CyberKnights Logo, click for background info Random banner image

CyberKnights

Modern tools.
Traditional dedication.

Previous page Home | Purpose | Linux | Products | Legality | Special | Downloads | Articles | Contact Next page

Eliding Dead Code

From:Leon Brooks <leon AT cyberknights.com.au>
Organization:CyberKnights - modern tools, traditional dedication
To:Joseph D. Wagner <wagnerjd AT prodigy.net>
Subject:Authoritatively wrong at the top of your voice?
Date:Tue, 31 Dec 2002 18:22:25 +0800
User-Agent:KMail/1.4.3
Cc:Scott McCollum <scott AT worldtechtribune.com>, Linux Weekly News <letters AT lwn.net>
Message-Id:<200212311822.25360.leon AT cyberknights.com.au>

Quoting:

http://www.worldtechtribune.com/worldtechtribune/asparticles/buzz/bz12282002.asp

So being the nice guy that I am, I posted a bug report on the GNU GCC compiler [and was told] “A workaround exists so we’re leaving up to each individual programmer to correct and workaround this bug,” and this one takes the cake, ”Well, technically it’s not a bug.” [...]

Langley enlightened me that a strict interpretation of the ISO 9899 specifications meant that the dead store removal was a valid optimization even if the optimization removed code necessary for security, so technically it’s not a bug.

Well... I’m not a compiler guru or anything like it, I just use the things. IMESHO he’s right.

If you declared SecretStuff to be a pointer to ‘volatile’ chars and the compiler still elided the invocation of EraseSecretStuff(), that I would call a bug, otherwise no, it’s not even technically a bug.

The C98 standard explicitly renounces any such guarantees on plain/vanilla variables, as discussed here:

http://www.mail-archive.com/cryptography AT wasabisystems.com/msg03086.html

I draw your attention to this phrase, quoted from ISO/IEC 9899/1999 5.1.2.3:

An actual implementation need not evaluate part of an expression if it can deduce that its value is not used and that no needed side effects are produced (including any caused by calling a function or accessing a volatile object).

As to not getting a sensible response, this one closing your “bug” looks quite clear:

http://www.geocrawler.com/mail/msg.php3?msg_id=10190537&list=356

The same behaviour is seen in other (e.g. Intel) compilers. Even “The Great Subverter of Standards for Profit, Inc” agrees with this PoV:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vclang98/html/_pluslang_const_and_volatile_pointers.asp

...and here the author suggests ‘#pragma dont_remove_this_code_you_bastard’...

http://msdn.microsoft.com/library/en-us/dncode/html/secure10102002.asp

...but again all that should need to be done is use ‘volatile’ and if that doesn’t work the compiler is broken.

If my compiler was told to optimise and _didn’t_ remove your code - absent an appropriate ‘volatile’ - I’d consider it broken. Lowly BDS C was doing that kind of optimisation under CP/M over 20 years ago.

A friend of mine was bitten by optimisation when benchmarking the Vax ForTran compiler some years ago; the compiler had optimised his entire benchmark into a single print-string-and-exit system call with a constant string containing the final results.

Perhaps it would be good to wonder if perhaps the people you’re dealing with might be a tad experienced in what they do, and you not? Perhaps you got short shrift from them because this has happened often enough to be a FAQ entry? (That’s a hint, if any of the GCC team are reading this)

The GCC team maintain a C compiler, not a Scott-thinks-it-should-do-this compiler, and here you are, wrong and sounding off in public - and getting quoted and linked hither and yon. Embarrassing, no?

Worse still, your whole argument about the quality of Open Source Software and its utility outside a “limited place under limited circumstances” rests on this presumptuous mistake.

This has had two effects: your argument collapses, which is an order of magnitude more embarrassing than the original mistake, and some people will continue to believe your mistaken argument even if you now retract it.

What are you going to do about it?

Cheers; Leon

 

[Archived at http://cyberknights.com.au/articles/eliding-dead-code.html ]


http://www.cyberknights.com.au/ Modern tools, traditional dedication
http://slpwa.linux.org.au/ Member, Linux Professionals West Aus
http://conf.linux.org.au/ THE Australian Linux Technical Conf:
 22-25 January 2003, Perth: be there!

Received:from smtp809.mail.sc5.yahoo.com (smtp809.mail.sc5.yahoo.com [66.163.168.188]) by mail.old-firestation.net (Postfix) with SMTP id 328933240BB for <leon AT cyberknights.com.au>; Wed, 1 Jan 2003 03:56:02 +0800 (WST)
Received:from dialup-65.57.14.21.dial1.chicago1.level3.net (HELO joe) (wagnerjd AT prodigy.net AT 65.57.14.21 with login) by smtp-sbc-v1.mail.vip.sc5.yahoo.com with SMTP; 31 Dec 2002 19:55:57 -0000
From:Joseph D. Wagner <wagnerjd AT prodigy.net>
To:Leon Brooks <leon AT cyberknights.com.au>
Cc:Scott McCollum <scott AT worldtechtribune.com>, Linux Weekly News <letters AT lwn.net>
Subject:RE: Authoritatively wrong at the top of your voice?
Date:Tue, 31 Dec 2002 13:55:51 -0600
Message-ID:<000601c2b106$a3ec2ec0$150e3941 AT joe>
X-Mailer:Microsoft Outlook, Build 10.0.4510
X-MimeOLE:Produced By Microsoft MimeOLE V6.00.2800.1106
In-Reply-To:<200212311822.25360.leon AT cyberknights.com.au>

If you declared SecretStuff to be a pointer to ‘volatile’ chars and the compiler still elided the invocation of EraseSecretStuff(), that I would call a bug, otherwise no, it’s not even technically a bug.

The C98 standard explicitly renounces any such guarantees on plain/vanilla variables, as discus[s]ed here:

http://www.mail-archive.com/cryptography AT wasabisystems.com/msg03086.html

I draw your attention to this phrase, quoted from ISO/IEC 9899/1999 5.1.2.3:

[trimmed]

I admit to everything you’ve just said at the end of my article. Perhaps you should read the entire article before commenting.

As to not getting a sensible response, this one closing your “bug” looks quite clear:

http://www.geocrawler.com/mail/msg.php3?msg_id=3D10190537&list=3D356

Well, I guess that depends on your definition of the word “clear.” It wasn’t clear to me, and since I was the one making the bug report, my understanding is the one that counts.

I received a full paragraph explanation from that nice guy in Langley who was much "clearer."

The same behaviour is seen in other (e.g. Intel) compilers. Even “The Great Subverter of Standards for Profit, Inc” agrees with this PoV:

http://msdn.microsoft.com/library/[trimmed by LB]/_pluslang_const_and_volatile_pointers.asp

The difference is that Microsoft’s PoV is well documented. GCC’s responses seem to be whatever convoluted crap one can type on a keyboard in 15 seconds or less.

...and here the author suggests ‘#pragma dont_remove_this_code_you_bastard’...

http://msdn.microsoft.com/library/en-us/dncode/html/secure10102002.asp

Ah, but Microsoft users (and I think Borland users) at least have that option, but GCC users don’t. I even humbly say in my bug report that if GCC has this ability and I’m wrong about it that someone should correct me, but no one does.

...but again all that should need to be done is use ‘volatile’ and if that doesn’t work the compiler is broken.

[trimmed]

Perhaps it would be good to wonder if perhaps the people you’re dealing with might be a tad experienced in what they do, and you not? Perhaps you got short shrift from them because this has happened often enough to be a FAQ=20 entry? (That’s a hint, if any of the GCC team are reading this)

But who’s going to want to learn if every response they get is snippy? Who’s going to want to use a compiler that’s not well documented?

The GCC team maintain a C compiler, not a Scott-thinks-it-should-do-this compiler, and here you are, wrong and sounding off in public - and getting quoted and linked hither and yon. Embarrassing, no?

No, not embarrassing. How did Microsoft get to be number one? How did they attain 90% market share? They did it my making a checkbox or option button for every possible, conceivable function. They did it my making their products EASY-TO-USE and WELL-DOCUMENTED.

GCC *may* generate superior code, but who’s going to use it if it’s not EASY-TO-USE and WELL-DOCUMENTED?

Look at it from another angle. You don’t have to read "Operating System Concepts" in order to use an operating system. You don’t have to understand how a car works in order to drive. You don’t even have to know everything about English in order to speak it. Likewise, you shouldn’t have to read the C++ standard (776 pages in all its glory) in order to have to use a C++ compiler.

Worse still, your whole argument about the quality of Open Source Software and its utility outside a "limited place under limited circumstances" rests on this presumptuous mistake.

No, that part is my personal option, and I explicitly state it as such. I’m not trying to convince anybody of that.

[trimmed] even if you now retract it.

LOL! Hahahahahhahahahhahh.

I stand behind every word I said.

What are you going to do about it?

I’ve done everything I can about it. I tried to help; I told the world about the problem. What more can I do? I wash my hands of the situation. I’m going back to supporting Microsoft Visual Studio .NET 2002 as the de facto standard in compiler technology.

Joseph Wagner


From:Leon Brooks <leon AT cyberknights.com.au>
Organization:CyberKnights - modern tools, traditional dedication
To:Joseph D. Wagner <wagnerjd AT prodigy.net>
Subject:Re: Authoritatively wrong at the top of your voice?
Date:Wed, 1 Jan 2003 10:59:38 +0800
User-Agent:KMail/1.4.3
Cc:Scott McCollum <scott AT worldtechtribune.com>, Linux Weekly News <letters AT lwn.net>
References:<000601c2b106$a3ec2ec0$150e3941 AT joe>
In-Reply-To:<000601c2b106$a3ec2ec0$150e3941 AT joe>
Message-Id:<200301011059.38254.leon AT cyberknights.com.au>

On Wednesday 01 January 2003 03:55 am, Joseph D. Wagner wrote:

What are you going to do about it?

I’ve done everything I can about it. I tried to help; I told the world about the problem. What more can I do? I wash my hands of the situation. I’m going back to supporting Microsoft Visual Studio .NET 2002 as the de facto standard in compiler technology.

You’re still not making sense. VC(++).NET does exactly the same thing as GCC in this case, and according to exactly the same documentation.

From an outsider’s PoV it looks very much like sour grapes. GCC supports the standard (as does VC), you didn’t like that because it wasn’t what you were expecting, so complained, and got slapped down. Would you have turned to GCC if you’d complained on a VC mailing list (which you don’t even have access to anyway) and got slapped down there? I don’t think so.

In short, you’ve done “everything you can” except admit the real basis of your problem and make good the collateral damage from it.

I’d appreciate it if you don’t badmouth software you didn’t pay for and which happens to have compiled the software running the largest number of servers in the world, and happens to have compiled the approximately 3GB of software which is installed and running reliably on this workstation.

If you want to run to Papa Microsoft, that’s your right, and I’m fine with you telling people that you did. I’m not fine with you ingraciously slighting my free, reliable tools of trade on the way. If you don’t like the standard, take that up with ISO, don’t slag down GCC for keeping it, and why haven’t you slagged down Microsoft for keeping the same standard?

Cheers; Leon


http://www.cyberknights.com.au/ Modern tools, traditional dedication
http://slpwa.linux.org.au/ Member, Linux Professionals West Aus
http://conf.linux.org.au/ THE Australian Linux Technical Conf:
 22-25 January 2003, Perth: be there!

Received:from smtp801.mail.sc5.yahoo.com (smtp801.mail.sc5.yahoo.com [66.163.168.180]) by mail.old-firestation.net (Postfix) with SMTP id 07A3E3240BB for <leon AT cyberknights.com.au>; Wed, 1 Jan 2003 11:34:13 +0800 (WST)
Received:from dialup-65.58.47.173.dial1.chicago1.level3.net (HELO joe) (wagnerjd AT prodigy.net AT 65.58.47.173 with login) by smtp-sbc-v1.mail.vip.sc5.yahoo.com with SMTP; 1 Jan 2003 03:34:08 -0000
From:Joseph D. Wagner <wagnerjd AT prodigy.net>
To:Leon Brooks <leon AT cyberknights.com.au>
Cc:Scott McCollum <scott AT worldtechtribune.com>, Linux Weekly News <letters AT lwn.net>
Subject:RE: Authoritatively wrong at the top of your voice?
Date:Tue, 31 Dec 2002 21:33:53 -0600
Message-ID:<001301c2b146$a6688550$ad2f3a41 AT joe>
X-Mailer:Microsoft Outlook, Build 10.0.4510
In-Reply-To:<200301011059.38254.leon AT cyberknights.com.au>
X-MimeOLE:Produced By Microsoft MimeOLE V6.00.2800.1106

I’d appreciate it if you don’t badmouth software you didn’t pay for

Unlike Australia, the United States of America has something called "Freedom of Speech" which means that I can badmouth whomever I want, whatever I want, whenever I want, wherever I want, and there’s not a damn thing you can do about it. It means that those who enjoy this freedom are free to disagree with me, and publicly so, BUT DON’T YOU EVER TRY TO TAKE AWAY MY RIGHT TO FREE SPEECH!

which happens to have compiled the software running the largest number of servers in the world

Not so. Microsoft still holds the lead with Windows NT 4.0 Server, Windows 2000 Server, and Windows .NET Beta Server 2002 (though not necessarily in that order).

Why haven’t you slagged down Microsoft for keeping the same standard?

Because Microsoft (and Borland) developed workarounds for these problems as extension[s] to their compiler and then heavily documented them.

GCC leaves the workaround ENTIRELY to the programmer and has NO DOCUMENTATION in this problem.

At least Microsoft and Borland are trying to accommodate the average programmer. You see, they believe that “If technology doesn’t work for people, it doesn’t work.”

Joseph Wagner


From:Leon Brooks <leon AT cyberknights.com.au>
Organization:CyberKnights - modern tools, traditional dedication
To:Joseph D. Wagner <wagnerjd AT prodigy.net>
Subject:Re: Authoritatively wrong at the top of your voice?
Date:Wed, 1 Jan 2003 12:02:06 +0800
User-Agent:KMail/1.4.3
Cc:Scott McCollum <scott AT worldtechtribune.com>, Linux Weekly News <letters AT lwn.net>
References:<001301c2b146$a6688550$ad2f3a41 AT joe>
In-Reply-To:<001301c2b146$a6688550$ad2f3a41 AT joe>
Message-Id:<200301011202.06966.leon AT cyberknights.com.au>

For Scott and LWN:

See http://cyberknights.com.au/articles/eliding-dead-code.html for the rest of this debate as it occurs.

Cheers; Leon


http://www.cyberknights.com.au/ Modern tools, traditional dedication
http://slpwa.linux.org.au/ Member, Linux Professionals West Aus
http://conf.linux.org.au/ THE Australian Linux Technical Conf:
 22-25 January 2003, Perth: be there!

From:Leon Brooks <leon AT cyberknights.com.au>
Organization:CyberKnights - modern tools, traditional dedication
To:"Joseph D. Wagner" <wagnerjd AT prodigy.net>
Subject:Re: Authoritatively wrong at the top of your voice?
Date:Wed, 1 Jan 2003 12:02:05 +0800
User-Agent:KMail/1.4.3
References:<001301c2b146$a6688550$ad2f3a41 AT joe>
In-Reply-To:<001301c2b146$a6688550$ad2f3a41 AT joe>
Message-Id:<200301011202.05631.leon AT cyberknights.com.au>

On Wednesday 01 January 2003 11:33 am, Joseph D. Wagner wrote:

Unlike Australia, the United States of America has something called "Freedom of Speech" which means that I can badmouth whomever I want, whatever I want, whenever I want, wherever I want, and there’s not a damn thing you can do about it.

Australia also has free speech, and like the USA also has laws eroding that freedom and many others.

There *is* something I can do about it, and you’re reading that something now.

It means that those who enjoy this freedom are free to disagree with me, and publicly so, BUT DON’T YOU EVER TRY TO TAKE AWAY MY RIGHT TO FREE SPEECH!

I haven’t. Is it the kind of thing you’re likely to want to do to me?

which happens to have compiled the software running the largest number of servers in the world

Not so. Microsoft still holds the lead with Windows NT 4.0 Server, Windows 2000 Server, and Windows .NET Beta Server 2002 (though not necessarily in that order).

Not so, you are relying on *sales* figures. Sales, contrary to Microsoft’s opinion, are not reality.

Why haven’t you slagged down Microsoft for keeping the same standard?

Because Microsoft (and Borland) developed workarounds for these problems as extension to their compiler and then heavily documented them.

GCC leaves the workaround ENTIRELY to the programmer and has NO DOCUMENTATION in this problem.

As has already been pointed out, the workaround is intelligent use of the standard ‘volatile’ keyword, which is documented in the C standard itself. Simple, clear, precise.

A FAQ entry would be nice, it’s true, and I’ll ask the GCC crew to include one but if you’re programming at that level of detail and don’t know about such issues, you’re out of your depth.

It’s like complaining because your car’s manufacturer didn’t include a detailed explanation in the Owner’s Manual of how the tyres do their job. If you run your tyres too close to their limits, you come unstuck. Sure, it’s nice if the manual says “don’t brake hard and steer hard at the same time because your tyres will let go” but if you’re pushing the envelope without understanding, and relying on the Owner’s Manual to save you, then you’d better have good insurance.

At least Microsoft and Borland are trying to accommodate the average programmer. You see, they believe that “If technology doesn’t work for people, it doesn’t work.”

Really, if you don’t know what you’re doing, you *need* to get into trouble. Your issue with optimisation is a symptom of a bug in your understanding of C, you should be fixing that understanding and/or suggesting a FAQ entry instead of calling your own shortfall a compiler bug.

A detailed exposition on your original reply is on its way.

Cheers; Leon


http://www.cyberknights.com.au/ Modern tools, traditional dedication
http://slpwa.linux.org.au/ Member, Linux Professionals West Aus
http://conf.linux.org.au/ THE Australian Linux Technical Conf:
 22-25 January 2003, Perth: be there!

From: Leon Brooks <leon AT cyberknights.com.au>
Organization: CyberKnights - modern tools, traditional dedication
To: Joseph D. Wagner <wagnerjd AT prodigy.net>
Subject: Re: Authoritatively wrong at the top of your voice?
Date: Wed, 1 Jan 2003 13:34:24 +0800
User-Agent: KMail/1.4.3
References: <000601c2b106$a3ec2ec0$150e3941 AT joe>
In-Reply-To: <000601c2b106$a3ec2ec0$150e3941 AT joe>
Message-Id: <200301011334.24372.leon AT cyberknights.com.au>

On Wednesday 01 January 2003 03:55 am, Joseph D. Wagner wrote:

If you declared SecretStuff to be a pointer to ‘volatile’ chars and the compiler still elided the invocation of EraseSecretStuff(), that I would call a bug, otherwise no, it‘s not even technically a bug.

The C98 standard explicitly renounces any such guarantees on plain/vanilla variables,

[trimmed]

I admit to everything you’ve just said at the end of my article.

No, you don’t. You make totally subjective statements about the need to use switches, and about the kinds of bugs gcc sees.

The difference is that Microsoft’s PoV is well documented. GCC’s responses seem to be whatever convoluted crap one can type on a keyboard in 15 seconds or less.

Do you participate in Microsoft’s compiler *development* lists? Or are you content to rest on an obscure MSDN article that you wouldn’t have known about before you had the problem in any case?

...and here the author suggests ‘#pragma dont_remove_this_code_you_bastard’...

Ah, but Microsoft users (and I think Borland users) at least have that option, but GCC users don’t. I even humbly say in my bug report that if GCC has this ability and I’m wrong about it that someone should correct me, but no one does.

GCC users do. It’s called correct use of the ‘volatile’ keyword. It doesn’t require extra syntactic bandaids.

...but again all that should need to be done is use ‘volatile’ and if that doesn’t work the compiler is broken.

[trimmed]

Perhaps it would be good to wonder if perhaps the people you’re dealing with might be a tad experienced in what they do, and you not? Perhaps you got short shrift from them because this has happened often enough to be a FAQ entry? (That’s a hint, if any of the GCC team are reading this)

But who’s going to want to learn if every response they get is snippy?

More people than are going to learn if they don’t even get a response.

Who’s going to want to use a compiler that’s not well documented?

Me. I’d rather they put the effort into making the compiler excellent.

Regardless, the documentation is there. Pardon me for labouring this point, but you seem to consistently not understand it.

I would expect to see your particular issue called out in a C programming tutorial on the topic, but whether it got explicit mention in the compiler docs or not is up to the individual implementors, because it is covered in the standard.

Even if the memory does get cleared, it’s good practice to put in an exit trap that explicitly zeroes all of your storage if the OS doesn’t do that for you already. I understand that this is more of an issue with Windows’ sucky memory management than under, say, Linux, but if that’s your worry, why not run under a secure OS in the first place?

Aside from this one issue, you seem to use Microsoft products wall-to-wall. If you’re so blindly happy about them, why are you using alternatives?

The GCC team maintain a C compiler, not a Scott-thinks-it-should-do-this compiler, and here you are, wrong and sounding off in public - and getting quoted and linked hither and yon. Embarrassing, no?

No, not embarrassing. How did Microsoft get to be number one?

That’s the subject [of] several lawsuits at the moment. Certainly ‘on merit’ would be an astonishingly naive reply.

How did they attain 90% market share?

You don’t really want to know... but I’ll tell you anyway.

They did it by buying or stealing innovative competitors in whatever market they wanted to enter. Bill’s first ever product was a BASIC interpreter, and he started out by lying, saying that it was working, then he and two others (One of whom, the one who did the hardest bits, doesn’t even get a *mention* anywhere on Microsoft’s massive web presence) wrote it post facto. It set a precedent by being full of bugs.

Microsoft lied again, telling IBM that they had a DOS for IBM’s PCs, then bought QDOS (Quick and Dirty OS) and hurriedly turned that into MS-DOS which was then tied to the majority of PCs sold. Quality had nothing to do with it, market tying was the key. “DOS ain’t done ’till Lotus [1-2-3] won’t run” was the Microsoft programming slogan for a while as they ‘untied’ DOS from competitors to MultiPlan (which was actually a nice portable piece of code not originally written by Microsoft but flopped anyway because 1-2-3 had the features people needed).

Nothing in the Windows 9X series was innovative or high quality. Most concepts and sometimes even code were stolen from Apple, QuarterDeck and others. Including, it must be noted, a lot of BSD code which saw its first public acknowledgement in Windows XP (a decade down the track). The early versions of Windows had fixed-sized elevators even though the programmers responsible started out with the view-sized elevators we have today. Bill nixed the idea because it didn’t look like the Mac. The one piece of encrypted code in Windows 3.11 was there to crash if it was run under the superior DR-DOS. Product tying again, DR-DOS was (is) higher quality code, more robust, more featureful, smaller, faster, more timesharing features, better and more portable utilities (the features from some of which Microsoft later copies in MS-DOS 6.*).

Microsoft hired the people at DEC (Digital Equipment Corporation) who had been working on an advanced version of VMS called MICA. These people somehow remembered everything they’d done, because early versions on Windows NT were “spelling error compatible“ with MICA. In short, Microsoft appear to have stolen MICA and badge-engineered it to be Windows NT. Among the first of the things they did was botch the hereinbefore excellent security of MICA by bolting monstrosities like the registry onto it.

Meanwhile, they gypped SpyGlass Systems out of millions of dollars by agreeing to pay them a percentage of the profits on IE, then almost immediately burying those profits in the OS and distributing IE for free with it. They then went on a barnacle-adding spree which easily outreached Netscape’s most flagrant abominations with Navigator, and started tying all of their products into these Windows-specific non-standard extensions. Market tying again.

IE, IIS, Windows and so forth all have miserable security records that don’t look like getting ever getting finally laid to rest. The character of those vulnerabilities is most telling: many of them give the attacker total control of the entire machine, rather than limited control of some small niche. The reason for this is the “ease of use” so favoured by you.

They did it my making a checkbox or option button for every possible, conceivable function. They did it my making their products EASY-TO-USE and WELL-DOCUMENTED.

Well documented? I’ve used Microsoft’s help systems since 1980, and you generally get a choice of poorly indexed material written by someone who doesn’t understand what it’s like to not know the material they’re writing about, or TFPC (AKA Clippy) and have to answer a dozen inane questions to get to the information you need.

Type ‘ping /?’ at a Microsoft command prompt, because all of Microsoft’s commands have help available using /? and ping will tell you that it can’t find a host called ‘/?’. Route /? at least gives you an error message. Very few of the many Unix commands lack a man page, and those that do will respond to ‘--help’. Not bad for thousands (3707 on this box) of utilities written by thousands of different people and no standards-meister overseeing them with a fi[n]ancial whip.

The decent documentation comes largely from third parties, and in fact much of the worthwhile documentation which _is_ available from Microsoft is badge-engineered third-party work.

GCC *may* generate superior code, but who’s going to use it if it’s not EASY-TO-USE and WELL-DOCUMENTED?

Lots of people. Unlike the Windows tools, gcc is generalised. I use it whenever I do a “make” or rebuild an RPM package (and I only ever do those things because I tinker with stuff, you average Linux user never even knows such levels exist, let alone drills down to them).

I use gcc for my own programming, and if security was at all important to me I’ve save a core-dump of the app and scan it to make damn sure the password was 100% gone.

Look at it from another angle. You don’t have to read “Operating System Concepts” in order to use an operating system.

No, but to build one or to build a tool that makes good use of one, you do. Glomming a whole file into a char array might be appropriate in some places and not in others. Some machines, some OSes would be quite happy to have you inhale a CD image and play with it, others would bork completely, and the difference lies in the OS and corresponding runtime library implementations.

You don’t have to understand how a car works in order to drive.

True but not relevant. You have to understand automoti[v]e security if you are ever to store valuables in your car, else you’ll lose them (and maybe the car too).

You don’t even have to know everything about English in order to speak it.

Absolutely true, and in a way you’re almost making my point for me. You don’t have to know everything about C in order to program in it. But you’d surely better know about the aspects of C that you’re dealing with.

Likewise, you shouldn’t have to read the C++ standard (776 pages in all its glory) in order to have to use a C++ compiler.

True, but still wrong. (-:

You shouldn’t have to read it *all* if you’re not going to be using it *all*, but you *should* have to read the sections pertinent to what you’re doing.

What you were doing was specialised, explicitly relying on volatile behaviour, a factor not even touched upon in work-a-day programming, and it was excessively stupid of you to have relied on the compiler being able to read your mind and extract therefrom the idea that what you were doing was specialised.

Worse still, your whole argument about the quality of Open Source Software and its utility outside a “limited place under limited circumstances” rests on this presumptuous mistake.

No, that part is my personal option, and I explicitly state it as such. I’m not trying to convince anybody of that.

Er, that doesn’t parse out to anything obviously sensible. I’ll read it as “my personal opinion” and respond to that.

I’ll start by quoting the section from your article:

I believe Open Source has its place, a limited place under limited circumstances, but a place nonetheless. My trouble is with the people who want to make all software Open Source, like Richard Stallman, Eric Raymond, and their goons, but that’s a different story. In hopes that you might believe that I am not just a mouthpiece of proprietary software development, I want to tell you about my experience in making, or rather attempting to make, Open Source software a better product for the world over.

You then go on to relate the programming mistake you made, and people’s response to that, as if it was GCC’s fault for adhering to the standard. Regardless of what you now assert, the obvious reading is “Open Source is of limited value, because of the poor documentation and limited hand-holding on offer, and I’ll illustrate my point with this gcc non-bug.”

Really, referring to OSS supporters (<waves>) as “goons” of Richard Stallman and Eric Raymond exposes the personal, subjective nature of your complaint, which you try (and fail) to illustrate by tying it to an objective example.

The objective example fails, and without it you lack any semblance of support for your own personal issues. Freedom of speech, no worries, but you must then also respect the freedom of speech of people like me who point out the insubstantial nature of that which you represent as objective fact.

I stand behind every word I said.

Just make sure you”re standing a long way behind those words, lest they blow up in your face.

Cheers; Leon


http://www.cyberknights.com.au/ Modern tools, traditional dedication
http://slpwa.linux.org.au/ Member, Linux Professionals West Aus
http://conf.linux.org.au/ THE Australian Linux Technical Conf:
 18-23 April 2005, Canberra: be there!

There is sufficient light for those who desire to see,
and there is sufficient darkness for those of contrary disposition.
— Blaise Pascal, Pensees 149

Last changed: 09-Sep-2008 18:29:45  Find out who links to this page. Verify for yourself that this page is pure, standard HTML, not Ruby.

[Powered by Google]   Translate into     Linux™ Powered

No software patents! If you would like us to read email for USD$1000 per page, payable in advance, send it here.