Speaking of false evidence...

[CThinker]

Where is the code that you claim to be strtok() or the entry point?
If the strtok() routine were in the CRT runtime DLL, we would see the reference or the program would not work.
If the strtok() routine were included from the CRT library, we would see the code inline with the _strtok symbol name. There could be a clone of strtok() somewhere. Will you show me where it is?

That segment of code that Zach provided looks like strtok() built from the MS CRT source. When you install Visual Studio, you have the option to install the CRT source.

You will notice these easily:
1. The variables 4 match (3 DWORDS and a 32-byte array).
2. There is the call to _getptd().
3. Then there is the zeroing of the 32-byte array variable (8 stosd)
4. The very tight while loop that involves shift 3 to right, and 1 being shifted to the left in variable steps.

I could match the entire function, but I believe the point has been made.

The CRT library is liked statically to the EXE and then stripped of symbols.

Btw, ages ago, we used to have a disassembler that can identify common CRT functions even without symbols. It is specially easy with string functions.

Code: Select all

// I stripped out all the comments, and the 'secure' version

char * __cdecl strtok (
        char * string,
        const char * control
        )
{
        unsigned char *str;
        const unsigned char *ctrl = control;

        unsigned char map[32];
        int count;

        _ptiddata ptd = _getptd();

.text:0040EDFC                 push    8
.text:0040EDFE                 pop     ecx
.text:0040EDFF                 mov     [ebp+var_28], eax
.text:0040EE02                 xor     eax, eax
.text:0040EE04                 lea     edi, [ebp+var_24]
.text:0040EE07                 push    7
.text:0040EE09                 rep stosd
.text:0040EE0B                 pop     edi 

        for (count = 0; count < 32; count++)
                map[count] = 0;

text:0040EE0C                 mov     dl, [esi]
.text:0040EE0E                 movzx   ecx, dl
.text:0040EE11                 mov     eax, ecx
.text:0040EE13                 and     ecx, edi
.text:0040EE15                 mov     bl, 1
.text:0040EE17                 shl     bl, cl
.text:0040EE19                 shr     eax, 3
.text:0040EE1C                 lea     eax, [ebp+eax+var_24]
.text:0040EE20                 or      [eax], bl
.text:0040EE22                 inc     esi
.text:0040EE23                 test    dl, dl
.text:0040EE25                 jnz     short loc_40EE0C

         do {
                map[*ctrl >> 3] |= (1 << (*ctrl & 7));
        } while (*ctrl++);

        if (string)
                str = string;
        else
                str = _TOKEN;

        while ( (map[*str >> 3] & (1 << (*str & 7))) && *str )
                str++;

        string = str;

        for ( ; *str ; str++ )
                if ( map[*str >> 3] & (1 << (*str & 7)) ) {
                        *str++ = '\0';
                        break;
                }

        _TOKEN = str;

        if ( string == str )
                return NULL;
        else
                return string;
}

[bob]

Should be interesting to see how the accusers respond to this!

I hope that they respond as follows:
1. Download the disassembly tools or use their favorite disassembler.
2. Disassemble the binaries themselves.
3. Examine the resulting listings carefully.
4. Form their own conclusions.

I will be genuinely interested in what they have to say if they actually perform these steps. I am not interested in discourse with anyone who has not done so, because they are running on hearsay evidence and evidence I believe to be largely fabricated.

Would you now like to perhaps retract that last statement? rather than someone fabricating something, you simply didn't understand how to use the tools you listed in order to conclude anything that was even close to being correct. That is the very kind of thing we _don't_ need to happen. It only hurts the discussion. I looked at the asm you posted. It appears that it might well be the binary for strtok(). the source for strtok() is quite large, because of the way it is written using other string functions, and if necessary I could easily compile the thing and produce the assembly output to show this... That is the code you said was not called and did not appear anywhere. Which is impossible to verify with a stripped executable. Stripping saves memory, but also hides much. It is not a 10 minute job (which it appears you thought it was) to make these kinds of determinations. it is more complicated than that because of conditions beyond anybody's control (stripping for one). If this were a linux executable we wouldn't even be having this discussion because strtok() would not be anywhere in the executable, it is in a shared lib that is a separate entity.

[Zach Wegner]

Bob,

Your insight into this discussion is fascinating, hilarious, and extremely sad. You are a very wise man, who has seen this come up again and again, and I think your experience is absolutely essential to the discussion. All you have done is post logical arguments, and in doing so you have been brave enough to take the heat of so many lookers on. Those of us who approach this issue with some common sense revere at your knowledge and objectivity. Some say that you are driven by envy, when nothing could be further from the truth.

I do have faith that the truth will come out, as you say. Those who choose to throw tantrums will eventually settle down, and those who are determined to find out what is really going on will be left unharmed. Gerd's post is a good example--on a thread that was close to dead, he posted logical points against what I was saying. I feel lucky to just get this kind of post once.

I am very glad to have your support Bob. When all is said and done, we will be the ones left, still doing the thing that we love that has brought us all together here.

Regards,
Zach

[Tony]

Should be interesting to see how the accusers respond to this!

I hope that they respond as follows:
1. Download the disassembly tools or use their favorite disassembler.
2. Disassemble the binaries themselves.
3. Examine the resulting listings carefully.
4. Form their own conclusions.

I will be genuinely interested in what they have to say if they actually perform these steps. I am not interested in discourse with anyone who has not done so, because they are running on hearsay evidence and evidence I believe to be largely fabricated.

Would you now like to perhaps retract that last statement? rather than someone fabricating something, you simply didn't understand how to use the tools you listed in order to conclude anything that was even close to being correct. That is the very kind of thing we _don't_ need to happen. It only hurts the discussion. I looked at the asm you posted. It appears that it might well be the binary for strtok(). the source for strtok() is quite large, because of the way it is written using other string functions, and if necessary I could easily compile the thing and produce the assembly output to show this... That is the code you said was not called and did not appear anywhere. Which is impossible to verify with a stripped executable. Stripping saves memory, but also hides much. It is not a 10 minute job (which it appears you thought it was) to make these kinds of determinations. it is more complicated than that because of conditions beyond anybody's control (stripping for one). If this were a linux executable we wouldn't even be having this discussion because strtok() would not be anywhere in the executable, it is in a shared lib that is a separate entity.

He isn't as neutral as he tries to appear to be ( see my response 1 page back)

Besides: If you can't recognize Fruit in the Strelka code, how big are the chances you can recognize simmularities in assembly.


Tony

[bob]

Should be interesting to see how the accusers respond to this!

I hope that they respond as follows:
1. Download the disassembly tools or use their favorite disassembler.
2. Disassemble the binaries themselves.
3. Examine the resulting listings carefully.
4. Form their own conclusions.

I will be genuinely interested in what they have to say if they actually perform these steps. I am not interested in discourse with anyone who has not done so, because they are running on hearsay evidence and evidence I believe to be largely fabricated.

I wonder if any of them have the guts to back down if they're proven wrong.

Here's my response.

1. if anyone can convince me that two different programmers can write large programs and produce multiple blocks of duplicate code, then I will retract my claim of nonsense. And I would probably email a few people at places like Stanford that have published much on this issue including writing software to check for semantic equality rather than syntactical equality to detect plagiarism. But if someone can prove all past work in this area has been flawed, I'll listen and retract.

2. At present, the weight of evidence suggesting something suspicious in the development of Rybka 1 (at least, and most likely the entire "family" based on normal software development practices) is such that I think there is a reasonable probability that something is wrong. I would not bet anything significant on copied or not-copied. But I might make a small wager on "copied" based only on what I have seen so far. If it turns out to be wrong, at some point my opinion will have to change and I will certainly say so. And should that happen, it doesn't mean a thing with respect to "agendas" or anything else. I have been on a jury multiple times, and after the prosecution has finished presenting their case, I am pretty certain the suspect is guilty. And then after listening to the defense as they present their case, my opinion changes in their favor sometimes.

Is that not what a "trial by jury" is supposed to encompass? You use the evidence to draw conclusions? If the defense produces no information, then I have to rely on the prosecution and conclude "guilty". right now, all we have seen is stuff from the prosecution. Eventually the other side will have to speak up to avoid "conviction". when/if that happens, I'll be listening. Unlike many in this thread that don't want to see any evidence of any kind, just give 'em a rubber stamp "innocent" and they are happy. They don't participate in the competitions, the work, the long hours, the preparation, helping others, etc, to see how this small field is to some of us. And "some" of us want to maintain a uniform playing field for all, where all follow the rules, and beyond that the chips fall where they may. But some just don't get that. Sometimes you first have to walk the walk before you can talk the talk. We are blessed, however, with lots of talkers and a few "walkers".

[tiger]

I do not understand you guys, nobody wanted to know if Rybka had some of the Fruit code inside 2 years ago.
Vas made himself clear that he looked on the free source of Fruit and took many things when he created Rybka in that interview on superchessengines.
The guy has been honest all along.
Why jumping the gun around, and accuse Vas of beeing a cloner?

It is not about cloning. If you see this word here, it is misused.

It is about possible GPL infringement: taking open source code protected by a license that explicitely forbids to take that source, modifiy it, and claim it later as it own and release it under another license. Please look around in this forum for an explanation of the terms.



// Christophe

[bob]

Bob,

Your insight into this discussion is fascinating, hilarious, and extremely sad. You are a very wise man, who has seen this come up again and again, and I think your experience is absolutely essential to the discussion. All you have done is post logical arguments, and in doing so you have been brave enough to take the heat of so many lookers on. Those of us who approach this issue with some common sense revere at your knowledge and objectivity. Some say that you are driven by envy, when nothing could be further from the truth.

I do have faith that the truth will come out, as you say. Those who choose to throw tantrums will eventually settle down, and those who are determined to find out what is really going on will be left unharmed. Gerd's post is a good example--on a thread that was close to dead, he posted logical points against what I was saying. I feel lucky to just get this kind of post once.

I am very glad to have your support Bob. When all is said and done, we will be the ones left, still doing the thing that we love that has brought us all together here.

Regards,
Zach

yep. and the rest will continue their name calling, inane comments, contentless posts, and such.

[bob]

not to hijack the thread, but I noticed duplicate posts from you. Are you seeing huge delays when you click submit? And I do mean sometimes _huge_ delays???

[Graham Banks]

1. if anyone can convince me that two different programmers can write large programs and produce multiple blocks of duplicate code, then I will retract my claim of nonsense. And I would probably email a few people at places like Stanford that have published much on this issue including writing software to check for semantic equality rather than syntactical equality to detect plagiarism. But if someone can prove all past work in this area has been flawed, I'll listen and retract.

2. At present, the weight of evidence suggesting something suspicious in the development of Rybka 1 (at least, and most likely the entire "family" based on normal software development practices) is such that I think there is a reasonable probability that something is wrong. I would not bet anything significant on copied or not-copied. But I might make a small wager on "copied" based only on what I have seen so far. If it turns out to be wrong, at some point my opinion will have to change and I will certainly say so. And should that happen, it doesn't mean a thing with respect to "agendas" or anything else. I have been on a jury multiple times, and after the prosecution has finished presenting their case, I am pretty certain the suspect is guilty. And then after listening to the defense as they present their case, my opinion changes in their favor sometimes.

Is that not what a "trial by jury" is supposed to encompass? You use the evidence to draw conclusions? If the defense produces no information, then I have to rely on the prosecution and conclude "guilty". right now, all we have seen is stuff from the prosecution. Eventually the other side will have to speak up to avoid "conviction". when/if that happens, I'll be listening. Unlike many in this thread that don't want to see any evidence of any kind, just give 'em a rubber stamp "innocent" and they are happy. They don't participate in the competitions, the work, the long hours, the preparation, helping others, etc, to see how this small field is to some of us. And "some" of us want to maintain a uniform playing field for all, where all follow the rules, and beyond that the chips fall where they may. But some just don't get that. Sometimes you first have to walk the walk before you can talk the talk. We are blessed, however, with lots of talkers and a few "walkers".

Fair enough. Zach is right in that you've kept your cool under provocation.
I'll wait to see what happens.

[bob]

Should be interesting to see how the accusers respond to this!

I hope that they respond as follows:
1. Download the disassembly tools or use their favorite disassembler.
2. Disassemble the binaries themselves.
3. Examine the resulting listings carefully.
4. Form their own conclusions.

I will be genuinely interested in what they have to say if they actually perform these steps. I am not interested in discourse with anyone who has not done so, because they are running on hearsay evidence and evidence I believe to be largely fabricated.

Would you now like to perhaps retract that last statement? rather than someone fabricating something, you simply didn't understand how to use the tools you listed in order to conclude anything that was even close to being correct. That is the very kind of thing we _don't_ need to happen. It only hurts the discussion. I looked at the asm you posted. It appears that it might well be the binary for strtok(). the source for strtok() is quite large, because of the way it is written using other string functions, and if necessary I could easily compile the thing and produce the assembly output to show this... That is the code you said was not called and did not appear anywhere. Which is impossible to verify with a stripped executable. Stripping saves memory, but also hides much. It is not a 10 minute job (which it appears you thought it was) to make these kinds of determinations. it is more complicated than that because of conditions beyond anybody's control (stripping for one). If this were a linux executable we wouldn't even be having this discussion because strtok() would not be anywhere in the executable, it is in a shared lib that is a separate entity.

He isn't as neutral as he tries to appear to be ( see my response 1 page back)

Besides: If you can't recognize Fruit in the Strelka code, how big are the chances you can recognize simmularities in assembly.


Tony

I'm not so willing to jump that far to suspect bias. But clearly there was a gross misunderstanding of disassembled code somehow... To do this kind of stuff, you need one extra tool that he didn't mention, that being enough experience at looking at asm code to recognize it for what it is. This is not "obfuscated" intentionally but when something gets the symbol tables stripped away, the result is a real pain to read.