当前位置: 动力学知识库 > 问答 > 编程问答 >

c++ - Are compilers built with previous version of themselves protected from code injection?

问题描述:

I was wondering if today's modern compilers like MS cc, gcc, clang, icc, newer versions were built with the current version of the same compiler?

Because of course of this risk:

http://scienceblogs.com/goodmath/2007/04/15/strange-loops-dennis-ritchie-a/

http://c2.com/cgi/wiki?TheKenThompsonHack

I'm sure everyone involved with the afore-mentioned compilers' development knows about this issue, whereby code is injected into the compiler by an earlier version of itself and propagates invisibly.

Now the real problem, is not really one of backdoors, but much more about code generation correctness isn't it ? How about if somewhere in the build chain some pervert twist was introduced by pure mistake, and today's compiler generate incorrect code, even if the compiler's source look OK, because of the Ken Thompson's flaw?

So if they are built with themselves, how do they protect themselves?

网友答案:

I was wondering if today's modern compilers like MS cc, gcc, clang, icc, newer versions were built with the current version of the same compiler?

The Roslyn C# compiler can build itself; in fact, it is one of its own best test cases. Of course it could not do so on day one or even day 100; it was built with the previous version of the C# compiler, which was written in C++.

How about if somewhere in the build chain some pervert twist was introduced by pure mistake, and today's compiler generate incorrect code, even if the compiler's source look OK

This is a serious concern.

One of the interesting ways you can look for a bug in a self-building compiler is as follows: call the original not-self-building compiler Alpha. Build the new source code with Alpha to produce Beta. Then have Beta build the source code to produce Gamma. Then have Gamma build the source code to produce Delta. If there are significant differences in the binaries produced for Gamma and Delta, you likely have a problem. Beta and Gamma should have the same outputs given the same inputs. (C# in particular does not promise that compiling the same code twice produces exactly the same binary, so you've got to be careful to make sure that your test is sophisticated enough to take that into account.)

The way you mitigate this risk is of course the same way you mitigate any risk associated with bad tools: you check in various versions of the compiler tools into the repository, so that you can roll back to a previous known-good version of the compiler should you need to. And you test the compiler heavily.

网友答案:

In general the answer is 'yes', for compilers implemented in their own languages. Building the compiler with itself is one of the best tests for correctness. Successive runs should keep producing the same binary. 'GC' for example is built with a four-stage bootstrap process.

Of course some languages can't be used for compiler-writing.

EDIT It should be made clear that this answer was posted when the substantive question was "Are compilers built with previous version of themselves?" It has subsequently been changed.

分享给朋友:
您可能感兴趣的文章:
随机阅读: