Hacker Neue

Preferences
creato parent
The "standard" (typically defined in projects I'm familiar with, and as of C23, an actual standard) is "unreachable": https://en.cppreference.com/w/c/program/unreachable.html
vlovich123
That is not the same thing at all. Unreachable means that entire branch cannot be taken and the compiler is free to inject optimizations assuming that’s the case. It doesn’t need to crash if the violation isn’t met - indeed it probably won’t. It’s the equivalent of having something like

    x->foo();
    if (x == null) {
        Return error…;
    }
This literally caused a security vulnerability in the Linux kernel because it’s UB to dereference null (even in the kernel where engineers assumed it had well defined semantics) and it elided the null pointer check which then created a vulnerability.

I would say that using unreachable() in mission critical software is super dangerous, moreso than an allocation failing. You want to remove all potential for UB (ie safe rust with no or minimal unsafe, not sprinkling in UB as a form of documentation).

creato OP
You're right, the thing I linked to do does exactly that. I should have read it more closely.

The projects that I've worked on, unconditionally define it as a thing that crashes (e.g. `std::abort` with a message). They don't actually use that C/C++ thing (because C23 is too new), and apparently it would be wrong to do so.

uecker
You can use the standard feature with the unreachable sanitizer: https://godbolt.org/z/3hePd18Tn
skepti
For many types of projects and approaches, avoiding UB is necessary but not at all sufficient. It's perfectly possible to have critical bugs that can cause loss of health or life or loss of millions of dollars, without any undefined behavior being involved.

Funnily enough, Rust's pattern matching, an innovation among systems languages without GCs (a small space inhabited by languages like C, C++ and Ada), may matter more regarding correctness and reliability than its famous borrow checker.

zozbot234
Didn't PASCAL have variant record types with a kind of primitive pattern matching already?
skepti3
Possibly, I am not sure, though Delphi, a successor language, doesn't seem to advertise itself as having pattern matching.

Maybe it is too primitive to be considered proper pattern matching, as pattern matching is known these days. Pattern matching has actually evolved quite a bit over the decades.

YesBox
C++ keeps getting bigger and bigger :D

Thanks for sharing

creato OP
This is actually C and C++ has not done something similar AFAIK.
hn_go_brrrrr
Fortunately the major compiler vendors all have. Routing around the standards committee is getting more and more common.
TuxSH
C++23 does have std::unreachable (as a function), and its counterpart [[assume(expr)]]

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal