Bad array indexing is considered deadly
Timon Gehr via Digitalmars-d
digitalmars-d at puremagic.com
Wed May 31 16:40:00 PDT 2017
On 01.06.2017 00:22, Moritz Maxeiner wrote:
> On Wednesday, 31 May 2017 at 21:29:53 UTC, Timon Gehr wrote:
>> On 31.05.2017 22:45, Moritz Maxeiner wrote:
>>> On Wednesday, 31 May 2017 at 20:09:16 UTC, Nick Sabalausky (Abscissa)
>>> wrote:
>>>> [...]
>>>>> program is in an undefined state and should terminate asap.
>>>>
>>>> Then out-of-bounds and assert failures should be Exception not
>>>> Error. Frankly, even out-of-memory, arguably. And then there's null
>>>> dereference... In other words, basically everything.
>>>
>>> No, because as I stated in my other post, the runtime *cannot* assume
>>> that it is safe *in all cases*. If there is even one single case in
>>> which it is unsafe, it must abort.
>>
>> Hence all programs must abort on startup.
>
> In the context of the conversation, and error has already occurred and
> the all cases was referring to all the cases that lead to the error.
Bounds checks have /no business at all/ trying to handle preexisting
memory corruption, and in that sense they are comparable to program startup.
More information about the Digitalmars-d
mailing list