Date: Sun, 19 May 2024 14:10:49 +0000 (UTC) From: Pedro Giffuni <pfg@freebsd.org> To: Kyle Evans <kevans@freebsd.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@freebsd.org>, =?UTF-8?Q?J=C3=B6rg_Sonnenberger?= <joerg@bec.de> Cc: "src-committers@freebsd.org" <src-committers@freebsd.org>, "dev-commits-src-main@freebsd.org" <dev-commits-src-main@freebsd.org> Subject: Re: Re: git: be04fec42638 - main - Import _FORTIFY_SOURCE implementation from NetBSD Message-ID: <625859379.1707787.1716127849819@mail.yahoo.com> In-Reply-To: <4888579.OV4Wx5bFTl@britannica.bec.de> References: <02326b5e-a1fe-4411-a869-d21f9a76130c@email.android.com> <6276b721-6c7b-41cd-9d1b-4169e86ec5e9@FreeBSD.org> <1413980952.1357400.1716093599901@mail.yahoo.com> <4888579.OV4Wx5bFTl@britannica.bec.de>
next in thread | previous in thread | raw e-mail | index | archive | help
------=_Part_1707786_1868843335.1716127849818
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
For the record ...
When I was working on this, the default compiler on FreeBSD was still GCC 4=
.2 and the static checks worked fine with it but not on clang. The runtime =
checks worked fine on both.
Pedro.
On Sunday, May 19, 2024 at 12:11:15 AM GMT-5, J=C3=B6rg Sonnenberger <j=
oerg@bec.de> wrote: =20
=20
=20
On Sunday, May 19, 2024 6:39:59=E2=80=AFAM GMT+2 Pedro Giffuni wrote:
>=C2=A0 FWIW .. and let me be clear I haven't worked on this in ages and I =
am not planning to retake this either...
> clang just couldn't do the static=C2=A0 fortify_source checks=C2=A0 due t=
o the way llvm uses an intermediate representation; the size just couldn't =
be handled in the preprocessor.
That hasn't been true for a long time. __builtin_object_size is only
folded in the frontend if it absolutely has to because the context
requires an Integer Constant Expression, otherwise it is folded only
if the answer is definite. In all other cases it is left for the IR passes =
to
lower.
> fortify_source does replace some key libc functions with memory checking =
alternatives and that turns out to be annoying when debugging.
Since the wrapper functions are always_inline, they are pretty much invisib=
le to debuggers.
Joerg
=20
------=_Part_1707786_1868843335.1716127849818
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<html><head></head><body><div class=3D"ydp299eaf40yahoo-style-wrap" style=
=3D"font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px=
;"><div></div>
<div dir=3D"ltr" data-setdir=3D"false">For the record ...</div><div=
dir=3D"ltr" data-setdir=3D"false"><br></div><div dir=3D"ltr" data-setdir=
=3D"false">When I was working on this, the default compiler on FreeBSD was =
still GCC 4.2 and the static checks worked fine with it but not on clang. T=
he runtime checks worked fine on both.</div><div dir=3D"ltr" data-setdir=3D=
"false"><br></div><div dir=3D"ltr" data-setdir=3D"false">Pedro.</div><div><=
br></div>
=20
</div><div id=3D"ydp9829ee19yahoo_quoted_6179449898" class=3D"ydp98=
29ee19yahoo_quoted">
<div style=3D"font-family:'Helvetica Neue', Helvetica, Arial, s=
ans-serif;font-size:13px;color:#26282a;">
=20
<div>
On Sunday, May 19, 2024 at 12:11:15 AM GMT-5, J=C3=
=B6rg Sonnenberger <joerg@bec.de> wrote:
</div>
<div><br></div>
<div><br></div>
=20
=20
<div><div id=3D"ydp9829ee19yiv8319014117">
=20
<div><p style=3D"margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;=
">On Sunday, May 19, 2024 6:39:59=E2=80=AFAM GMT+2 Pedro Giffuni wrote:</p>
<p style=3D"margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">>=
; FWIW .. and let me be clear I haven't worked on this in ages and I =
am not planning to retake this either...</p>
<p style=3D"margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">>=
; clang just couldn't do the static fortify_source checks due t=
o the way llvm uses an intermediate representation; the size just couldn't =
be handled in the preprocessor.</p>
<br><p style=3D"margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;"=
>That hasn't been true for a long time. __builtin_object_size is only</p>
<p style=3D"margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">fol=
ded in the frontend if it absolutely has to because the context</p>
<p style=3D"margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">req=
uires an Integer Constant Expression, otherwise it is folded only</p>
<p style=3D"margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">if =
the answer is definite. In all other cases it is left for the IR passes to<=
/p>
<p style=3D"margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;">low=
er.</p>
<br><p style=3D"margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;"=
>> fortify_source does replace some key libc functions with memory check=
ing alternatives and that turns out to be annoying when debugging.</p>
<br><p style=3D"margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;"=
>Since the wrapper functions are always_inline, they are pretty much invisi=
ble to debuggers.</p>
<br><p style=3D"margin-top:0;margin-bottom:0;margin-left:0;margin-right:0;"=
>Joerg</p>
</div>
</div></div>
</div>
</div></body></html>
------=_Part_1707786_1868843335.1716127849818--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?625859379.1707787.1716127849819>