Fixing C's Biggest Mistake
Walter Bright
newshound2 at digitalmars.com
Sat Dec 31 06:34:38 UTC 2022
On 12/30/2022 1:07 PM, Timon Gehr wrote:
>> In your description of pattern matching checks in this thread, the check was
>> at runtime.
>> ...
>
> No, the check was at compile time.
The pattern matching is done at run time.
> The check I care about is the check for
> _failure_. The check for _null_ may or may not be _necessary_ depending on the
> type of the reference.
NonNull pointers:
int* p = ...;
nonnull int* np = isPtrNull(p) ? fatalError("it's null!") : p;
*np = 3; // guaranteed not to fail!
Null pointers:
int* p = ...;
*p = 3; // seg fault!
Which is better? Both cause the program to quit on a null pointer.
> This technology has a proven track record.
A proven track record of not seg faulting, sure. A proven trackrecord of no
fatal errors at converting a nullable pointer to nonnull, I'm not so sure.
> Relying on hardware memory protection to catch the null
> reference is never necessary,
If you manually code in a runtime check, sure, you won't need a builtin check at
runtime.
> because _valid programs should not even compile if
> that's the kind of runtime check they would require to ensure type safety_.
Then we don't need sumtypes with pattern matching?
> The hardware memory protection can still catch compiler bugs I guess.
Having a hardware check is perfectly valid for checking things.
BTW, back in the bad old DOS days, I used to write a lot of:
assert(p != NULL);
It was very effective. But with modern CPUs, this check adds no value, and I
removed them.
More information about the Digitalmars-d
mailing list