Using checked overflow will
reduce the performance of most code with non-trivial usage of integer
arithmetic by 30-70%.
No, this view is overly pessimistic.
The last time we checked, Clang with the integer sanitizer turned on had
a little less than 30% overhead for SPEC CINT 2006, on average. Here
are the actual slowdowns:
400.perlbench 42.8%
401.bzip2 44.4%
403.gcc 12.7%
429.mcf 11.3%
445.gobmk 42.0%
456.hmmer 36.5%
458.sjeng 36.7%
462.libquantum 36.9%
464.h264ref 122.0%
471.omnetpp 4.8%
473.astar 16.1%
483.xalancbmk 12.4%
433.milc 22.7%
444.namd 15.5%
447.dealII 52.5%
450.soplex 17.5%
453.povray 11.0%
470.lbm 13.3%
482.sphinx3 34.3%
This was on some sort of Core i7.
Now consider that:
- This isn't only checking for signed overflows, it's checking for lossy
casts, shift past bitwidth, etc. -- the average overhead goes down to
20% if we only check for C/C++ undefined behaviors
- LLVM does a crap job in removing overflow checks; there's a ton of
room for improvement, and I believe this will start happening now due to
Swift
- We designed the integer sanitizer to be a debugger, not a production
tool, it has precise exception semantics which suppresses a lot of
integer optimizations; a more relaxed exception model like AIR/Ada would
permit most of LLVM's integer optimizations to keep working
John Regehr
_______________________________________________
Rust-dev mailing list
Rust-dev@mozilla.org
https://mail.mozilla.org/listinfo/rust-dev
