Comment by Thaxll
2 days ago
Null pointer dereference has nothing to do with that problem, they have billions of loc you think that kind of issue will never happen?
This is 100% a process problem.
2 days ago
Null pointer dereference has nothing to do with that problem, they have billions of loc you think that kind of issue will never happen?
This is 100% a process problem.
A null pointer crashing your entire service in 2025 is a process problem
I mean, I don't want to be a "Keeps bringing up Rust in the comments" sort of guy, but null pointer dereferences are in fact a problem that can be solved essentially completely using strict enough typing and static analysis.
Most existing software stacks (including Google's C++, Go, Java) are by no means in a position to solve this problem, but that doesn't change that it is, in fact, a problem that fundamentally can be solved using types.
Of course, that'd require a full rewrite of the service.
Rust only stops you crashing the process in the "oh, I didn't realise this field can be null" case.
It doesn't help with the "yes, in theory it can be null, but in practice it never will be" case. Once you write .expect() you are crashing the service just as badly as a dereference when your assumptions turn out to be wrong.
You're assuming that not having a crash would prevent the problem they had.
In this case that seems like a safe assumption? The crash meant there was impact to all customers, not just the ones using the new feature.
3 replies →
I'd say the binary not crashing would certainly be an improvement.
Even better if the type checker specifically highlights the fact that a value can be zero, and prevents compilation of code that doesn't specifically take this possibility into account.
You just brought up Rust. Welcome to the club.