| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LFD.2.00.0912072150450.3089@localhost.localdomain> Date: Tue, 8 Dec 2009 00:09:31 +0100 (CET) From: Thomas Gleixner <tglx@...utronix.de> To: Jakub Jelinek <jakub@...hat.com> cc: LKML <linux-kernel@...r.kernel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Ingo Molnar <mingo@...e.hu>, "H. Peter Anvin" <hpa@...or.com>, Peter Zijlstra <peterz@...radead.org> Subject: Re: GCC 4.x random code generator for x86_64 ? On Mon, 7 Dec 2009, Jakub Jelinek wrote: > On Mon, Dec 07, 2009 at 06:50:17PM +0100, Thomas Gleixner wrote: > > Can anyone shed some light on the following: > > > > Applying a patch which adds a yet unused "extern int bla(void);" line > > to a header file results in something which is beyond me. > > > > The .i files differ as expected in exaclty _one_ line. > > The source code is different, so this doesn't seem to be random code > generation. The extra declaration means following decls will have higher > uids and there is a bunch of places in gcc where hash tables are traversed > and code generation depends on the order in the traversal. While hash > tables hashed on pointer values are considered important bugs because > generated code could change in between runs with the same source, traversal > of tables hashed by decl uids are far less severe - gcc makes no promises > that different sources result in the same generated code. Sorry, I do not consider that delta an effective code change and I don't think that the "no promise" answer is a good explanation for generated code which is randomly different and in some places worse for no good reason. We often use(d) binary comparisions to verify that an assumed zero change patch actually does what it promises. That way we verified the bulk of the i386/x86_64 code move and I never saw such odd behaviour back then (the deltas were way larger than that single line change). > You are using quite oldish gcc, if you reproduce it with something newer I was compiling 2.6.32 which is quite oldish code. That deserves an quite oldish compiler. :) Seriously, the gcc I'm using is shipped with F11 and that's what a lot of people (still) have on their machines. > (current 4.5 trunk or recent gcc from redhat/gcc-4_4-branch) and provide > full preprocessed source and exact command line options, I'll have a look > though. F12 gcc [(GCC) 4.4.2 20091027 (Red Hat 4.4.2-7)] has similar randomization. I'll send you the preprocessed source + command line options tomorrow. The current 4.5 trunk creates identical binary files with and without the patch. Thanks, tglx -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists