Currently, we build Krita for our users with HIDE_SAFE_ASSERTS=ON. To our users, hitting a KIS_*_ASSERT that means a crash. The assert message itself is added to the logfile.
Currently, if we would build Krita with HIDE_SAFE_ASSERTS=OFF, the users would see a scary message box warning them Krita is about to crash, with ignore and abort buttons. Abort promises more information, but doesn't give that information except on platforms with drkonqui running.
Now that we have millions of users, we want to:
* Not scare our very untechnical users
* Not make our users lose data unnecessarily:
** no qFatal until the user has had a chance to save the file
** or should we autosave all files on hitting an assert and then abort?
* Not abort if it isn't really necessary.
* Gather useful information for bug reports
* Make development easier by having asserts abort Krita during development
For that we need to reimagine the way our error detection and recovery works.
* Asserts need to be logged, with a full backtrace
* We need to review all KIS*ASSERTS and Q_ASSERTS to see which ones should be converted to KIS_SAFE*ASSERTS.
** Saving code should never be able to hit any assert
** Asserts that claim to be recoverable should recover, as gracefully as possible, except in developer builds
** Asserts that cannot recover should autosave and restart krita, except in developer builds
* We need a system to distinguish between developer builds and release builds
** developer builds should halt
** release builds should show a message in the system log
* We need a system to distinguish between alpha/beta builds and final release builds
** Alpha/beta builds should have message box that shows the assert and presents an easy way to report the bug, including the backtrace (kisBacktrace)
** Release builds should act to save the user's data, then tell the user that Krita will restart and that any data can be recovered.