Contracts, Undefined Behavior, and Defensive,Programming
Jesse Phillips
Jesse.K.Phillips+D at gmail.com
Sat Jun 13 14:41:19 UTC 2020
On Saturday, 13 June 2020 at 08:52:18 UTC, Johannes Pfau wrote:
>
>
> So using definsive programming we turned soft UB into hard UB
> which will probably crash the program. It could also cause
> memory corruption, run into an infinite loop, .... And please
> note that all this even happens in a @safe function.
>
> So because of this, I think it's a really bad idea to conflate
> assume and assert meanings.
The article talks about this. It states that soft undefined
behavior can lead to hard UB.
I don't think it tries to argue this is OK. What it talks about
is the importance of validation of external input. Saying that if
we have well guarded inputs will allow us to detect program bugs
through assertion seems a little optimistic.
However I do think emphasizing the input validation early is
something important and severely lacking in the web development
side. Though it is also hard to define where the system input vs
external input boundaries are.
The concept that a method should provide a form with input
validation and one with defensive programming is interesting.
More information about the Digitalmars-d
mailing list