Your example seems contrived to me. No protection system is immune to error, just like none is immune to pretty spies; you might as well propose an example in which a bug causes the secret holder posts the secret on slashdot if the password is 123456789 
The question is whether ASLR adds anything useful and worth the nuisance. Or does it merely provide enough hocus-pocus that it can be successfully sold as a protection device. IMO, it’s only hocus-pocus when in well-structured protection environments. More, I consider it to be actually dangerous because it invites ignorant use leading to a false sense of security, which does nothing but help the exploiters.
I don’t think it’s evil; if it were already present on a system of mine then I would enable it. But I wouldn’t feel any more secure, and I wouldn’t put off restructuring the code.
Clearly your mileage varies, so we’ll have to leave it at that.