[Cryptography] I don't get it.
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu Apr 17 23:53:29 EDT 2014
Peter Fairbrother <zenadsl6186 at zen.co.uk> writes:
>On 15/04/14 21:46, I wrote:
>[..]
>> Perhaps most of all, I wonder whether it would be a good idea to shoot
>> all the gcc developers.
>
>Well that caused no end of kerfuffle, both on and off list.
>
>Obviously I didn't mean it literally, if for no other reason that it wouldn't
>do any good - C and gcc are now far too well established.
You're forgetting clang. gcc is the compiler of last resort, the tool you use
if there's no other alternative. Its endless code-generation bugs are an
ongoing headache. The workarounds for compiler bugs in my code for gcc are
about an order of magnitude larger than *all other compilers combined*, and
the bug-rate seems to be constant over a twenty-year period. The devs ignore
requests for bug-fixes. There's behaviour in gcc that's utterly braindamaged
(see e.g. http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30475) but the devs will
spend more time arguing that it's OK to do this than it would take to fix it.
Another example is the totally braindamaged behaviour of -Wshadow, which took
a complaint from no less then Linus Torvalds to get fixed (see
http://lkml.org/lkml/2006/11/28/239, and even then it took them six years to
fix the problem). Out of many issues I've tried (unsuccessfully) to get
fixed, my pet peeve would be:
/*
but STDC_NONNULL_ARG (=> '__attribute__(( nonnull argIndex ))') is
downright dangerous since it'll break correctly functioning code.
[...]
STDC_NONNULL_ARG on the other hand is far more broken since the warnings
are issued by the front-end before data flow analysis occurs (so many
cases of NULL pointer use are missed) but then the optimiser takes the
annotation to mean that that value can never be NULL and *removes any
code that might check for a NULL pointer*! This is made even worse by
the awkward way that the annotation works, requiring hand-counting the
parameters and providing an index into the parameter list instead of
placing it next to the parameter as for STDC_UNUSED.
*/
That's got a code warning that not only doesn't do what it's supposed to, it
breaks existing, working code.
So while my general pacifist leanings would prevent me from helping you shoot
the developers, I'd be happy to hand you the ammunition and do the reloading.
Then we can all switch to clang and spend time finding bugs in our code rather
than bugs (or braindamage-by-design) in the compiler.
Peter.
More information about the cryptography
mailing list