| 1 |
Thanks for the link! It's clear now. You need a recent CPU and a recent |
| 2 |
gcc to trigger this. |
| 3 |
-- |
| 4 |
dr Tóth Attila, Radiológus, 06-20-825-8057 |
| 5 |
Attila Toth MD, Radiologist, +36-20-825-8057 |
| 6 |
|
| 7 |
2012.Február 19.(V) 23:01 időpontban Hinnerk van Bruinehsen ezt írta: |
| 8 |
> -----BEGIN PGP SIGNED MESSAGE----- |
| 9 |
> Hash: SHA1 |
| 10 |
> |
| 11 |
> On 19.02.2012 20:06, "Tóth Attila" wrote: |
| 12 |
>> The email I replied to was originally posted by "Hinnerk van |
| 13 |
>> Bruinehsen". |
| 14 |
>> |
| 15 |
>> Let's see my question in details, that might clarify it. Here is |
| 16 |
>> the part of the ebuild I'm asking questions about: |
| 17 |
>> |
| 18 |
>> " if [[ $(gcc-major-version) -lt 4 ]]; then append-cxxflags |
| 19 |
>> -fno-stack-protector elif [[ $(gcc-major-version) -gt 4 || |
| 20 |
>> $(gcc-minor-version) -gt 3 ]]; then if use amd64 || use x86; then |
| 21 |
>> append-flags -mno-avx fi fi " |
| 22 |
>> |
| 23 |
>> Break it down: |
| 24 |
>> |
| 25 |
>> " if [[ $(gcc-major-version) -lt 4 ]]; then append-cxxflags |
| 26 |
>> -fno-stack-protector " The first part is a historical remnant from |
| 27 |
>> times before Zorry. We used gcc-3.4.6 for a long time. It used a |
| 28 |
>> different implementation for SSP. |
| 29 |
>> |
| 30 |
>> " elif [[ $(gcc-major-version) -gt 4 || $(gcc-minor-version) -gt 3 |
| 31 |
>> ]]; then if use amd64 || use x86; then append-flags -mno-avx fi fi |
| 32 |
>> " |
| 33 |
>> |
| 34 |
>> The second part disables avx optimisations if the gcc version is |
| 35 |
>> newer than 4.3. However avx support isn't around so long and it's |
| 36 |
>> not mature. Avx is an instruction set extension, that is getting |
| 37 |
>> some attention lately. I'm lucky to have a system, with a capable |
| 38 |
>> processor. The block disabling the optimisations resides right |
| 39 |
>> besides the stack-protector statement. That's why I thought some |
| 40 |
>> hardened floks put it there. And I'm curious about the reason. |
| 41 |
>> |
| 42 |
>> Of course it might be simply there, because enabling avx |
| 43 |
>> optimizations can actually decrease performance. Like you can see |
| 44 |
>> it here: |
| 45 |
>> http://www.phoronix.com/scan.php?page=article&item=intel_avx_gcc&num=1 |
| 46 |
>> |
| 47 |
>> Security is more important for me compared to speed. That's why |
| 48 |
>> I'm interested in any security effect of a compiler option (like |
| 49 |
>> creating textrels or so). If it's a security problem, I won't use |
| 50 |
>> corei7-avx, but rather go for simple corei7. |
| 51 |
>> |
| 52 |
>> Regards: Dw. |
| 53 |
> |
| 54 |
> Update: according to [1] it's not security related, but a bug with |
| 55 |
> mozilla and the avx-extensions. It simply doesn't work together. Since |
| 56 |
> I have no Sandy Bridge CPU I'm not able to test anythin else... |
| 57 |
> |
| 58 |
> |
| 59 |
> |
| 60 |
> |
| 61 |
> [1] http://forums.gentoo.org/viewtopic-t-893300-start-0.html |
| 62 |
> |
| 63 |
> -----BEGIN PGP SIGNATURE----- |
| 64 |
> Version: GnuPG v2.0.18 (GNU/Linux) |
| 65 |
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ |
| 66 |
> |
| 67 |
> iQEcBAEBAgAGBQJPQXFVAAoJEJwwOFaNFkYclboIAI4QIEs8IM8jQ8VU7b625qE8 |
| 68 |
> q+G8kMyJR20V/0Etywv2uM54/gUuwNR/mP0YgEW9Bj7yuvAbpXKQPp1R7kXjFzyq |
| 69 |
> xNWRYNm6vMlByuakFoYzoB6w7CqqTFVG3dbnujdiVZJVG/+fDM0y/y0MWXIwl6VM |
| 70 |
> Ng5R5kfzTll/yyp4nYPuAoUinLEAgZy20UOgQJqU33y+AoDdoG4YwqFIrO9FkBFe |
| 71 |
> ewRLfrwuKpr/+KCm6hvEqavfv32bg5NJMPSAusYIfFSlftNzqoxoxSvVnzanp509 |
| 72 |
> pde3CaSrMjUux5u6kR/IjJlnKP0lgwVr5kntkErSG3edV8YFXRRfFVrIF6chlvM= |
| 73 |
> =o5MX |
| 74 |
> -----END PGP SIGNATURE----- |
| 75 |
> |
| 76 |
> |
Archives