Hacker News new | ask | show | jobs
by hovav 976 days ago
A JIT is a machine for turning logic bugs into memory unsafety. Rewriting a JIT in Rust won't eliminate logic bugs and won't guarantee memory safety for the binary output of the JIT (as distinct from the JIT implementation itself).
2 comments
infogulch 976 days ago
Agreed. But the way you put it makes me wonder how many memory safety vulns have been found in JIT implementations (not the machine code they output).
link
nextaccountic 976 days ago
Okay, but in this case software verification like with Coq or F* could help
link
hovav 976 days ago
Yes! See, e.g., Fraser Brown et al., "Towards a Verified Range Analysis for JavaScript JITs," in proc. PLDI 2020, https://www.cs.utexas.edu/~hovav/dist/vera.pdf
link