Re: Bootstrap comparison failure on powerpc64 for Ada
> Maybe the problem will arise on other platforms and we'll be able to debug > it. SPARC/Solaris 32-bit is OK. I'm going to try the 64-bit variant. -- Eric Botcazou
old intentional gcc bug?
Hi, I've been told that a developer of gcc, in the early stages, put a security hole that allowed him complete access to any computer running unix, as gcc was included in unix, and that it stayed that way until he decided to tell everyone and patch it. I don't believe him, but I couldn't find any information about that in the internet deniying it. That's why I came here to confirm that it never happened. Sorry for my bad English and thank you. Regards. Ready for the edge of your seat? Check out tonight's top picks on Yahoo! TV. http://tv.yahoo.com/
Re: old intentional gcc bug?
On Sat, Jun 23, 2007 at 08:35:19AM -0700, krith htirk wrote: > Hi, > > I've been told that a developer of gcc, in the early stages, put a > security hole that allowed him complete access to any computer running > unix, as gcc was included in unix, and that it stayed that way until he > decided to tell everyone and patch it. > > I don't believe him, but I couldn't find any information about that in the > internet deniying it. That's why I came here to confirm that it never > happened. > > Sorry for my bad English and thank you. > > Regards. > A very similar thing has actually happened, but not with gcc (not that I know of anyway.) Ken Thompson (one of the original creators of Unix) *did* put such a hack into their C compiler which would automatically add backdoor code when it compiled the 'login' program. This was many years ago and AFAIK the hacked Unix version was never released into the wild. You can read more about this hack at http://en.wikipedia.org/wiki/Thompson_hack or http://www.acm.org/classics/sep95/ -- Erik Trulsson [EMAIL PROTECTED]
Re: Bootstrap comparison failure on powerpc64 for Ada
> I'm going to try the 64-bit variant. SPARC/Solaris 64-bit is OK, as well as IA-64/Linux according to: http://gcc.gnu.org/ml/gcc-testresults/2007-06/msg01044.html Do you test PowerPC 32-bit or should I try a build on Darwin or AIX? -- Eric Botcazou
Re: Bootstrap comparison failure on powerpc64 for Ada
Eric Botcazou <[EMAIL PROTECTED]> wrote on 23/06/2007 21:50:57: > > I'm going to try the 64-bit variant. > > SPARC/Solaris 64-bit is OK, as well as IA-64/Linux according to: > http://gcc.gnu.org/ml/gcc-testresults/2007-06/msg01044.html > > Do you test PowerPC 32-bit or should I try a build on Darwin or AIX? I tested it on powerpc64-linux with the default option --with-cpu=default32. Revital > -- > Eric Botcazou
Re: A reload inheritance bug
Bernd Schmidt wrote: > Mark Shinwell wrote: >> Do you think it should be the case that, at the point below, _any_ reload >> with reg_rtx corresponding to a hard register should have the relevant >> bit set in reload_spill_index? > > I think so. I'm attaching a patch below. It appears to have no effect > on all code I've tried - does it fix your test case? Mark, did you get a chance to try Bernd's patch? -- Mark Mitchell CodeSourcery [EMAIL PROTECTED] (650) 331-3385 x713
Re: old intentional gcc bug?
Erik Trulsson wrote: Ken Thompson (one of the original creators of Unix) *did* put such a hack into their C compiler which would automatically add backdoor code when it compiled the 'login' program. This was many years ago and AFAIK the hacked Unix version was never released into the wild. Are you sure your information is accurate. Neither of the references that you cite back you up on this. Yes, of course we all know of Ken's proposed design for this (from his ACM talk), but I never read anywhere before that this was actually carried out in the wild or otherwise.
Re: old intentional gcc bug?
On Sat, Jun 23, 2007 at 04:36:02PM -0400, Robert Dewar wrote: > Erik Trulsson wrote: > > >Ken Thompson (one of the original creators of Unix) *did* put such a hack > >into > >their C compiler which would automatically add backdoor code when it > >compiled the 'login' program. This was many years ago and AFAIK the hacked > >Unix version was never released into the wild. > > Are you sure your information is accurate. Neither of the references > that you cite back you up on this. Yes, of course we all know of Ken's > proposed design for this (from his ACM talk), but I never read anywhere > before that this was actually carried out in the wild or otherwise. The Wikipedia page I referenced (http://en.wikipedia.org/wiki/Thompson_hack) says that: "What's worse, in Thompson's proof of concept implementation, the subverted compiler also subverted the analysis program (the disassembler), so that anyone who examined the binaries in the usual way would not actually see the real code that was running, but something else instead. This version was never released into the wild. It was released to a sibling Bell Labs organization as a test case; they never found the attack" The Jargon File (http://www.catb.org/jargon/html/B/back-door.html) says: "The Turing lecture that reported this truly moby hack was later published as Reflections on Trusting Trust, Communications of the ACM 27, 8 (August 1984), pp. 761--763 (text available at http://www.acm.org/classics/). Ken Thompson has since confirmed that this hack was implemented and that the Trojan Horse code did appear in the login binary of a Unix Support group machine. Ken says the crocked compiler was never distributed. Your editor has heard two separate reports that suggest that the crocked login did make it out of Bell Labs, notably to BBN, and that it enabled at least one late-night login across the network by someone using the login name kt." And reading Ken's ACM paper (http://www.acm.org/classics/sep95/) certainly gives me the impression that he is talking about a real program, not just a purely hypothetical case: [...] I would like to present to you the cutest program I ever wrote. I will do this in three stages and try to bring it together at the end. [...] The actual bug I planted in the compiler would match code in the UNIX "login" command. -- Erik Trulsson [EMAIL PROTECTED]
Re: old intentional gcc bug?
Erik Trulsson wrote: And reading Ken's ACM paper (http://www.acm.org/classics/sep95/) certainly gives me the impression that he is talking about a real program, not just a purely hypothetical case: [...] I would like to present to you the cutest program I ever wrote. I will do this in three stages and try to bring it together at the end. [...] The actual bug I planted in the compiler would match code in the UNIX "login" command. OK, interesting, thanks for info, I had always thought that this was purely conceptual. Of course there is nothing special about open source/free software that makes such attacks more possible. On the contrary, since gcc can always be built using third party C compilers, it would be much easier to smoke out and eliminate any such behavior (indeed this example shows the merit of maintaining the property that gcc can be compiled by non-gcc compilers), although we have not been able to maintain that property for the Ada front end. Of course with a proprietary program, there is no need for such subterfuge, you just put in whatever nefarious stuff you like in the front end (it took a while for people to find the flight simulator in Microsoft Excel).
Re: old intentional gcc bug?
Robert Dewar wrote: OK, interesting, thanks for info, I had always thought that this was purely conceptual. One thing (which Erik didn't mention) that I noticed in the articles is that Ken said that in his implementation he also hacked the disassembler to cover up the evidence. Of course there is nothing special about open source/free software that makes such attacks more possible. On the contrary, since gcc can always be built using third party C compilers, it would be much easier to smoke out and eliminate any such behavior (indeed this example shows the merit of maintaining the property that gcc can be compiled by non-gcc compilers), although we have not been able to maintain that property for the Ada front end. Indeed. It would be interesting to confirm whether or not a copy of gcc bootstrapped with a non-gcc compiler matched byte-for-byte with a copy of gcc bootstrapped from gcc. Not so much to look for intentional things like this, but to see whether the bootstrapping actually does achieve its goal of obtaining a result that's independent of the bootstrapping compiler. Has anyone actually tried it? - Brooks
Re: Bootstrap comparison failure on powerpc64 for Ada
> I tested it on powerpc64-linux with the default option > --with-cpu=default32. Ah, so this is a 32-bit compiler like on sparc64-linux? -- Eric Botcazou
RE: old intentional gcc bug?
On 23 June 2007 22:53, Brooks Moses wrote: > > Indeed. It would be interesting to confirm whether or not a copy of gcc > bootstrapped with a non-gcc compiler matched byte-for-byte with a copy > of gcc bootstrapped from gcc. Not so much to look for intentional > things like this, but to see whether the bootstrapping actually does > achieve its goal of obtaining a result that's independent of the > bootstrapping compiler. Has anyone actually tried it? That's kinda the whole point of bootstrapping :) any variation is in the stage1 compiler only, modulo such bad bugs in the native compiler that the stage1 gcc miscompiles stage2 gcc. cheers, DaveK -- Can't think of a witty .sigline today
Re: old intentional gcc bug?
Brooks Moses <[EMAIL PROTECTED]> writes: > Indeed. It would be interesting to confirm whether or not a copy of > gcc bootstrapped with a non-gcc compiler matched byte-for-byte with a > copy of gcc bootstrapped from gcc. Not so much to look for > intentional things like this, but to see whether the bootstrapping > actually does achieve its goal of obtaining a result that's > independent of the bootstrapping compiler. Has anyone actually tried > it? At Cygnus, in the early and mid- 90s, we did this routinely, starting with the native compilers shipped with various Unix variants. As Unix variants generally no longer come with a free (as in beer) compiler other than gcc, this is harder to test today. Still, not too hard: you would just start with some other free compiler. Ian
Re: old intentional gcc bug?
Dave Korn wrote: On 23 June 2007 22:53, Brooks Moses wrote: Indeed. It would be interesting to confirm whether or not a copy of gcc bootstrapped with a non-gcc compiler matched byte-for-byte with a copy of gcc bootstrapped from gcc. Not so much to look for intentional things like this, but to see whether the bootstrapping actually does achieve its goal of obtaining a result that's independent of the bootstrapping compiler. Has anyone actually tried it? That's kinda the whole point of bootstrapping :) any variation is in the stage1 compiler only, modulo such bad bugs in the native compiler that the stage1 gcc miscompiles stage2 gcc. Right, exactly. I'm an engineer; you give me a theory like that, and I become curious how much it's been tested in practice. :) - Brooks
