On 31 Jul 2013, at 21:31, "Jonathan S. Shapiro" <[email protected]> wrote: > A correct optimizer cannot perform an optimization whose correctness > preconditions are violated by any legally feasible execution. > > In short, if the CLR allows the code to happen, the optimizer has to be > defensive about it.
I think I understand why this is however I fear I've missed something unless you were talking in absolutes because optimisations requiring whole program compilation are not relevant to BitC. If I'm linking to code I've no control over I have to account for the fact that it may do anything the runtime allows, even if that violates the semantics of the language I'm compiling from. My threat model consists of: 1) Compiler bugs 2) Linking code output by different compilers which have mismatched ideas about which runtime features are "banned" 3) Linking to code crafted by a malicious 3rd party If we were only interested in whole program compilation we could ignore 2) and 3). If we then define a subset of the runtime features we're targeting we may be able to perform additional optimisations, so long as we accept an increased risk of 1). At the moment I can't think of any other situations where such optimisations might be considered safe.
_______________________________________________ bitc-dev mailing list [email protected] http://www.coyotos.org/mailman/listinfo/bitc-dev
