If you needed any more evidence that memory safety is the future...

Timon Gehr via Digitalmars-d digitalmars-d at puremagic.com
Wed Mar 8 07:48:47 PST 2017


On 07.03.2017 16:48, Kagamin wrote:
> On Monday, 6 March 2017 at 21:05:13 UTC, Timon Gehr wrote:
>> Not every program with a wrong assertion in it exceeds array bounds.
>
> Until it does.

Not necessarily so. With -release, it will be able to both exceed and 
not exceed array bounds at the same time in some circumstances.

What I'm not buying is that the existence of UB in some circumstances 
justifies introducing more cases where UB is unexpectedly introduced. 
It's a continuum. Generally, if you add more failure modes, you will 
have more exploits.

I might need to point out that -release does not disable bounds checking 
in @safe code while it has been stated that -release introduces UB for 
assertion failures in @safe code.

There is no flag for disabling assertion/contract checking without 
potentially introducing new UB.

Why is this the best possible situation?


More information about the Digitalmars-d mailing list