But the memory is not overwritten right? OS just does the metadata handling for the pages no longer in use. So it could be a security breach? Am I missing something?
Yes, most I/O is buffered, meaning that when you write something, it might only be written to a buffer not to the device. If you exit without flushing, that data will be lost.
But why would one want to exit without invoking destructors? No Security issue here?
The prototypical example is when invariants are violated. In that case, running destructors might be harmful (e.g. writing corrupted data).
So basically the data left out is anyway useless to anyone and doesn't matter even if it stays in memory?
Well, it doesn't stay in memory. When a process finishes, its resources are cleaned up by the operating system.
But the memory is not overwritten right? OS just does the metadata handling for the pages no longer in use. So it could be a security breach? Am I missing something?
If you hold allocated memory and then free that memory in a destructor, it's the same operation as what the OS will do when the process exits.
Got it thanks. Conversely, is there a problem if all program exits are done without calling any destructors?
Yes, most I/O is buffered, meaning that when you write something, it might only be written to a buffer not to the device. If you exit without flushing, that data will be lost.