Site Navigation

Date:      Sun, 19 May 2024 14:10:49 +0000 (UTC)
From:      Pedro Giffuni <pfg@freebsd.org>
To:        Kyle Evans <kevans@freebsd.org>,  "dev-commits-src-all@freebsd.org" <dev-commits-src-all@freebsd.org>,  =?UTF-8?Q?J=C3=B6rg_Sonnenberger?= <joerg@bec.de>
Cc:        "src-committers@freebsd.org" <src-committers@freebsd.org>,  "dev-commits-src-main@freebsd.org" <dev-commits-src-main@freebsd.org>
Subject:   Re:  Re: git: be04fec42638 - main - Import _FORTIFY_SOURCE implementation from NetBSD
Message-ID:  <625859379.1707787.1716127849819@mail.yahoo.com>
In-Reply-To: <4888579.OV4Wx5bFTl@britannica.bec.de>
References:  <02326b5e-a1fe-4411-a869-d21f9a76130c@email.android.com> <6276b721-6c7b-41cd-9d1b-4169e86ec5e9@FreeBSD.org> <1413980952.1357400.1716093599901@mail.yahoo.com> <4888579.OV4Wx5bFTl@britannica.bec.de>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[-- Attachment #1 --]
 For the record ...
When I was working on this, the default compiler on FreeBSD was still GCC 4.2 and the static checks worked fine with it but not on clang. The runtime checks worked fine on both.
Pedro.
    On Sunday, May 19, 2024 at 12:11:15 AM GMT-5, Jörg Sonnenberger <joerg@bec.de> wrote:  
 
  
On Sunday, May 19, 2024 6:39:59 AM GMT+2 Pedro Giffuni wrote:

>  FWIW .. and let me be clear I haven't worked on this in ages and I am not planning to retake this either...

> clang just couldn't do the static  fortify_source checks  due to the way llvm uses an intermediate representation; the size just couldn't be handled in the preprocessor.


That hasn't been true for a long time. __builtin_object_size is only

folded in the frontend if it absolutely has to because the context

requires an Integer Constant Expression, otherwise it is folded only

if the answer is definite. In all other cases it is left for the IR passes to

lower.


> fortify_source does replace some key libc functions with memory checking alternatives and that turns out to be annoying when debugging.


Since the wrapper functions are always_inline, they are pretty much invisible to debuggers.


Joerg
  
[-- Attachment #2 --]
<html><head></head><body><div class="ydp299eaf40yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div></div>
        <div dir="ltr" data-setdir="false">For the record ...</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">When I was working on this, the default compiler on FreeBSD was still GCC 4.2 and the static checks worked fine with it but not on clang. The runtime checks worked fine on both.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Pedro.</div><div><br></div>
        
        </div><div id="ydp9829ee19yahoo_quoted_6179449898" class="ydp9829ee19yahoo_quoted">
            <div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
                
                <div>
                        On Sunday, May 19, 2024 at 12:11:15 AM GMT-5, Jörg Sonnenberger &lt;joerg@bec.de&gt; wrote:
                    </div>
                    <div><br></div>
                    <div><br></div>
                
                
                <div><div id="ydp9829ee19yiv8319014117">

 

<div><p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">On Sunday, May 19, 2024 6:39:59 AM GMT+2 Pedro Giffuni wrote:</p>
<p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">&gt;&nbsp; FWIW .. and let me be clear I haven't worked on this in ages and I am not planning to retake this either...</p>
<p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">&gt; clang just couldn't do the static&nbsp; fortify_source checks&nbsp; due to the way llvm uses an intermediate representation; the size just couldn't be handled in the preprocessor.</p>
<br><p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">That hasn't been true for a long time. __builtin_object_size is only</p>
<p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">folded in the frontend if it absolutely has to because the context</p>
<p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">requires an Integer Constant Expression, otherwise it is folded only</p>
<p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">if the answer is definite. In all other cases it is left for the IR passes to</p>
<p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">lower.</p>
<br><p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">&gt; fortify_source does replace some key libc functions with memory checking alternatives and that turns out to be annoying when debugging.</p>
<br><p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">Since the wrapper functions are always_inline, they are pretty much invisible to debuggers.</p>
<br><p style="margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">Joerg</p>
</div>
</div></div>
            </div>
        </div></body></html>

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?625859379.1707787.1716127849819>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact