Follow

Stop checking for NULL pointers! 

when passing a pointer to a C function, there is only one semantically-correct value for that pointer, as opposed to 264-1 invalid values. NULL may or may not be one of these invalid values. Let the MMU and operating system handle it.

membarrier.wordpress.com/2020/

Stop checking for NULL pointers! 

@danso this is why we can't have nice things.

Stop checking for NULL pointers! 

@Sophistifunk

not sure what you mean. clarify please?

@danso terrible advice like "checking for bad pointers is somebody else's problem" (and the refusal to let go of C) is why everything is broken all the time.

@Sophistifunk

i think the piece makes a pretty compelling argument for omitting a null pointer check in specific circumstances. have you read it?

@danso yes, and I think it's bad advice, of the kind that continues to give us segfaults, NPEs, and CVEs.

@Sophistifunk

hm. it seems to me that if an invalid pointer is passed to a function such as the one described in the article, a programming error has _already_ occurred. in your opinion, what should that function do if it gets an invalid argument?

@danso the entire concept of "it's somebody else's job to check this" and "just change the docs to call it undefined behaviour when X" is where most of these bugs come from.

@Sophistifunk

in the example given, that does not require a change to the documentation. the behaviour of that function is undefined if the pointer points to anything other than a null-terminated string.

C does not provide any mechanism to check most of these cases, so there is nothing to be done other than document them.

Stop checking for NULL pointers! 

@danso ... I'll definitely take a well-defined null-pointer crash over trying to debug a tree of functions returning "something somewhere was invalid"; nice article btw.

What's a bit more debatable is the slightly different case of... if you're a function that doesn't itself dereference it. Would you want to crash on a null pointer as early as possible (... closer to its source) or just go ahead & call the function that might or might not die of it?

Stop checking for NULL pointers! 

@ssafar

just to be extra-clear, i am not the author of the piece i linked! :^)

i am not sure there's a meaningful difference between dereferencing it and passing it to something else which will.

that said, i actually appreciate a good `assert(ptr);` even if the function is not going to directly use ptr.

ideally, whoever first takes the address of an object should be responsible for ensuring its validity!

@danso ... yeah I started out replying kinda thinking it was yours, but then I did eventually realize it wasn't :D

Sounds like it's three questions, actually:
- should you check validity?
- is NULL valid?
- what do I do if I get something invalid?

... with the main case for assert()-s being: it's useful to crash on invalid stuff, NULLs are _usually_ invalid, and they're the only thing for which you even have a chance telling they're invalid?

(but +1 for "assert()-s are appreciated :))

Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.