A serious security bug... caused by no bounds checking.
Steven Schveighoffer
schveiguy at yahoo.com
Thu Apr 10 13:20:33 PDT 2014
On Thu, 10 Apr 2014 16:13:17 -0400, Brad Anderson <eco at gnuk.net> wrote:
> On Thursday, 10 April 2014 at 19:48:16 UTC, Steven Schveighoffer wrote:
>> On Thu, 10 Apr 2014 15:38:37 -0400, Tommi <tommitissari at hotmail.com>
>> wrote:
>>
>>> On Thursday, 10 April 2014 at 18:13:30 UTC, Steven Schveighoffer wrote:
>>>> As a general rule, first profile, then optimize.
>>>
>>> Exactly. I profile the difference between running with and without
>>> bounds checking. If the difference is deemed negligible for our
>>> purposes, we don't spend time and money in carefully optimizing away
>>> bound checks that are analyzed to be reasonably safe to remove. You
>>> need the compiler flag to potentially save you all the trouble.
>>
>> This is a weak argument. If you need to optimize, do it. Bounds
>> checking is one of a thousand different possible explanations for slow
>> code. You have to weigh that remote possibility with the threat of
>> accidentally/inadvertently neutering @safe.
>>
>> You also exaggerate the cost of changing a few @safe to @trusted. The
>> cost of adding the -noboundscheck flag to the build system in the right
>> places may be just as significant.
>>
>> -Steve
>
> Changing druntime and phobos is a much bigger deal than a flag.
It's not a flag, it's possibly rebuilding druntime/phobos in an unapproved
way.
-Steve
More information about the Digitalmars-d
mailing list