| Version | Supported |
|---|---|
| >= 0.5.0 | Yes |
| < 0.5.0 | No |
Only the latest patch release receives security updates. Versions prior to 0.5.0 have known correctness bugs (silent wrong results from powi on f32 tapes, NaN from Taylor::powi with negative base) and lack GPU cast safety auditing.
If you discover a security vulnerability, please report it responsibly:
- Do not open a public GitHub issue.
- Email security@entrolution.com with details of the vulnerability.
- Include steps to reproduce, if possible.
We aim to acknowledge reports within 48 hours and provide a fix or mitigation within 7 days for critical issues.
- NaN propagation for undefined derivatives (no panics on hot paths).
- All floating-point operations use standard Rust primitives.
echidna uses unsafe in the following scoped contexts:
| Location | Purpose |
|---|---|
tape.rs, bytecode_tape/thread_local.rs, taylor_dyn.rs |
Thread-local mutable pointer dereference for tape/arena access. Each is RAII-guarded: the pointer is valid for the lifetime of the enclosing scope guard. |
checkpoint.rs |
Byte-level transmutation (&[F] ↔ &[u8]) for disk-backed checkpoint serialisation. Relies on F: Float being f32/f64 (IEEE 754, no padding). |
gpu/cuda_backend.rs |
FFI kernel launches via cudarc. Each call passes validated buffer sizes and grid dimensions to the CUDA driver. |
traits/simba_impls.rs |
extract_unchecked / replace_unchecked for simba's SimdValue trait. Scalar types have only one lane, so the index is always 0. |