[Cryptography] Just turn off C-optimization?
Viktor Dukhovni
cryptography at dukhovni.org
Fri Apr 18 18:31:57 EDT 2014
On Fri, Apr 18, 2014 at 06:09:03PM -0400, Phillip Hallam-Baker wrote:
> Perhaps we could reduce errors by simply turning of optimization in
> the C compilers? If the optimizer does not do the right thing then I
> don't want it used. And the semantics of C make it next to impossible
> to get the optimizer right.
There is a widely circulated urban myth that C compilers are more
likely to behave correctly when optimizing, because that's how they
are used most of the time, and most code is tested compiled with
optimization.
So turning off optimization may lead expose rare compiler bugs.
> Alternatively writing a set of string handling, memory management etc
> routines that can be compiled without the optimizer and linked from
> the rest of the crypto code.
If one writes a safe string library with great care, it need not
avoid optimization. It just needs to not be improved by non-experts.
--
Viktor.
More information about the cryptography
mailing list