lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 21 Oct 2023 16:36:19 -0700
From:   Kees Cook <>
To:, Jan Kara <>
CC:     Andy Shevchenko <>,
        Baokun Li <>,
        Josh Poimboeuf <>,
        Nathan Chancellor <>,
        Nick Desaulniers <>,
        Kees Cook <>,
        Ferry Toth <>,,
Subject: Re: [GIT PULL] ext2, quota, and udf fixes for 6.6-rc1

On October 20, 2023 1:36:36 PM PDT, wrote:
>That said, if you or anyone has ideas how to debug futher, I'm all ears!

I don't think this has been tried yet:

When I've had these kind of hard-to-find glitches I've used manual built-binary bisection. Assuming you have a source tree that works when built with Clang and not with GCC:
- build the tree with Clang with, say, O=build-clang
- build the tree with GCC, O=build-gcc
- make a new tree for testing: cp -a build-clang build-test
- pick a suspect .o file (or files) to copy from build-gcc into build-test
- perform a relink: "make O=build-test" should DTRT since the copied-in .o files should be newer than the .a and other targets
- test for failure, repeat

Once you've isolated it to (hopefully) a single .o file, then comes the byte-by-byte analysis or something similar...

I hope that helps! These kinds of bugs are super frustrating.


Kees Cook

Powered by blists - more mailing lists