https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112808
Bug ID: 112808 Summary: Consider enabling _GLIBCXX_ASSERTIONS checks by default for debug builds Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: libstdc++ Assignee: unassigned at gcc dot gnu.org Reporter: helge at penne dot no Target Milestone: --- In my experience, the assertions enabled by _GLIBCXX_ASSERTIONS are incredidbly important and effective, but sadly nowhere near as well known or widely used as they deserve to be. Lately, C++ has been attracting negative attention for security, and using _GLIBCXX_ASSERTIONS is probably one of the most efficient and easy ways to improve things in the short term. Should the checks enabled by _GLIBCXX_ASSERTIONS enabled by default in debug builds (somewhat like with NDEBUG and the assert macro), effectlively making them "opt-out" instead of "opt-in"? This will allow a lot of latent security bugs to be detected before software is put into production. This will have a performance hit on unoptimized builds, but my experience so far is that the performance hit on optimized builds is small because the optimizer is very often able to figure out that the checks are redundant, and will remove them. I think making these checks enabled by default in debug builds will have huge positive impact on the security of C++ code bases, at an acceptable cost. It also sends a message that the language add tools is evolving in a more secure direction.