On Thursday, 4 March 2021 at 23:42:58 UTC, Dukc wrote:
I don't understand this part. If an assert was failing, the program is going to terminate anyway, so InvalidMemoryOperationError is no problem. Well, it might obfuscate the underlying error if there is no stack trace, but banning `assert`ing in anything that could be called by a destructor sounds too drastic to me. Even the lowest level system code tends to contain asserts in D, at least in my codebase. If asserting is banned, destructors can do faily much nothing. I'd think it's much more practical to redefine the assert failure handler if InvalidMemoryOperationError due to a failed assert is a problem.
Yes, this can be worked around. Passing -checkaction=C to the compiler will use the C assert handler and no exception will be thrown (which, IMO, should be the default behavior of asserts anyway). But even then, I believe as a general rule that any code which touches an assert has no place in a finalizer. And that's because asserts are inherently deterministic.
A properly-written assert is used to verify an expectation that the program is in a specific state at a specific point in its execution. If the program is not in that state at that point, then we know we've got an error in our code. It's because of this determinism that we can remove asserts from released code and expect that nothing will break, and it's why we don't assert on conditions that are beyond our control (like user input).
Because finalizers are non-deterministic, they kill that "at a specific point in the program's execution" part, rendering any asserts they touch unreliable. It is realistically possible that an assert invoked in a finalizer never triggers during development, then the program is released with asserts removed, and then it breaks out in the wild because a finalizer is invoked at a point when the program isn't in the expected state.
This doesn't make *destructors* useless, but *finalizers* really are mostly useless most of the time, IMO. As D programmers, we need to consciously be aware of the distinction since the language isn't.
