runtime safety for branching on undefined values and other undefined behavior caused by undefined values

ziglang / zig

General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.

https://ziglang.org

MIT License

33.67k stars 2.47k forks source link

runtime safety for branching on undefined values and other undefined behavior caused by undefined values #63

Open andrewrk opened 8 years ago

andrewrk commented 8 years ago

test "runtime safety for branching on undefined value" {
    var x: u8 = undefined;
    const y = if (x) i32(1) else i32(2);
}

expected output: the runtime calls @panic("branch on undefined value")

andrewrk commented 5 years ago

Related: #1966

After solving #1947, this issue will be for implementing runtime safety for undefined behavior caused by any of the reasons listed in #1947.

ifreund commented 1 year ago

LLVM has a MemorySanitizer that can detect uninitialized reads with supposedly only 2-3x slowdown compared to 20-30x under valgrind. It has quite a few limitations however: https://clang.llvm.org/docs/MemorySanitizer.html

There's a paper on the implementation titled "MemorySanitizer: fast detector of uninitialized memory use in C++" which looks to be valuable reading for anyone looking into this kind of runtime safety check for zig: https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/43308.pdf

matu3ba commented 1 year ago

Additional drawback as mentioned in https://github.com/ziglang/zig/issues/2301#issuecomment-838000424:

With this approach for checking UUM => 2.5x compiletime cost, 2x memory. However, this approach still includes false negatives (there can be UUM even though the check says there is none).