shafik added a comment. In D135551#3853365 <https://reviews.llvm.org/D135551#3853365>, @rnk wrote:
> I think the status quo has real problems. We pretend that we can do both of > these: > > - Assert liberally, with the understanding that assertion failures lead to UB > (failed bad cast check, bounds checks, unreachable code, etc) > - We can actually find and fix all cases that violate those inputs to the > point that clang is stable and secure enough for our satisfaction > > Currently, it is really easy to run fuzzers and find crash bugs in clang. I > think the lesson we should take from that is that we are compromising goal 2 > here, and we shouldn't kid ourselves about it. > > Maybe the goal is not security, but is instead something about user or > developer experience, but we should go through some higher level process to > clarify that goal so we can write it down and agree on it. +1 to all of this Repository: rG LLVM Github Monorepo CHANGES SINCE LAST ACTION https://reviews.llvm.org/D135551/new/ https://reviews.llvm.org/D135551 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
