OT: PHP 32 bit numbers security issue

OT: PHP 32 bit numbers security issue

Oleg Goldshmidt pub at goldshmidt.org
Thu Jan 6 09:37:41 IST 2011 

> Uri Even-Chen <uri at speedy.net> writes:

>> But I think programming languages should be more friendly, and
>> always convert numbers to the best representation, or report
>> overflow cases.

What's "best"? Would you agree that "best" == "the most appropriate"?

Unless you do symbolic or otherwise "pure" maths (cf. Mathematica -
see Nadav's comment preserved at the bottom) you never need your
results in infinite precision simply because in real life your inputs
are not infinitely precise. You should know how many significant
digits you need, and that is your target precision.

The real big deal in computation is *losing* precision, not finite
precision. Problems arise when, despite your doing your computations
at a much higher precision than what you need, numerical instabilities
cause your result to be wildly inaccurate (without overflows or other
catastrophes that could in principle throw an exception).

BigDecimals will help with this, and some people use them for this
purpose (paying in performance). More often than not this is an
overkill. People who do computations often know a thing or two about
both numerical analysis and their own problem domain, and therefore
are capable of not losing precision over a long calculation.

>> In the past, speed and memory were more important than
>> today. Today, graphics and video take a lot of resources, so
>> mathematical calculations can be slower and more accurate -
>> multiplying two numbers with 1024 bits each is much faster than
>> what is used to be 20 or 30 years ago.

I might consider this argument for a housewife's desktop machine,
though not for math. If you actually do calculations you can hardly
check for overflows. Think that you need to do it for every integer
operation that is done in HW. What's more, you need to specify all the
different types of overflow, the respective meaning, the appropriate
action, depending on the size and signedness of your operands and G-d
know what else. All that without having the foggiest idea of the
programmer's needs, intent, or the problem he/she is trying to
solve. Your wish of "always converting to the best representation" is
no simple matter. The task is actually daunting in complexity, not
only performance.

As I mentioned, denormalized numbers found their way into some new HW
and are crawling towards new standards. Standards *must* "get things
right", so it takes a lot of time.

Our friends at Microsoft may have thought about the housewife's
desktop because, IIRC, C# (a language I do not use or know well, so
take this with a large grain of salt) has some sort of "checked"
keyword that allows you, the programmer, to specify what you want to
check for overflows. They did not make that the default because the
performance hit was unacceptable in many (most?) cases (Nadav listed
some). 

Of course, the checking is done in SW, not HW, and I am taking your
"programming languages should" to "HW should, and compilers should use
the facilities". Eh, how much are you willing to pay for your next CPU
and a nuclear-powered cooling facility in the same box? It is not a
simple task.

"Nadav Har'El" <nyh at math.technion.ac.il> writes:

> The question of unlimited precision real numbers (aka "floating point")
> is more complicated - how will you represent simple fractions (like 1/3)
> whose base-10 expansion is infinite?

Hmm... I'd go with something "simple" like 0.1 (decimal) whose
binary representation is infinite... ;-)

> What will you do about results of math functions (e.g., log(),
> sin(), sqrt() etc.) that are irrational?

I think there was a controversy a while ago when someone noticed that
Java's sin/cos/etc. were much slower than C. The Java people
(Gosling?) were adamant that while C compilers went to built-in HW
implementations which did not do the full-blown IEEE spec, Java did
"the right thing" itself, with no HW assist.

The point being exactly, "What will you do?"

> Will your number system also start supporting simple fractions and
> symbolic formulas to retain the perfect precision for as long as
> possible? Pretty soon you'll end up with Matematica
> (http://en.wikipedia.org/wiki/Mathematica)..  I think a more
> sensible approach for real numbers is something like what "bc" does,
> i.e., support an arbitrary, but pre-determined, precision.

-- 
Oleg Goldshmidt | pub at goldshmidt.org

More information about the Linux-il mailing list