On 07.03.2017 16:48, Kagamin wrote:
On Monday, 6 March 2017 at 21:05:13 UTC, Timon Gehr wrote:
Not every program with a wrong assertion in it exceeds array bounds.
Until it does.
Not necessarily so. With -release, it will be able to both exceed and
not exceed array bounds at the same time in some circumstances.
What I'm not buying is that the existence of UB in some circumstances
justifies introducing more cases where UB is unexpectedly introduced.
It's a continuum. Generally, if you add more failure modes, you will
have more exploits.
I might need to point out that -release does not disable bounds checking
in @safe code while it has been stated that -release introduces UB for
assertion failures in @safe code.
There is no flag for disabling assertion/contract checking without
potentially introducing new UB.
Why is this the best possible situation?
