Important security warning for people using gcc 3.1

[pbienst]

If you compiled your system using gcc 3.1 at -O3, login or su will accept any random password!

The solution is to unmerge pam and pam-login, lower the optimisation to -O2, than then re-emerge them.

Make sure to check your machine!

[trapni]

That's not true, I've exactly to machines running Gentoo 1.3(a and b) compiled with gcc3.1 and O3 of course. I tested it now on both via login and su, it fails.

It must be a different problem.

Regards,
Christian Parpart

[rac]

Unable to reproduce this with sys-libs/pam-0.75-r6 compiled with -march=athlon -mmmx -m3dnow -O3 on a first-generation Athlon or using -march=k6 -mmmx -O3 on a K6.
_________________
For every higher wall, there is a taller ladder

[dook43]

I couldn't reproduce this either.

CFLAGS="-march=athlon-tbird -m3dnow -mmmx -O3 -pipe"
CXXFLAGS="-march=athlon-tbird -m3dnow -mmmx -O3 -pipe"
_________________
"We who are about to die salute you!"

[mkennedy]

This is https://bugs.gentoo.org/show_bug.cgi?id=4412 for those who wish to follow it.
_________________
Bugs go in Bugzilla!

[rac]

Has anybody managed to reproduce the bug yet?
_________________
For every higher wall, there is a taller ladder

[therobot]

I don't have that happening either.

[trapni]

[hanno]

I have also tested it and as expected, no bug there.
I think it's either a fake or the person has terribly misconfigurated his system (although i can't imagine how you could configure your system like that).

[Niek]

Hmmz, I've tested it here, but I can't reproduce it. Login and su do not accept random passwords.

[pbienst]

Well, it seems that we're at least two who had the same problem with the same solution:

https://forums.gentoo.org/viewtopic.php?t=6143&highlight=

Perhaps there's some additional variable as well which caused it to appear on ours systems but not on yours.

[shawnf]

hand raised.

PAM compiled with
"-march=pentium3 -O3 -pipe -mfpmath=sse -funroll-all-loops -fomit-frame-pointer -ffast-math -fprefetch-loop-arrays"
no password needed to get into system

PAM compiled with
"-march=pentium3 -O3 -pipe -mfpmath=sse"
password needed

I have verified this twice.

pbienst,

What flags did you use?

[pbienst]

[rac]

According to the GCC 3.1 documentation, the difference between -O2 and -O3 is -finline-functions and -frename-registers. So could it be an unhealthy interaction between one of those and either -funroll-all-loops or -fomit-frame-pointer? Perhaps also only on P3 arch?
_________________
For every higher wall, there is a taller ladder

[delta407]

It's probably not a function inlining or loop unrolling thing... hmm...

Does this happen when -ffast-math is disabled?
_________________
I don't believe in witty sigs.

[shawnf]

after some trial an error i am not able to reproduce this error when i take out "-funroll-all-loops" but leave in "-O3"

so
"-march=pentium3 -O3 -pipe -mfpmath=sse -fomit-frame-pointer -ffast-math -fprefetch-loop-arrays"
=OK

"-march=pentium3 -O3 -pipe -mfpmath=sse -funroll-all-loops -fomit-frame-pointer -ffast-math -fprefetch-loop-arrays"
=BAD

[Erik Andersson]

From the GCC manual:

-funroll-loops
Unroll loops whose number of iterations can be determined at compile time or upon entry to the loop. -funroll-loops implies both -fstrength-reduce and -frerun-cse-after-loop. This option makes code larger, and may or may not make it run faster.

-funroll-all-loops
Unroll all loops, even if their number of iterations is uncertain when the loop is entered. This usually makes programs run more slowly. -funroll-all-loops implies the same options as -funroll-loops

Since it usually makes it slower why did you use it in the first place?