Sign in / up

* Posts by David Brown 2

9 publicly visible posts • joined 15 Jul 2009

How the GNU C Compiler became the Clippy of cryptography

David Brown 2
Reply Icon

C is not, and never has been, a "machine-independent assembly language". One of its aims - which it handles admirably - has been to reduce the need for developers to write assembly code. If you do not understand that C is a high-level programming language, defined in terms of an "abstract machine" and compilers generate code that matches this only on the "observable behaviour" (i.e., volatile accesses and data that goes into and out of the program), then you do not understand the language or the job of a compiler. I have been using gcc for embedded development for nearly three decades on some ten different target architectures - the GCC developers understand embedded development just fine. (Most of the time, anyway.)

0 0
David Brown 2
Reply Icon

It has never been that way with any of the C compilers I have used (and that's several dozens, on a dozen architectures, over three decades), except on rubbish tools. (And I've seen a few of these.)

It is not uncommon for compilers to have a few "experimental" flags for newer optimisations that are not well tested, but documentation generally marks them as such and they will not be enabled by typical "optimisation level" flags. Like most complex pieces of software, compilers have bugs, and it is fair to say that if you combine obscure or rare source constructs with new or rarely used optimisation passes, your risk of hitting a bug increase. But the risks are still small. (And the developer here is not seeing any kind of compiler bug.)

The reason optimisation appears to be "dangerous" to some people, is that they have subtle bugs in their code. If you have undefined behaviour in your code, you might well see different results depending on the optimisation passes enabled. But that's not because of "dangerous" optimisations - it's because of buggy source code.

And there is a standard C (several versions, the latest being C23). But standard C does not handle timing in any way, so the developer cannot express timing requirements in standard C. Thus he needs to use compiler features beyond that - such as the empty inline assembly.

1 0
David Brown 2
Reply Icon

Re: there isn't already a #pragma directive

Relying on "-O0" for effects is a bad idea. C compilation does not have a concept of "no optimisations"; and the passes used and code transforms applied at different optimisation levels varies for compiler versions. Modern gcc does plenty of transforms at -O0 that would have been considered "optimisations" in older generations. Sometimes there are specific compiler passes that you might want to disable manually with a pragma or function attribute, but the "empty assembly" trick is generally safer. (Volatile accesses might also be suitable, and more portable, but they may have efficiency issues.)

0 0
David Brown 2
Reply Icon

Why bother commenting about gcc flags if you have no idea what they do? -O3 does not mean "go as fast as possible", does not mean "break things", and does not mean "ignore no inline markers". When you say "literally", did you bother to read the literature - the gcc reference manual?

-O3 simply means enabling more optimisation passes than -O2, including some that may make the code bigger, may make some code slower rather than faster, and that may take noticeably longer to compile. Baring compiler bugs (which exist, but "wrong code" bugs are very rare in practice), correct C code gets compiled to assembly code with the same effect, regardless of optimisation flags.

The trouble here is that the developer wants "effects" such as constant time execution that cannot be expressed in C - and thus the compiler cannot give any guarantees about it. The developer must therefore find ways to express the semantics he wants, beyond those of C, in a way that the compiler can implement. The "obfuscate" empty inline assembly is a good way to handle this, though the name chosen is poor. (I have used such code myself, for other purposes.)

0 0

Wikimedia’s 25th birthday gift: Letting more AIs scour pages volunteers created

David Brown 2

This is surely a good thing

Surely this is good news.

It's good for AI users - the more AI trains on good, trustworthy sources like Wikipedia (it's not perfect, but it's better than anything else out there), the less nonsense these LLM's will regurgitate. And that means less crap that the rest of us have to see. I am no fan of LLM's - they use vast resources, cost the world vast sums of money, screw up the supply of IT hardware, and give nothing more than slop, politicised lies, and the occasional fake cat picture. But if the answers LLM's are based more from Wikipedia and less on idiots on Twatter, then that is a good thing.

It's good for Wikipedia, because it means more income for them to support their infrastructure - they can't run solely on volunteers. And that means users of Wikimedia can keep using it for free.

I use Wikipedia (and its sibling sites, like Wikibooks) a lot, privately and at work. And I have a standing monthly donation to them.

0 0

Norwegian lotto mistakenly told thousands they were filthy rich after math error

David Brown 2
Reply Icon

Re: "To them I can only say: Sorry!"

This is Norway we are talking about, not the USA. People got annoyed, but no one will be suing anyone.

The head of the lottery company has resigned, and there will likely be some regulatory rules imposed (such as mandatory testing!), and possibly corporate fines. There have been a few cock-ups by Norsk Tipping in recent times, so a change of leadership makes sense.

4 0

User couldn't open documents or turn on PC, still asked for reference as IT expert

David Brown 2
Reply Icon

Re: "two monitors plugged into each other, a USB mouse plugged in to an ethernet port"

It's easy to plug a USB cable (type "B" end) into an Ethernet RJ45 port. For some reason, I used to do it regularly with an embedded electronics card we had. I really should have known better - I had designed the card in the first place!

7 0

Microsoft urges Flash makers to pay fat dollar for exFAT format

David Brown 2
Reply Icon

ext2 is not proprietary to Linux

You have to distinguish between a file system format, and an implementation of the format. The Linux implementations of ext2, 3, 4 are GPL'ed, but the format itself is completely open and anyone is free to write their own implementations under any license they want. For example, there are non-GPL'ed implementations of ext2 available for Windows, Macs, and some BSDs, as well as small read-only implementations in things like bootloaders.

exFAT is very different in that various features of the format are protected by patents (in non-free countries), and by missing documentation. MS's aim is that you cannot implement exFAT without licensing their code.

0 0

MP asks UK.gov: Why are you still using IE6?

David Brown 2

At my company, IE is banned

At my company, IE is banned Employees can use Firefox or Opera - whatever major version they like, but with the latest updates as they come in. IE is simply too unsafe, and can't be updated without intrusive and potentially dangerous updates to the whole system.

I can't understand why an organisation would be so obsessive about sticking to IE. Any IT staff that claims they can't support users with mixes of browsers should be out of a job. Any PHB that makes claims about "training costs" should be out of a job too - IE users can learn to use Firefox within seconds.

Some organisations have legacy IE-specific internal web services designed by half-wits who don't understand the concept of "standard". It's safe enough to let people use IE (whatever version) for that sort of thing - just as long as they stick to a real browser for other sites.

0 0