On Sunday, 20 January 2019 at 09:27:33 UTC, Jonathan M Davis
wrote:
On Saturday, January 19, 2019 10:45:41 AM MST Patrick Schluter
via Digitalmars-d-learn wrote:
On Saturday, 19 January 2019 at 12:54:28 UTC, rikki cattermole
wrote:
> [...]
At least 68030 (or 68020+68851) would be necessary for proper
segfault managing (MMU) and an OS that uses it. Afaict NULL
pointer derefernecing must fault for D to be "usable". At
least all code is written with that assumption.
For @safe to work properly, dereferencing null must be @safe,
which means more or less means that either it results in a
segfault, or the compiler has to add additional checks to
ensure that null isn't dereferenced. The situation does get a
bit more complicated in the details (e.g. calling a non-virtual
member function on a null pointer or reference wouldn't
segfault if the object's members are never actually accessed,
and that's fine, because it doesn't violate @safe), but in
general, either a segfault must occur, or the compiler has to
add extra checks so that invalid memory is not accessed. At
this point, AFAIK, all of the D compilers assume that
dereferencing null will segfault, and they don't ever add
additional checks. If an architecture does not segfault when
dereferencing null, then it will need special handling by the
compiler, and I don't think that ever happens right now. So, if
D were compiled on such an architecture, @safe wouldn't provide
the full guarantees that it's supposed to.
Ok, thanks for the explanation. This said, my statement that a
PMMU is required for NULL pointer segfaults is wrong. Even 68000
can segfault on NULL dereference in user mode at least (the
famous bus error 2 bombs on Atari ST or guru meditations on
Amiga). In priviledged mode though it's not the case as there is
memory at address 0 (reset vector) that might be necessary to
access by an OS.
