Null references (oh no, not again!)

[Walter Bright]

Denis Koroskin wrote:
> Most people can't afford their applications run on a few computers just 
> in case one of them fails.

Then you cannot afford to run *critical* systems on them.


> No doubt, Google Chrome is a beautiful piece of software. It doesn't 
> crash the whole browser when something is null-dereferenced. But the 
> message I've been writing for half an hour is *lost* anyway when the 
> host process fails.

That's annoying, sure, but it is not a disaster, and often editors have 
an "auto-save" feature. After all, power failures happen, too. They 
happen around here a lot, as I'm at the end of a long road that is 
always having problems with the wires.

> The way you suggest writing software is like a doctor who suggests 
> curing/hiding symptoms rather than the cause of an illness. You 
> shouldn't rely on exception recovery when you may avoid the whole class 
> of bugs altogether.

It is not hiding the symptom, it is recognizing the reality that you 
cannot write perfect software, so to require perfect software *and* 
depend on it being perfect is a recipe for inevitable disaster.

The way to have reliable systems is not to assume perfection in every 
component, but to be tolerant of failure of *any* component.