IIUC even single-threaded Zig programs built with ReleaseSafe are not guaranteed... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ameliaquining 6 months ago \| parent \| context \| favorite \| on: There is no memory safety without thread safety IIUC even single-threaded Zig programs built with ReleaseSafe are not guaranteed to be free of memory corruption vulnerabilities; for example, dereferencing a pointer to a local variable that's no longer alive is undefined behavior in all optimization modes.

skeezyboy 6 months ago [–]

well just dont do it then

ameliaquining 6 months ago | [–]

That's also the standard advice in C and C++, and yet, people screw it up frequently enough to merit a CWE category: https://cwe.mitre.org/data/definitions/562.html

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact