Re: Thou shalt have no other gods before the ANSI C standard
From: Tom Linden (tom_at_kednos.com)
Date: 02/28/05
- Next message: Randy Howard: "Re: Thou shalt have no other gods before the ANSI C standard"
- Previous message: spinoza1111_at_yahoo.com: "Re: [XPOST] A unique number for every "person" - can it be done?"
- In reply to: David Wagner: "Re: Thou shalt have no other gods before the ANSI C standard"
- Next in thread: Randy Howard: "Re: Thou shalt have no other gods before the ANSI C standard"
- Reply: Randy Howard: "Re: Thou shalt have no other gods before the ANSI C standard"
- Reply: Trevor L. Jackson, III: "Re: Thou shalt have no other gods before the ANSI C standard"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 27 Feb 2005 18:10:57 -0800
On Sun, 27 Feb 2005 22:12:33 +0000 (UTC), David Wagner
<daw@taverner.cs.berkeley.edu> wrote:
> Morten Reistad wrote:
>> Don't put too much emphasis on performance problems when the product
>> itself is to enhance security. Previously in this thread we seemed
>> near a consensus that memory-safe languages carry an overhead of 5-15%
>> in terms of execution time.
>
> I agree completely with the first sentence. But just to make sure
> you're not underestimating the costs, I want to make sure you are aware
> that the 5-15% figure might be optimistic.
>
> If we're talking about bounds-checked versions of C, you should be
> prepared for something more like 50% (or even 100% in some bad cases)
> overhead. If we're talking about other languages, then I don't know
> what kind of overhead to expect, but I wouldn't be surprised if it is
> measurably more than 15% overhead.
I think we are going about this all wrong. First we create this euphemism,
"memory safe" and its cost to justify doing a number of things in a less
than
desirable way. I would like to suggest that we consider this as a mandate
and see where it takes you. If it costs 50% more to implement the heap
manager, then so be it. Maybe we need to rethink some fundemantals here.
I have always regarded range/bounds checking and exception handling as
necessary and integral to well designed code.
-- Using Opera's revolutionary e-mail client: http://www.opera.com/m2/
- Next message: Randy Howard: "Re: Thou shalt have no other gods before the ANSI C standard"
- Previous message: spinoza1111_at_yahoo.com: "Re: [XPOST] A unique number for every "person" - can it be done?"
- In reply to: David Wagner: "Re: Thou shalt have no other gods before the ANSI C standard"
- Next in thread: Randy Howard: "Re: Thou shalt have no other gods before the ANSI C standard"
- Reply: Randy Howard: "Re: Thou shalt have no other gods before the ANSI C standard"
- Reply: Trevor L. Jackson, III: "Re: Thou shalt have no other gods before the ANSI C standard"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
