[Cryptography] Other obvious issues being ignored?
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sat Oct 24 22:00:47 EDT 2015
[Again combining several posts into one to save bandwidth]
Jerry Leichter <leichter at lrw.com> writes:
>Not that I can think of any compiler that chose this route.
Many of the commercial compilers, who as Mansour Moufid has pointed out have
obligations to their customers, do get it right. As I mentioned in a previous
posting, based on data taken from the SOSP paper, MSVC, armcc, suncc, and
IBM's xlc (all of which happen to be commercial products) are pretty good.
gcc is the exact opposite.
Mansour Moufid <mansourmoufid at gmail.com> writes:
>Those compilers have customers. GCC has users.
Good point. It gets scarier though when you look one step further downstream:
The customers of commercial-compiler customers are also customers. The
customers of gcc's users are... victims.
>The tragedy is when the GCC developers' abusive interpretations of the
>standard become the de facto standard.
It's sad to see that LLVM seems to be following gcc down the same rathole.
I'd always hoped that LLVM would gradually kill gcc and we'd finally be rid of
it, but in an attempt to supplant gcc they're also copying all of its
behaviour.
Watson Ladd <watsonbladd at gmail.com> writes:
>Does anyone have a minimal example on this list, and can point to the formal
>semantics and the standard with enough detail to demonstrate the existence of
>a gcc bug here?
It's not a gcc bug, the standard is written in such a manner that any
behaviour, literally anything, for example reformatting your hard drive, can
be claimed to be standards-compliant. gcc 1.17 actually did something like
that, although not quite as fatal:
execl("/usr/games/hack", "#pragma", 0); // try to run the game NetHack
execl("/usr/games/rogue", "#pragma", 0); // try to run the game Rogue
This is fully standards-compliant behaviour, since the magic UB has been
invoked and so the compiler can do anything it wants.
In the same situation, commercial-grade compilers issued a warning and
continued.
Peter.
More information about the cryptography
mailing list