I'm running bitcoin on hardened Gentoo. Everything works short of generation. If I understand the conversation so far, some optimizations fail on hardened systems, but if they are disabled, generation will likely work. On the other hand, the integrity of the network as a whole is bolstered by legitimate clients working efficiently, so removing optimization will probably be a net loss.
How about a compile-time switch? It's not uncommon for optimized code to get along poorly with hardening measures. I'm not familiar with the code base, let alone the developers, so I couldn't intelligently guess about the tradeoffs involved, but it seems to me that it would make sense to include a toggle that defaults to "optimize" (current condition), but can be flipped to "just do it the slow ugly way". That way I could contribute my CPU cycles (if somewhat inefficiently), and the vast majority of the rest of the world, who don't run extremely hardened systems, don't have to be drastically affected. Ideally that could trickle down to a Gentoo USE flag.
I'll be happy to help with testing, provide traces, etc. My system is protected by ASLR, non-executable stacks, GCC's stack-smashing protection, and any other bit I could flip in the kernel or elsewhere to harden the system, excluding mandatory access control (so no selinux, grsecurity, etc). If it runs on my rig, it should run anywhere.
If I disappear, my email username is aabugher, provider is gmail.
