Re: Is there any word about this bug in gcc ?

From: H. Peter Anvin
Date: Tue Nov 20 2007 - 00:11:01 EST

Next message: Borislav Petkov: "Re: [rfc-patch 0/9] Immediate Values for 2.6.24-rc2-git5"
Previous message: Greg KH: "Re: linux-usb-devel@vger created..."
In reply to: WANG Cong: "Re: Is there any word about this bug in gcc ?"
Next in thread: WANG Cong: "Re: Is there any word about this bug in gcc ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

WANG Cong wrote:

On Tue, Nov 20, 2007 at 10:13:42AM +0800, zhengyi wrote:
Is there any relevance to the kernel ?

I found the folowing code here:
http://linux.solidot.org/article.pl?sid=07/11/19/0512218&from=rss

-------------------------------------------------------------------
int main( void )
{
int i=2;
if( -10*abs (i-1) == 10*abs(i-1) )
printf ("OMG,-10==10 in linux!\n");
else
printf ("nothing special here\n") ;

return 0 ;
}

I think no. It is considered a bug in abs(), kernel, of course,
doesn't use glibc's abs().

Wrong.

abs() is internal to gcc, and the above is optimized out at compile time, so any user of abs() as a function at all is vulnerable.

However, the Linux kernel defines abs() as a macro:

#define abs(x) ({ \
int __x = (x); \
(__x < 0) ? -__x : __x; \
})

... which means gcc never sees it. So the kernel isn't affected, because it doesn't use *gcc's* abs().

-hpa

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Borislav Petkov: "Re: [rfc-patch 0/9] Immediate Values for 2.6.24-rc2-git5"
Previous message: Greg KH: "Re: linux-usb-devel@vger created..."
In reply to: WANG Cong: "Re: Is there any word about this bug in gcc ?"
Next in thread: WANG Cong: "Re: Is there any word about this bug in gcc ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]