On 1/12/14 5:22 PM, Daniel Micay wrote:
As far as I know, doing more takes way too long. Eliminating array
bounds checks and reasoning about arithmetic just doesn't really
happen.
I think the jury is still out. See "A Fast and Low-Overhead Technique to
Secure Programs Against Integer Overflows" by Rodrigues et al., CGO '2013:
http://homepages.dcc.ufmg.br/~fernando/publications/papers/CGO13_raphael.pdf
This has been implemented as an LLVM pass:
http://code.google.com/p/range-analysis/
They cite a slowdown of merely 1.73% on the LLVM benchmark suite with
their analysis, which is quite impressive. Given that range analysis can
also eliminate bounds checks in Rust, I suspect that this is worth pursuing.
That said I'm not sure we can gate 1.0 on this, since there's
undoubtedly work needed to get this up to production quality. This is
bleeding-edge stuff. However, I would personally definitely be
interested in pursuing this post-1.0 for Servo and other apps that want
to be hardened against overflows.
Patrick
_______________________________________________
Rust-dev mailing list
Rust-dev@mozilla.org
https://mail.mozilla.org/listinfo/rust-dev