] on that, so it's not just used as a shorthand for debug_assert, but I guess you'd need stable expression attributes.

matklad · January 26, 2021, 6:56pm

#[doc(hidden)] #[must_use] pub fn __use_me<T>(t: T) -> T { t } would work, but I don't think that would be good -- in rust-analyzer a significant fraction of cases require a do-nothing recovery.

RustyYato · January 26, 2021, 7:26pm

If you're not doing any recovery, shouldn't you use debug_assert?

matklad · January 26, 2021, 7:29pm

That won't log::error in release (which always-assert does via opt in). But other than that, yeah, debug assert would work.

2e71828 · January 26, 2021, 8:01pm

A variant invocation, for people who like to live dangerously:

if never!(impossible_condition) {
    unsafe { unreachable_unchecked() };
}

chrisd · January 26, 2021, 9:18pm

This reminds me of On Error Resume Next from Visual Basic. But hopefully less of a hazard.

Topic		Replies	Views
Non-panicking assertions help	5	2805	May 18, 2022
Will this get optimized away during [release] mode?	2	601	October 9, 2019
Testing for not None and panicking help	9	7559	December 27, 2020
Writing a macro for assert_panic code review	11	1061	December 21, 2021
Unreachable warnings for debug-only panic help	3	128	February 24, 2026

Always-assert: recoverable assertions for Rust

Related topics