Shouldn't invalid references like this fail at compile time?
lobo
swamp.lobo at gmail.com
Wed Jan 24 03:46:41 UTC 2018
On Wednesday, 24 January 2018 at 02:28:12 UTC, Mike Franklin
wrote:
> On Wednesday, 24 January 2018 at 01:44:51 UTC, Walter Bright
> wrote:
>
>> Microcontroller code tends to be small and so it's unlikely
>> that you'll need to worry about it.
>
> I think you need to get involved in programming
> microcontrollers again because the landscape has changed
> drastically. The microcontrollers I use now are more powerful
> than PCs of the 90's.
>
> The project I'm currently working on is an HMI for industrial
> control with a full touchscreen 2D GUI. The code base is
> 240,084 lines of code and that doesn't even include the 3rd
> party libraries I'm using (e.g. 2D graphics library, newlib C
> library, FreeType font rendering library). That's not "small"
> by my standard of measure.
>
> And with devices such as this being increasingly connected to
> the Internet, such carelessness can easily be exploited as
> evident in https://en.wikipedia.org/wiki/2016_Dyn_cyberattack
> And that's not to mention the types of critical systems that
> run on such platforms that we are increasingly becoming more
> dependent on.
>
> We better start worrying about it.
>
> Mike
Well if your embedded device has all that on it you should be
sitting on an OS with proper memory management support. Even the
hokey FreeRTOS can be configured to throw a hardware exception on
nullptr access.
I work on critical systems SW developing life support and pace
makers. For us nullptrs and memory management is not an issue. It
is not hard to design these problems out of the critical
component architecture.
The bigger problem is code logic bugs and for that we make heavy
use of asserts and in-out contracts. We don't use D, it is all
C++ and some Ada in the older systems.
bye,
lobo
More information about the Digitalmars-d
mailing list