On Oct 1, 2013, at 7:30 PM, Walter Bright <newshou...@digitalmars.com> wrote:
> On 10/1/2013 3:37 PM, Jonathan M Davis wrote: >> On Tuesday, October 01, 2013 23:17:01 deadalnix wrote: >>> It shouldn't in a language that have nullable type as default. >> >> I don't see why that's relevant. If you hit a segfault - regardless of >> whether >> it's because of a memory corruption or a null pointer or whatever - it's an >> error that should terminate your program. If we checked for null pointers and >> threw NullPointerError instead of segfaulting, it would be no different >> except >> that it would be an Error being thrown. Both it and segfaults are supposed to >> kill your program without doing cleanup. > > Right. A null pointer dereference is a logic bug in your program, and hence > the program needs to stop immediately, not execute "cleanup" code. > > If there's one notion I'd like to terminate with prejudice, it's the notion > that a running program can "recover" from bugs in itself. I worked on a system whose design was specifically built around trapping and recovering from segfaults (great design, and sadly, patented). Things like this are one of the primary reasons to use a systems programming language. So while I agree in the general sense, I don't think it's appropriate for the language to make a hard and fast assertion here. I think we should choose a reasonable, safe default, but make it overridable. That's pretty much the design philosophy of Druntime.
