[PATCH] D51956: lld-link: Set PDB GUID to hash of PDB contents instead of to a random byte sequence.
Rui Ueyama via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Sep 14 10:39:07 PDT 2018
ruiu added inline comments.
================
Comment at: llvm/lib/DebugInfo/PDB/Native/PDBFileBuilder.cpp:28
#include "llvm/Support/Path.h"
+#include "llvm/Support/xxhash.h"
----------------
thakis wrote:
> ruiu wrote:
> > As long as you are using a non-crypto hash function, there is a risk of generating the same build id, and the probability is not negligible if you have a lot of executables due to the birthday problem. Is this okay?
> The 8 byte hash still gives decent hash collision resistance for up to 2**32 different pdb files, and since pdbs are keyed by executable name on the symbol server that's per binary. Projects tend to have far fewer revisions than 4 billion. Does that make sense?
Maybe it is safe. But what could happen if two executables have the same hash? Since xxhash is not cryptographically-safe, you could easily generate two executables having the same ID. Is there any security risks or something caused by that possibility? If the probability is small and the result of hash collision is not that bad, xxhash is probably okay.
https://reviews.llvm.org/D51956
More information about the llvm-commits
mailing list