On 09/08/2015 05:45 PM, Jonathan Wakely wrote:
>> I doubt we can achieve the complexity goals in all cases. I expect that
>>
>> for (int i = 0; i < 10000; ++i) {
>> vector[i];
>> }
>>
>> is optimized away in default mode, but with _GLIBCXX_ASSERTIONS, it is
>> not.
>>
>> The last time I looked at this, GCC was unable to move bounds checks out
>> of loops.
>
> Maybe we don't want to make _FORTIFY_SOURCE imply _GLIBCXX_ASSERTIONS
> then, so they can be enabled independently. We don't have to make that
> decision right away.
I think we should try with _FORTIFY_SOURCE first. The above case looks
rather artificial. If there is a visible performance impact, maybe we
can get the compiler to eliminate the vector bounds checks in many cases.
--
Florian Weimer / Red Hat Product Security
