On Tuesday, 21 July 2020 at 13:23:32 UTC, Adam D. Ruppe wrote:
But the array isn't initialized in the justification scenario.
It is accessed through a null pointer and the type system
thinks it is fine because it is still inside the static limit.
At run time, the cpu just sees access to memory address 0 + x,
and if x is sufficient large, it can bypass those guard pages.
I'm not that convinced. This totally depends on how the virtual
memory for the process looks like. Some operating systems might
have a gap between 0 - 16MB but some others don't. This is also a
subject that can change between versions of the OS and even more
uncertain as address space randomization becomes popular. Safety
based on assumptions aren't really worth it.
I don't personally care about the 16MB limit as I would never use
it for any foreseeable future but the motivation for it is kind
of vague.