Re: [Fwd: [lemote] Re: Are -mfix-loongson2f-nop and -mfix-loongson2f-jump needed for userland programs?]
On Thu, 4 Feb 2010, fxzhang wrote:
On Sat, 2010-01-23 at 13:39 -0500, Daniel Clark wrote:
Does anyone know canonically if the system can have instability
because *any* executable program is compiled without the loongson2f
The site http://dev.lemote.com/code/firefox-3.7-loongson-jit says:
"Recommend building with Lemote's tool-chain
http://dev.lemote.com/files/binary/toolchain/gcc4ls2f.tar to avoid a
potential bug http://sourceware.org/ml/binutils/2009-11/msg00387.html."
I was under the impression that only the kernel, linux had to be
compiled with the loongson2f as/binutils fixes to avoid system lockups
due to silicon-level loongson2f bugs.
As I have said in
-mfix-loongson2f-nop is needed for user-space applications.
From reading that message, it seems very wrong to me. It sounds like a
regular user could cause the machine to crash by omitting the
-mfix-loongson2f-nop when compiling his programs. This solution seems akin
to "fixing" a buffer overflow in a server by modifying the client to never
send strings that are too long.
Am I missing something, or was the solution to this DoS vulnerability
something along the lines of "let's create a way so that we can avoid
exploiting it accidentally"?
Just a long-time debian user,