Could somebody school me on this, because from my limited understand it would seem like this simple step would have avoided the latest TSL bug (as well as potentially millions of other uncaught issues).
Dead code certainly could be removed, why it's not is a matter of speculation. It's not trivial to detect unused code, but it IS generally done by compilers during optimizations or semantic analysis (http://en.wikipedia.org/wiki/Control_flow_graph). For example, as part of it's optimizations, a compiler my remove unused code.
I'd guess there simply hasn't been a large enough issue to warrant it. There maybe strict/secure academic languages that do what you suggest, I'm not familiar with any though.
I'd guess there simply hasn't been a large enough issue to warrant it. There maybe strict/secure academic languages that do what you suggest, I'm not familiar with any though.