[rust-dev] Appeal for CORRECT, capable, future-proof math, pre-1.0

Patrick Walton pcwalton at mozilla.com
Sun Jan 12 17:30:12 PST 2014


On 1/12/14 5:22 PM, Daniel Micay wrote:
> As far as I know, doing more takes way too long. Eliminating array
> bounds checks and reasoning about arithmetic just doesn't really
> happen.

I think the jury is still out. See "A Fast and Low-Overhead Technique to 
Secure Programs Against Integer Overflows" by Rodrigues et al., CGO '2013:

http://homepages.dcc.ufmg.br/~fernando/publications/papers/CGO13_raphael.pdf

This has been implemented as an LLVM pass:

http://code.google.com/p/range-analysis/

They cite a slowdown of merely 1.73% on the LLVM benchmark suite with 
their analysis, which is quite impressive. Given that range analysis can 
also eliminate bounds checks in Rust, I suspect that this is worth pursuing.

That said I'm not sure we can gate 1.0 on this, since there's 
undoubtedly work needed to get this up to production quality. This is 
bleeding-edge stuff. However, I would personally definitely be 
interested in pursuing this post-1.0 for Servo and other apps that want 
to be hardened against overflows.

Patrick



More information about the Rust-dev mailing list