Rationale | |
Pointers are easily misused, even by experienced programmers.
They can make it hard to follow or analyze the flow of data in
a program, especially by tool-based static analyzers. Function
pointers, similarly, can seriously restrict the types of checks
that can be performed by static analyzers and should only be
used if there is a strong justification for their use, and
ideally alternate means are provided to assist tool-based
checkers determine flow of control and function call hierarchies.
For instance, if function pointers are used, it can become
impossible for a tool to prove absence of recursion, so
alternate guarantees would have to be provided to make up
for this loss in analytical capabilities.
|