Article <20240322083037.20@kylheku.com>

Warning: mysqli::__construct(): (HY000/1203): User howardkn already has more than 'max_user_connections' active connections in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\includes\artfuncs.php on line 21
Failed to connect to MySQL: (1203) User howardkn already has more than 'max_user_connections' active connections
Warning: mysqli::query(): Couldn't fetch mysqli in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\index.php on line 66
Article <20240322083037.20@kylheku.com>

Deutsch English Français Italiano

<20240322083037.20@kylheku.com>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!2.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Kaz Kylheku <433-929-6894@kylheku.com>
Newsgroups: comp.lang.c
Subject: Re: A Famous Security Bug
Date: Fri, 22 Mar 2024 15:33:03 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 42
Message-ID: <20240322083037.20@kylheku.com>
References: <bug-20240320191736@ram.dialup.fu-berlin.de>
 <20240320114218.151@kylheku.com>
 <20240321211306.779b21d126e122556c34a346@gmail.moc>
 <20240321131621.321@kylheku.com> <utk1k9$2uojo$1@dont-email.me>
Injection-Date: Fri, 22 Mar 2024 15:33:03 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="5ea1ed0f61c2acaab32e111ed755f390";
	logging-data="3158152"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1+IMgzCWWuLARqlPrqSyangIsldyoYragw="
User-Agent: slrn/pre1.0.4-9 (Linux)
Cancel-Lock: sha1:z8nv+VqU62+Y+H2av7H2TlqdbWY=
Bytes: 2541

On 2024-03-22, David Brown <david.brown@hesbynett.no> wrote:
> On 21/03/2024 21:21, Kaz Kylheku wrote:
>
>> Eliminating dead stores is a very basic dataflow-driven optimization.
>> 
>> Because memset is part of the C language, the compiler knows
>> exactly what effect it has (that it's equivalent to setting
>> all the bytes to zero, like a sequence of assignments).
>> 
>
> Yes.
>
>> If you don't want a call to be optimized away, call your
>> own function in another translation unit.
>
> No.
>
> There are several ways that guarantee your code will carry out the 
> writes here (though none that guarantee the secret data is not also 
> stored elsewhere).  Using a function in a different TU is not one of 
> these techniques.  You do people a disfavour by recommending it.

It demonstrably is.

>> (And don't turn
>> on nonconforming cross-translation-unit optimizations.)
>> 
>
> If I knew of any non-conforming cross-translation-unit optimisations in 
> a compiler, I would avoid using them until the compiler vendor had fixed 
> the bug in question.

They are not fixable. Translation units are separate, subject
to separate semantic analysis, which is settled prior to linkage.

The semantic analysis of one translation unit must be carried out in the
absence of any information about what is in another translation unit.

-- 
TXR Programming Language: http://nongnu.org/txr
Cygnal: Cygwin Native Application Library: http://kylheku.com/cygnal
Mastodon: @Kazinator@mstdn.ca