On 8/6/2014 5:14 AM, "Marc Schütz" <[email protected]>" wrote:
We're not living in an ideal world, unfortunately. It is bad enough that programs are wrong as they are written, we don't need the compiler to transform these programs to do something that is still wrong, but also completely different. This would make your goal of fixing the program very hard to achieve. In an extreme case, a small error in several million lines of code could manifest at a completely different place, because you cannot rely on any determinism once undefined behaviour is involved.
You are technically correct, and I used to worry about that. But after using assert()s for 30 years, I can only think of this happening once. assert()s tend to trip very shortly after the actual error occurred. Of course, there's a bit of an art to appropriate placement of those assert()s.
It seems like the opposite: instead of trying to prove the assertions statically, they're going to be believed without verification.
The point of an assert is it is something the programmer says must be true, not the compiler.
