On Mon, Aug 18, 1997 at 12:42:51AM -0700, Jonathan Stone wrote:
> 
> Please don't advocate this as a workaround.  
> 
> If it works, it works by changing gcc's register allocation (by not
> forcing memory values into registers to make them potentially more
> exploitable by CSE).  I haven't looke dbut I guess It's almost
> certainly working by changing the allocation of %eax from something
> that spans a bus_space_XXX_multi() method call, to something that
> doesn't.

I'm aware of that.. I'm just curious to see if it helps people, if
it identifies other crashes as possible gcc bugs. Although no
conclusive evidence can come from it, but it's a hint at least.
> 
> The right way to fix this bug is to fix the compiler, or failing that,
> in specific cases, to kludge the source code to avoid the problem.
> 

I'd say kludging the source is just as vulnerable. It works around the
problem in some circumstances, but if you don't know exactly what
the bug is, you're guessing. Suppose you work around the bug
in some macro, and then the function in which it's being used
is changed to have a new local var that is used often, so the
register allocation circumstances change dramatically, etc.
This is almost impossible to work around. In the bus_space_write_multi
case you can get things safe for that particular instance
by not letting gcc pick the register which holds the destination
address, but just explicitly using %edi. But who knows what other
instances of the bug are out there.

- Frank