Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 01 Feb 2017 14:52:41 +0100
From: Arnd Bergmann <arnd@...db.de>
To: Kees Cook <keescook@...omium.org>, Emese Revfy <re.emese@...il.com>
Cc: linux-kernel@...r.kernel.org, Josh Triplett <josh@...htriplett.org>, pageexec@...email.hu, yamada.masahiro@...ionext.com, minipli@...linux.so, linux@...linux.org.uk, catalin.marinas@....com, linux@...musvillemoes.dk, david.brown@...aro.org, benh@...nel.crashing.org, tglx@...utronix.de, akpm@...ux-foundation.org, jlayton@...chiereds.net, sam@...nborg.org, kernel-hardening@...ts.openwall.com
Subject: initify plugin crashes on arm allmodconfig

On my ARM test builds (using a recent gcc-7 snapshot), allmodconfig failed with a compiler
crash, I have managed to minimize the test case to this:

/home/arnd/cross-gcc/bin/arm-linux-gnueabi-gcc-7.0.1 -O2 -Wall -fplugin=/home/arnd/arm-soc/build/tmp/scripts/gcc-plugins/initify_plugin.so -DINITIFY_PLUGIN -fplugin-arg-initify_plugin-search_init_exit_functions  -fno-inline-functions-called-once -S atmel_lcdfb.i
arm-linux-gnueabi-gcc-7.0.1: internal compiler error: Segmentation fault (program cc1)

struct {
  void *par;
} * c, g;
struct atmel_lcdfb_pdata {
  void (*atmel_lcdfb_power_control)();
};
int a, f;
void *d, *e;
int fn1();
inline void fn2(int *p1) {
  struct atmel_lcdfb_pdata *b = b;
  if (b)
    b->atmel_lcdfb_power_control();
  a = fn1();
}
int __attribute__((__section__(".init.text"))) fn3() {
  if (c)
    goto out;
  if (f)
    goto free_info;
  if (0)
    goto put_bus_clk;
  if (0)
    goto release_intmem;
  if (0)
    goto stop_clk;
  if (0)
    goto free_fb;
  if (e)
    goto release_mem;
  if (f)
    goto unmap_mmio;
  if (0)
    goto unregister_irqs;
  if (0)
    goto reset_drvdata;
  fn2(d);
reset_drvdata:
unregister_irqs:
unmap_mmio:
release_mem:
free_fb:
release_intmem:
stop_clk:
put_bus_clk:
free_info:
out:
  return 0;
}
int __attribute__((__section__(".exit.text"))) __attribute__((__cold__)) fn4() {
  fn2(g.par);
  return 0;
}


While trying to reproduce it, one time I ended up killing the gcc task when it
used more than 80 gigabytes (!) of memory after around six minutes of compiling
the same file (drivers/video/fbdev/atmel_lcdfb.c), but other times it just crashed
as above using various ARM cross compilers (4.9.3, 5.3, 6.1.1).

	Arnd

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.