[OT] OT: Null checks.
Walter Bright
newshound2 at digitalmars.com
Tue May 6 23:51:05 UTC 2025
On 5/6/2025 8:48 AM, Timon Gehr wrote:
> "The patient has a light cough. The patient has thereby entered an invalid
> state. The doctors must now do as little as possible before they blow up the
> hospital in order to euthanize the patient and everyone else that may have been
> in contact with them."
>
> I want to diagnose and heal the patient!
When the autopilot has entered an invalid state for unknown reasons, you really
don't want it to continue to run. Violent maneuvers can rip the airframe apart.
If a hospital blows up because the computer failed, that's a terrible design.
The correct design for a critical system is:
1. detect invalid state
2. if in invalid state, shut down immediately and engage the backup
> Well, I just don't want any hard crashes in production. Druntime throws other
> kinds of errors besides assert errors, by the way.
Replace the `-release` switch in the build of druntime with `-release
-checkaction=D`.
I do understand you need to debug remotely, and presumably your program is not
critical to your customer. Doing a custom rebuild of druntime with `-release
-checkaction=D` is entirely appropriate for your situation. But I'm hesitant
about making it the default build.
More information about the Digitalmars-d
mailing list