From: Li Zefan <lizf@cn.fujitsu.com>
To: WANG Cong <xiyou.wangcong@gmail.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>,
zhengyi <goodmenkernel@gmail.com>,
linux-kernel@vger.kernel.org
Subject: Re: Is there any word about this bug in gcc ?
Date: Tue, 20 Nov 2007 14:03:12 +0800 [thread overview]
Message-ID: <474278A0.50803@cn.fujitsu.com> (raw)
In-Reply-To: <20071120053904.GG2472@hacking>
WANG Cong wrote:
> On Mon, Nov 19, 2007 at 09:10:44PM -0800, H. Peter Anvin wrote:
>> WANG Cong wrote:
>>> On Tue, Nov 20, 2007 at 10:13:42AM +0800, zhengyi wrote:
>>>> Is there any relevance to the kernel ?
>>>>
>>>> I found the folowing code here:
>>>> http://linux.solidot.org/article.pl?sid=07/11/19/0512218&from=rss
>>>>
>>>> -------------------------------------------------------------------
>>>> int main( void )
>>>> {
>>>> int i=2;
>>>> if( -10*abs (i-1) == 10*abs(i-1) )
>>>> printf ("OMG,-10==10 in linux!\n");
>>>> else
>>>> printf ("nothing special here\n") ;
>>>>
>>>> return 0 ;
>>>> }
>>> I think no. It is considered a bug in abs(), kernel, of course,
>>> doesn't use glibc's abs().
>>>
>> Wrong.
>>
>> abs() is internal to gcc, and the above is optimized out at compile
>> time, so any user of abs() as a function at all is vulnerable.
>
> This is an urgent bug, I think.
>
> And you mean abs() is not in glibc, then where is it? Built in gcc?
> And what's more, why not put it in glibc?
>
Gcc optimises abs() to use gcc builtin-in abs(). So if we use -fno-builin,
we'll get the correct result. That is to say the bug has nothing to do with
glibc.
And this bug has been fixed just several days ago.
http://www.nabble.com/-PATCH--Fix-PR34130,-extract_muldiv-broken-t4826688.html
>
>> However, the Linux kernel defines abs() as a macro:
>>
>> #define abs(x) ({ \
>> int __x = (x); \
>> (__x < 0) ? -__x : __x; \
>> })
>>
>> ... which means gcc never sees it. So the kernel isn't affected,
>> because it doesn't use *gcc's* abs().
>
> Thanks for clarifying this!
>
> Regards.
>
next prev parent reply other threads:[~2007-11-20 6:06 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-20 2:13 Is there any word about this bug in gcc ? zhengyi
2007-11-20 4:16 ` WANG Cong
2007-11-20 5:10 ` H. Peter Anvin
2007-11-20 5:39 ` WANG Cong
2007-11-20 6:03 ` Li Zefan [this message]
2007-11-20 6:10 ` WANG Cong
2007-11-20 6:04 ` H. Peter Anvin
2007-11-20 6:17 ` David Miller
2007-11-20 6:41 ` Herbert Xu
2007-11-20 6:47 ` H. Peter Anvin
2007-11-20 6:52 ` Herbert Xu
2007-11-20 12:52 ` Alessandro Suardi
2007-11-20 18:42 ` Sami Farin
2007-11-20 21:10 ` Nix
2007-11-21 13:16 ` Alexander E. Patrakov
2007-11-21 16:19 ` Alexander E. Patrakov
2007-11-21 17:22 ` Lennart Sorensen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=474278A0.50803@cn.fujitsu.com \
--to=lizf@cn.fujitsu.com \
--cc=goodmenkernel@gmail.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox