Diagnosing Function Pointer Security Flaws with a GCC plugin

A few months ago, I had to write some internal GCC passes to perform static analysis on the GNU C Library (glibc). I figured I might as well write them as plugins since they were unlikely to see the light of day outside of my little sandbox. Being a long time GCC contributor, but having no experience writing plugins I thought it’d be a good way to eat our own dog food, and perhaps write about my experience.

Continue reading “Diagnosing Function Pointer Security Flaws with a GCC plugin”


Bootstrapping POWER8 little endian and common pitfalls

gnu logoEarlier this year I was asked to bootstrap our core tools (compiler, assembler, linker, and libraries) from the ground up, to help the rest of the team in providing enough infrastructure for bootstrapping an entire OS to POWER8 little endian.  Since I spend most of my days working on the upstream development of the GNU Compiler Collection (GCC), prior to this project I hadn’t actually worked much with either RHEL’s development processes or RPM as a whole.  So leading our effort to bootstrap the tools onto a new architecture required a lot of coming up to speed.

Not being one to shy away from learning an entire new infrastructure, I accepted, and so began a 6 month ordeal fighting with everything from the assembler to GNU Emacs. Having learned so much from this project, I thought it would be good to write some of it down, both for the curious, and to help in future bootstrapping efforts.

Consequently, I’d like to give an overview of how an OS is bootstrapped, and what insights I’ve learned that can help developers in designing packages that are easy to bootstrap and bring up in new architectures.

Continue reading “Bootstrapping POWER8 little endian and common pitfalls”