[Cryptography] GCC bug 30475

Nemo nemo at self-evident.org
Fri May 2 18:02:10 EDT 2014


Jerry Leichter <leichter at lrw.com> writes:

> "Some" implementations?  This is the original x86 FPU semantics, the
> ones present on every 32-bit x86 CPU ever built.  I haven't had any
> reason to keep up, and I don't know if the most recent FP instruction
> sets still do the same thing; I suspect they might very well.

Only if your compiler actually emits x87 instructions, which it probably
will not unless you ask for a "long double" and/or target very old CPUs.

Modern x86/x86_64 processors have SSE (or AVX) instructions, which
operate on 2 (or 4) 64-bit doubles at a time with very low latency and
proper IEEE-754 behavior. Modern compilers tend to emit such
instructions, which are both faster and avoid the "extra precision".

Still, C and C++ are arguably too under-specified for serious numerical
work.

> Initially both x and y are 0
> Thread 1	Thread 2
> x = 1;          print x;
> y = 1;          print y;
>
> What can thread 2 print?  There are three obvious possibilities:
>
> 0 0     - Thread 2 completes before thread 1
> 1 1     - Thread 1 completes before thread 2
> 1 0     - Thread 1 executes its first statement, then thread 2 completes
>
> But 0 1 is impossible.

I believe you botched this example. Consider the sequence:

  Thread 2 prints x ("0")
  Thread 1 assigns to x
  Thread 1 assigns to y
  Thread 2 prints y ("1")

As written, your example might output any of the four possible
combinations, even with no reordering of loads and stores.

The corrected version of this example is one I like to use myself; see
http://stackoverflow.com/a/6319356/768469.

In another message, you write:

> A good implementation might include things like:
>
> #define SIGNED_OVERFLOW_IS_2S_COMPLEMENT

C++11 provides std::numeric_limits<int>::is_modulo with exactly these
semantics:

  http://en.cppreference.com/w/cpp/types/numeric_limits/is_modulo

...but I know of no optimizing C++11 compiler for which it is "true".

 - Nemo
   https://self-evident.org/


More information about the cryptography mailing list