[Cryptography] GCC bug 30475 (was Re: bounded pointers in C)

Dennis E. Hamilton dennis.hamilton at acm.org
Thu May 1 14:39:13 EDT 2014 


    -----Original Message-----
    From: Jerry Leichter
    Sent: Thursday, May 1, 2014 09:50
    On May 1, 2014, at 11:50 AM, Dennis E. Hamilton <dennis.hamilton at acm.org> wrote:
    > It is interesting that we do not have the same complaint for Java
      and the .NET languages that use the same type names as the C Language,
      with similar limitations on arithmetic over those types....

      [ ... ] Good luck producing an efficient - or even reasonable - implementation
      of Java on a machine which uses 1's complement or sign-and-value as its native 
      representation.  These do still exist, and can be important, especially in 
      embedded applications and some "supercomputer" applications.

      [ ... ] Java originally specified FP arithmetic this tightly - and as a result 
      compliant, reasonably efficient implementations were *impossible* on tons of 
      hardware.  The Java community eventually backed off because this was an issue 
      for so much of what they decided was the Java audience; but when it comes to 
      other forms of integer arithmetic, they've effectively written off multiple 
      classes of machines.

It is interesting that the typical way to accommodate more platforms is to weaken the language specification (and, consequently, portability).  

My thinking is that it would be better to find ways to assert platform characteristics that are depended upon and make it explicit when a processor cannot satisfy that requirement.  Some implementations support outside-the-language solutions to that.  I don't know their efficacy.  It takes extra care and the appropriate practices may not be well-known.

None of the computers of my youth provided indexed addressing to the character-frame level, bytes or otherwise.  I think the best way to extend programming languages to bring such machines into portable reach is with higher-levels of abstraction, not what C/C++ provide.  

It appears there will always need to be (separate) ways to get to the metal and make it clear when that is being done and what the dependencies are.  For example, the NEWP language, whatever its similarity to ALGOL, is not at the ALGOL 60 level of abstraction, and it is not the programming language intended for routine application-software development: <https://en.wikipedia.org/wiki/NEWP>.  It has some pretty serious platform dependencies too.

 - Dennis

More information about the cryptography mailing list