This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: C++ and Java CNI: Check Java references

>>>>> "Per" == Per Bothner <per@bothner.com> writes:

>> The semantics of Java require dereferencing a null pointer to an
>> object to throw a NullPointerException.  We already generate code to
>> do this in the Java compiler; this patch is for CNI code that is
>> written in C++.

Per> I'm not sure this is a good idea.  The goal is CNI is to write
Per> C++ code that works with Java objects and make it convenient to
Per> write Java native methods; the goal is not to write Java with C++
Per> syntax.  We've put in various hacks in cc1plus to make it
Per> convenient to access Java objects from C++, so to some extent the
Per> actual generated code is different from the source.  However,
Per> explicit null-pointer checking seems to stretch the boundary of
Per> appropriate magic re-writes.

What are the alternatives?

We could require explicit null-pointer checking in all CNI code.

However, explicit checks are redundant when we have a SEGV signal
handler.  So then we could make the checks conditional.

But explicit checks, whether conditional or not, are hard to maintain.
It is easy to add new code which needs a check, without adding the
check itself.  I see it as being like the `GCPRO' requirement in Emacs
-- missing checks are a continual source of bugs.  Now, in this case,
it isn't as bad as Emacs, since a missing check will simply cause a
crash.  That would be fine if we believed that testing could uncover
all such crashes.

Tom
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]