SoylentNews is people
SoylentNews
posted by
cmn32480
on Wednesday May 23 2018, @06:47PM
from the your-computer-is-not-a-fast-PDP-11 dept.
from the your-computer-is-not-a-fast-PDP-11 dept.
Very interesting article at the IEEE ACM by David Chisnall.
In the wake of the recent Meltdown and Spectre vulnerabilities, it's worth spending some time looking at root causes. Both of these vulnerabilities involved processors speculatively executing instructions past some kind of access check and allowing the attacker to observe the results via a side channel. The features that led to these vulnerabilities, along with several others, were added to let C programmers continue to believe they were programming in a low-level language, when this hasn't been the case for decades.
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Two is not equal to three, even for large values of two.
(Score: 2) by Wootery on Saturday May 26 2018, @07:14PM
Register-allocation isn't a language feature, it's what a compiler does to map the variables onto the target machine's registers, spilling to memory if necessary. Whether you're compiling C, or Java, or JavaScript, you have to solve the register-allocation problem. All serious modern compilers will make the effort to enregister variables where appropriate. Wikipedia page. [wikipedia.org]
With some non-portable extensions of C, you can request/insist that the compiler use a specific register for a variable. That is certainly a low-level feature, yes.
You've misunderstood the intent of C++ private variables. They're about helping the programmer write good object-oriented code. They don't protect you against hostile code with access to your process. [itcsolutions.eu]
In other languages/programming environments, things might be different, but C++ provides no such language features, and has no such security model.