https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
H.J. Lu changed:
What|Removed |Added
Resolution|--- |FIXED
Status|ASSIGNED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #20 from GCC Commits ---
The releases/gcc-11 branch has been updated by H.J. Lu :
https://gcc.gnu.org/g:574d52a9b6e40a466b90f4810e72d3dd072d5160
commit r11-11321-g574d52a9b6e40a466b90f4810e72d3dd072d5160
Author: H.J. Lu
Date:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #19 from GCC Commits ---
The releases/gcc-12 branch has been updated by H.J. Lu :
https://gcc.gnu.org/g:23049e851ebf840dffdd3f062dba0e795be347f8
commit r12-10331-g23049e851ebf840dffdd3f062dba0e795be347f8
Author: H.J. Lu
Date:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #18 from GCC Commits ---
The releases/gcc-13 branch has been updated by H.J. Lu :
https://gcc.gnu.org/g:abe3a80aa2d6d53cc9b8c9f7c531e065451d5b6e
commit r13-8606-gabe3a80aa2d6d53cc9b8c9f7c531e065451d5b6e
Author: H.J. Lu
Date:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #17 from H.J. Lu ---
(In reply to Jan Hubicka from comment #15)
> > Fixed for GCC 14 so far
> It is simple patch, so backporting is OK after a week in mainline.
These are patches which I am backporting:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #16 from GCC Commits ---
The master branch has been updated by Richard Biener :
https://gcc.gnu.org/g:9ab8fdfeef5b1a47b358e08a98177b2fad65fed9
commit r14-9803-g9ab8fdfeef5b1a47b358e08a98177b2fad65fed9
Author: Richard Biener
Date:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #15 from Jan Hubicka ---
> Fixed for GCC 14 so far
It is simple patch, so backporting is OK after a week in mainline.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
H.J. Lu changed:
What|Removed |Added
Known to work||14.0
--- Comment #14 from H.J. Lu ---
Fixed
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #13 from GCC Commits ---
The master branch has been updated by H.J. Lu :
https://gcc.gnu.org/g:cab32bacaea268ec062b1fb4fc662d90c9d1cfce
commit r14-9775-gcab32bacaea268ec062b1fb4fc662d90c9d1cfce
Author: H.J. Lu
Date: Mon Feb 26
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #12 from Andrew Pinski ---
For anyone reading this, -fprofile-generate with ifunc attributes should be
fixed and is not related to the xz backdoor. The issue will show up in valid
usage of ifuncs even ones which don't call
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #11 from Sam James ---
(In reply to Sam James from comment #10)
> I'm aware, but there's a minimised test case attached here which shows this
> is still somewhat of a problem by itself.
>
> Either a better diagnostic is needed or
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #10 from Sam James ---
I'm aware, but there's a minimised test case attached here which shows this is
still somewhat of a problem by itself.
Either a better diagnostic is needed or to not instrument the resolver.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #9 from Chung-Ju Wu ---
(In reply to Sam James from comment #1)
> One of the xz developers, Jia Tan, has kindly minimised it to not need
> BIND_NOW. I've adapted it a bit to cleanup flags and warnings.
>
CVE-2024-3094
Jia Tan is
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #8 from H.J. Lu ---
A patch is posted at
https://patchwork.sourceware.org/project/gcc/list/?series=31343
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #7 from H.J. Lu ---
Created attachment 57544
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=57544=edit
A patch
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
H.J. Lu changed:
What|Removed |Added
Status|UNCONFIRMED |ASSIGNED
Ever confirmed|0
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #6 from Richard Biener ---
Maybe we can automatically consider that when handling the ifunc attribute?
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #5 from Andrew Pinski ---
The obvious workaround is to mark the ifunc_resolver with
no_profile_instrument_function attribute since is only ever called once and
really does not need to be PGO'ed anyways.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #4 from Andrew Pinski ---
It is the use of TLS inside an ifunc resolver which seems like causing issues
...
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #3 from Sam James ---
(In reply to Sam James from comment #1)
> One of the xz developers, Jia Tan, has kindly minimised it to not need
> BIND_NOW. I've adapted it a bit to cleanup flags and warnings.
(oops, sorry, this one does
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #2 from Sam James ---
The reproducer succeeds for me with Clang 17.0.6, but fails for me with GCC
10..14.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114115
--- Comment #1 from Sam James ---
One of the xz developers, Jia Tan, has kindly minimised it to not need
BIND_NOW. I've adapted it a bit to cleanup flags and warnings.
I can reproduce it with the following, at least:
```
#!/bin/sh
gcc-14 -O2
22 matches
Mail list logo