[PATCH v7 0/4] _FORTIFY_SOURCE=3

[PATCH v7 0/4] _FORTIFY_SOURCE=3

[Siddhesh Poyarekar]

This patchset implements a new fortification level, _FORTIFY_SOURCE=3.
This level allows size information to be dynamic, which may potentially
have a noticeable performance impact.  It uses the
__builtin_dynamic_object_size builtin available in clang to expand
coverage of fortifications at the expense of some performance.

Patch 1/4 adds a warning on unsupported _FORTIFY_LEVEL values.  This
change can go in independently of the new fortification level.

Patch 2/4 adds the macro scaffolding to allow the new _FORTIFY_SOURCE
level and to select the __builtin_dynamic_object_size builtin when it is
available.

Patch 3/4 adds support for string functions; these functions have
additional fortified builtins of the form __builtin___func_chk.

Patch 4/4 adds support for non-string functions that are
fortification-ready for levels 1 and 2.

Testing:

The glibc testsuite doesn't directly support clang at the moment, so
having tests in the glibc source tree is pointless as long as gcc does
not have support for __builtin_dynamic_object_size.  There is a separate
project on GitHub called fortify-test-suite[1] that houses fortification
tests and is capable of testing multiple levels of fortification with
multiple compilers.  I have proposed a PR[2] to add support for
_FORTIFY_SOURCE=3 and have verified my changes with those tests.

Those tests run clean for clang when run with these changes and PR[2]
and they fail at level 3 for gcc, as expected.

[1] https://github.com/serge-sans-paille/fortify-test-suite
[2] https://github.com/serge-sans-paille/fortify-test-suite/pull/9

Changes since last version of the patchset:

- Split out patches as suggested during review
- Renamed __objsize to __glibc_objsize

Siddhesh Poyarekar (4):
  Warn on unsupported fortification levels
  Introduce _FORTIFY_SOURCE=3
  string: Enable __FORTIFY_LEVEL=3
  nonstring: Enable __FORTIFY_LEVEL=3

 NEWS                            |   6 ++
 include/features.h              |   8 ++
 include/string.h                |   5 +-
 io/bits/poll2.h                 |  18 ++--
 libio/bits/stdio.h              |   2 +-
 libio/bits/stdio2.h             |  62 ++++++++------
 manual/creature.texi            |   3 +-
 misc/sys/cdefs.h                |   9 ++
 posix/bits/unistd.h             | 120 ++++++++++++++------------
 socket/bits/socket2.h           |  22 ++---
 stdlib/bits/stdlib.h            |  42 +++++----
 string/bits/string_fortified.h  |  29 ++++---
 string/bits/strings_fortified.h |   6 +-
 wcsmbs/bits/wchar2.h            | 146 ++++++++++++++++++--------------
 14 files changed, 279 insertions(+), 199 deletions(-)

-- 
2.29.2

[PATCH v7 1/4] Warn on unsupported fortification levels

[Siddhesh Poyarekar]

Make the _FORTIFY_SOURCE macro soup in features.h warn about
unsupported fortification levels.  For example, it will warn about
_FORTIFY_SOURCE=3 and over with an indication of which level has been
selected.

Co-authored-by: Paul Eggert <eggert@cs.ucla.edu>
---
 NEWS                 | 6 ++++++
 include/features.h   | 3 +++
 manual/creature.texi | 3 ++-
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index 86e05fb023..8e02dbd0f7 100644
--- a/NEWS
+++ b/NEWS
@@ -28,6 +28,12 @@ Major new features:
   The 32-bit RISC-V port requires at least Linux 5.4, GCC 7.1 and binutils
   2.28.
 
+* A new fortification level _FORTIFY_SOURCE=3 is available.  At this level,
+  glibc may use additional checks that may have an additional performance
+  overhead.  At present these checks are available only on LLVM 9 and later.
+  The latest GCC available at this time (10.2) does not support this level of
+  fortification.
+
 Deprecated and removed features, and other changes affecting compatibility:
 
 * The mallinfo function is marked deprecated.  Callers should call
diff --git a/include/features.h b/include/features.h
index f3e62d3362..540230b90b 100644
--- a/include/features.h
+++ b/include/features.h
@@ -398,6 +398,9 @@
 # elif !__GNUC_PREREQ (4, 1)
 #  warning _FORTIFY_SOURCE requires GCC 4.1 or later
 # elif _FORTIFY_SOURCE > 1
+#  if _FORTIFY_SOURCE > 2
+#   warning _FORTIFY_SOURCE > 2 is treated like 2 on this platform
+#  endif
 #  define __USE_FORTIFY_LEVEL 2
 # else
 #  define __USE_FORTIFY_LEVEL 1
diff --git a/manual/creature.texi b/manual/creature.texi
index be5050468b..31208ccb2b 100644
--- a/manual/creature.texi
+++ b/manual/creature.texi
@@ -254,7 +254,8 @@ included.
 @standards{GNU, (none)}
 If this macro is defined to @math{1}, security hardening is added to
 various library functions.  If defined to @math{2}, even stricter
-checks are applied.
+checks are applied. If defined to @math{3}, @theglibc{} may also use
+checks that may have an additional performance overhead.
 @end defvr
 
 @defvr Macro _REENTRANT
-- 
2.29.2

Re: [PATCH v7 1/4] Warn on unsupported fortification levels

[Adhemerval Zanella]

On 30/12/2020 03:43, Siddhesh Poyarekar wrote:
> Make the _FORTIFY_SOURCE macro soup in features.h warn about
> unsupported fortification levels.  For example, it will warn about
> _FORTIFY_SOURCE=3 and over with an indication of which level has been
> selected.
> 
> Co-authored-by: Paul Eggert <eggert@cs.ucla.edu>

LGTM, although I think the NEWS entry should move to the second patch.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>

> ---
>  NEWS                 | 6 ++++++
>  include/features.h   | 3 +++
>  manual/creature.texi | 3 ++-
>  3 files changed, 11 insertions(+), 1 deletion(-)
> 
> diff --git a/NEWS b/NEWS
> index 86e05fb023..8e02dbd0f7 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -28,6 +28,12 @@ Major new features:
>    The 32-bit RISC-V port requires at least Linux 5.4, GCC 7.1 and binutils
>    2.28.
>  
> +* A new fortification level _FORTIFY_SOURCE=3 is available.  At this level,
> +  glibc may use additional checks that may have an additional performance
> +  overhead.  At present these checks are available only on LLVM 9 and later.
> +  The latest GCC available at this time (10.2) does not support this level of
> +  fortification.
> +
>  Deprecated and removed features, and other changes affecting compatibility:
>  
>  * The mallinfo function is marked deprecated.  Callers should call

Maybe move this NEWS entry to second patch, where this is actually enabled?

> diff --git a/include/features.h b/include/features.h
> index f3e62d3362..540230b90b 100644
> --- a/include/features.h
> +++ b/include/features.h
> @@ -398,6 +398,9 @@
>  # elif !__GNUC_PREREQ (4, 1)
>  #  warning _FORTIFY_SOURCE requires GCC 4.1 or later
>  # elif _FORTIFY_SOURCE > 1
> +#  if _FORTIFY_SOURCE > 2
> +#   warning _FORTIFY_SOURCE > 2 is treated like 2 on this platform
> +#  endif
>  #  define __USE_FORTIFY_LEVEL 2
>  # else
>  #  define __USE_FORTIFY_LEVEL 1
> diff --git a/manual/creature.texi b/manual/creature.texi
> index be5050468b..31208ccb2b 100644
> --- a/manual/creature.texi
> +++ b/manual/creature.texi
> @@ -254,7 +254,8 @@ included.
>  @standards{GNU, (none)}
>  If this macro is defined to @math{1}, security hardening is added to
>  various library functions.  If defined to @math{2}, even stricter
> -checks are applied.
> +checks are applied. If defined to @math{3}, @theglibc{} may also use
> +checks that may have an additional performance overhead.
>  @end defvr
>  
>  @defvr Macro _REENTRANT
> 

Re: [PATCH v7 1/4] Warn on unsupported fortification levels

[Siddhesh Poyarekar]

On 12/31/20 4:15 PM, Adhemerval Zanella wrote:
> 
> 
> On 30/12/2020 03:43, Siddhesh Poyarekar wrote:
>> Make the _FORTIFY_SOURCE macro soup in features.h warn about
>> unsupported fortification levels.  For example, it will warn about
>> _FORTIFY_SOURCE=3 and over with an indication of which level has been
>> selected.
>>
>> Co-authored-by: Paul Eggert <eggert@cs.ucla.edu>
> 
> LGTM, although I think the NEWS entry should move to the second patch.
> 

Oops, yes.  I've moved the creatures.texi as well as NEWS content to 2/4 
before commit.

Thanks,
Siddhesh

[PATCH v7 2/4] Introduce _FORTIFY_SOURCE=3

[Siddhesh Poyarekar]

Introduce a new _FORTIFY_SOURCE level of 3 to enable additional
fortifications that may have a noticeable performance impact, allowing
more fortification coverage at the cost of some performance.

With llvm 9.0 or later, this will replace the use of
__builtin_object_size with __builtin_dynamic_object_size.

__builtin_dynamic_object_size
-----------------------------

__builtin_dynamic_object_size is an LLVM builtin that is similar to
__builtin_object_size.  In addition to what __builtin_object_size
does, i.e. replace the builtin call with a constant object size,
__builtin_dynamic_object_size will replace the call site with an
expression that evaluates to the object size, thus expanding its
applicability.  In practice, __builtin_dynamic_object_size evaluates
these expressions through malloc/calloc calls that it can associate
with the object being evaluated.

A simple motivating example is below; -D_FORTIFY_SOURCE=2 would miss
this and emit memcpy, but -D_FORTIFY_SOURCE=3 with the help of
__builtin_dynamic_object_size is able to emit __memcpy_chk with the
allocation size expression passed into the function:

void *copy_obj (const void *src, size_t alloc, size_t copysize)
{
  void *obj = malloc (alloc);
  memcpy (obj, src, copysize);
  return obj;
}

Limitations
-----------

If the object was allocated elsewhere that the compiler cannot see, or
if it was allocated in the function with a function that the compiler
does not recognize as an allocator then __builtin_dynamic_object_size
also returns -1.

Further, the expression used to compute object size may be non-trivial
and may potentially incur a noticeable performance impact.  These
fortifications are hence enabled at a new _FORTIFY_SOURCE level to
allow developers to make a choice on the tradeoff according to their
environment.
---
 include/features.h | 5 +++++
 misc/sys/cdefs.h   | 9 +++++++++
 2 files changed, 14 insertions(+)

diff --git a/include/features.h b/include/features.h
index 540230b90b..066eb0eecd 100644
--- a/include/features.h
+++ b/include/features.h
@@ -397,6 +397,11 @@
 #  warning _FORTIFY_SOURCE requires compiling with optimization (-O)
 # elif !__GNUC_PREREQ (4, 1)
 #  warning _FORTIFY_SOURCE requires GCC 4.1 or later
+# elif _FORTIFY_SOURCE > 2 && __glibc_clang_prereq (9, 0)
+#  if _FORTIFY_SOURCE > 3
+#   warning _FORTIFY_SOURCE > 3 is treated like 3 on this platform
+#  endif
+#  define __USE_FORTIFY_LEVEL 3
 # elif _FORTIFY_SOURCE > 1
 #  if _FORTIFY_SOURCE > 2
 #   warning _FORTIFY_SOURCE > 2 is treated like 2 on this platform
diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h
index a06f1cfd91..5fb6e309be 100644
--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
@@ -127,6 +127,15 @@
 #define __bos(ptr) __builtin_object_size (ptr, __USE_FORTIFY_LEVEL > 1)
 #define __bos0(ptr) __builtin_object_size (ptr, 0)
 
+/* Use __builtin_dynamic_object_size at _FORTIFY_SOURCE=3 when available.  */
+#if __USE_FORTIFY_LEVEL == 3 && __glibc_clang_prereq (9, 0)
+# define __glibc_objsize0(__o) __builtin_dynamic_object_size (__o, 0)
+# define __glibc_objsize(__o) __builtin_dynamic_object_size (__o, 1)
+#else
+# define __glibc_objsize0(__o) __bos0 (__o)
+# define __glibc_objsize(__o) __bos (__o)
+#endif
+
 #if __GNUC_PREREQ (4,3)
 # define __warnattr(msg) __attribute__((__warning__ (msg)))
 # define __errordecl(name, msg) \
-- 
2.29.2

Re: [PATCH v7 2/4] Introduce _FORTIFY_SOURCE=3

[Adhemerval Zanella]

On 30/12/2020 03:43, Siddhesh Poyarekar wrote:
> Introduce a new _FORTIFY_SOURCE level of 3 to enable additional
> fortifications that may have a noticeable performance impact, allowing
> more fortification coverage at the cost of some performance.
> 
> With llvm 9.0 or later, this will replace the use of
> __builtin_object_size with __builtin_dynamic_object_size.
> 
> __builtin_dynamic_object_size
> -----------------------------
> 
> __builtin_dynamic_object_size is an LLVM builtin that is similar to
> __builtin_object_size.  In addition to what __builtin_object_size
> does, i.e. replace the builtin call with a constant object size,
> __builtin_dynamic_object_size will replace the call site with an
> expression that evaluates to the object size, thus expanding its
> applicability.  In practice, __builtin_dynamic_object_size evaluates
> these expressions through malloc/calloc calls that it can associate
> with the object being evaluated.
> 
> A simple motivating example is below; -D_FORTIFY_SOURCE=2 would miss
> this and emit memcpy, but -D_FORTIFY_SOURCE=3 with the help of
> __builtin_dynamic_object_size is able to emit __memcpy_chk with the
> allocation size expression passed into the function:
> 
> void *copy_obj (const void *src, size_t alloc, size_t copysize)
> {
>   void *obj = malloc (alloc);
>   memcpy (obj, src, copysize);
>   return obj;
> }
> 
> Limitations
> -----------
> 
> If the object was allocated elsewhere that the compiler cannot see, or
> if it was allocated in the function with a function that the compiler
> does not recognize as an allocator then __builtin_dynamic_object_size
> also returns -1.
> 
> Further, the expression used to compute object size may be non-trivial
> and may potentially incur a noticeable performance impact.  These
> fortifications are hence enabled at a new _FORTIFY_SOURCE level to
> allow developers to make a choice on the tradeoff according to their
> environment.

LGTM, thanks.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>

> ---
>  include/features.h | 5 +++++
>  misc/sys/cdefs.h   | 9 +++++++++
>  2 files changed, 14 insertions(+)
> 
> diff --git a/include/features.h b/include/features.h
> index 540230b90b..066eb0eecd 100644
> --- a/include/features.h
> +++ b/include/features.h
> @@ -397,6 +397,11 @@
>  #  warning _FORTIFY_SOURCE requires compiling with optimization (-O)
>  # elif !__GNUC_PREREQ (4, 1)
>  #  warning _FORTIFY_SOURCE requires GCC 4.1 or later
> +# elif _FORTIFY_SOURCE > 2 && __glibc_clang_prereq (9, 0)
> +#  if _FORTIFY_SOURCE > 3
> +#   warning _FORTIFY_SOURCE > 3 is treated like 3 on this platform
> +#  endif
> +#  define __USE_FORTIFY_LEVEL 3
>  # elif _FORTIFY_SOURCE > 1
>  #  if _FORTIFY_SOURCE > 2
>  #   warning _FORTIFY_SOURCE > 2 is treated like 2 on this platform
> diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h
> index a06f1cfd91..5fb6e309be 100644
> --- a/misc/sys/cdefs.h
> +++ b/misc/sys/cdefs.h
> @@ -127,6 +127,15 @@
>  #define __bos(ptr) __builtin_object_size (ptr, __USE_FORTIFY_LEVEL > 1)
>  #define __bos0(ptr) __builtin_object_size (ptr, 0)
>  
> +/* Use __builtin_dynamic_object_size at _FORTIFY_SOURCE=3 when available.  */
> +#if __USE_FORTIFY_LEVEL == 3 && __glibc_clang_prereq (9, 0)
> +# define __glibc_objsize0(__o) __builtin_dynamic_object_size (__o, 0)
> +# define __glibc_objsize(__o) __builtin_dynamic_object_size (__o, 1)
> +#else
> +# define __glibc_objsize0(__o) __bos0 (__o)
> +# define __glibc_objsize(__o) __bos (__o)
> +#endif
> +
>  #if __GNUC_PREREQ (4,3)
>  # define __warnattr(msg) __attribute__((__warning__ (msg)))
>  # define __errordecl(name, msg) \
> 

[PATCH v7 3/4] string: Enable __FORTIFY_LEVEL=3

[Siddhesh Poyarekar]

This change enhances fortified string functions to use
__builtin_dynamic_object_size under _FORTIFY_SOURCE=3 whenever the
compiler supports it.
---
 include/string.h                |  5 +++--
 string/bits/string_fortified.h  | 29 ++++++++++++++++++-----------
 string/bits/strings_fortified.h |  6 ++++--
 3 files changed, 25 insertions(+), 15 deletions(-)

diff --git a/include/string.h b/include/string.h
index 7d344d77d4..81dab39891 100644
--- a/include/string.h
+++ b/include/string.h
@@ -123,10 +123,11 @@ libc_hidden_proto (__strerror_l)
 void __explicit_bzero_chk_internal (void *, size_t, size_t)
   __THROW __nonnull ((1)) attribute_hidden;
 # define explicit_bzero(buf, len) \
-  __explicit_bzero_chk_internal (buf, len, __bos0 (buf))
+  __explicit_bzero_chk_internal (buf, len, __glibc_objsize0 (buf))
 #elif !IS_IN (nonlib)
 void __explicit_bzero_chk (void *, size_t, size_t) __THROW __nonnull ((1));
-# define explicit_bzero(buf, len) __explicit_bzero_chk (buf, len, __bos0 (buf))
+# define explicit_bzero(buf, len) __explicit_bzero_chk (buf, len,	      \
+							__glibc_objsize0 (buf))
 #endif
 
 libc_hidden_builtin_proto (memchr)
diff --git a/string/bits/string_fortified.h b/string/bits/string_fortified.h
index 4c1aeb45f1..92d75f10fa 100644
--- a/string/bits/string_fortified.h
+++ b/string/bits/string_fortified.h
@@ -26,13 +26,15 @@ __fortify_function void *
 __NTH (memcpy (void *__restrict __dest, const void *__restrict __src,
 	       size_t __len))
 {
-  return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));
+  return __builtin___memcpy_chk (__dest, __src, __len,
+				 __glibc_objsize0 (__dest));
 }
 
 __fortify_function void *
 __NTH (memmove (void *__dest, const void *__src, size_t __len))
 {
-  return __builtin___memmove_chk (__dest, __src, __len, __bos0 (__dest));
+  return __builtin___memmove_chk (__dest, __src, __len,
+				  __glibc_objsize0 (__dest));
 }
 
 #ifdef __USE_GNU
@@ -40,7 +42,8 @@ __fortify_function void *
 __NTH (mempcpy (void *__restrict __dest, const void *__restrict __src,
 		size_t __len))
 {
-  return __builtin___mempcpy_chk (__dest, __src, __len, __bos0 (__dest));
+  return __builtin___mempcpy_chk (__dest, __src, __len,
+				  __glibc_objsize0 (__dest));
 }
 #endif
 
@@ -53,7 +56,8 @@ __NTH (mempcpy (void *__restrict __dest, const void *__restrict __src,
 __fortify_function void *
 __NTH (memset (void *__dest, int __ch, size_t __len))
 {
-  return __builtin___memset_chk (__dest, __ch, __len, __bos0 (__dest));
+  return __builtin___memset_chk (__dest, __ch, __len,
+				 __glibc_objsize0 (__dest));
 }
 
 #ifdef __USE_MISC
@@ -65,21 +69,21 @@ void __explicit_bzero_chk (void *__dest, size_t __len, size_t __destlen)
 __fortify_function void
 __NTH (explicit_bzero (void *__dest, size_t __len))
 {
-  __explicit_bzero_chk (__dest, __len, __bos0 (__dest));
+  __explicit_bzero_chk (__dest, __len, __glibc_objsize0 (__dest));
 }
 #endif
 
 __fortify_function char *
 __NTH (strcpy (char *__restrict __dest, const char *__restrict __src))
 {
-  return __builtin___strcpy_chk (__dest, __src, __bos (__dest));
+  return __builtin___strcpy_chk (__dest, __src, __glibc_objsize (__dest));
 }
 
 #ifdef __USE_GNU
 __fortify_function char *
 __NTH (stpcpy (char *__restrict __dest, const char *__restrict __src))
 {
-  return __builtin___stpcpy_chk (__dest, __src, __bos (__dest));
+  return __builtin___stpcpy_chk (__dest, __src, __glibc_objsize (__dest));
 }
 #endif
 
@@ -88,14 +92,16 @@ __fortify_function char *
 __NTH (strncpy (char *__restrict __dest, const char *__restrict __src,
 		size_t __len))
 {
-  return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
+  return __builtin___strncpy_chk (__dest, __src, __len,
+				  __glibc_objsize (__dest));
 }
 
 #if __GNUC_PREREQ (4, 7) || __glibc_clang_prereq (2, 6)
 __fortify_function char *
 __NTH (stpncpy (char *__dest, const char *__src, size_t __n))
 {
-  return __builtin___stpncpy_chk (__dest, __src, __n, __bos (__dest));
+  return __builtin___stpncpy_chk (__dest, __src, __n,
+				  __glibc_objsize (__dest));
 }
 #else
 extern char *__stpncpy_chk (char *__dest, const char *__src, size_t __n,
@@ -118,7 +124,7 @@ __NTH (stpncpy (char *__dest, const char *__src, size_t __n))
 __fortify_function char *
 __NTH (strcat (char *__restrict __dest, const char *__restrict __src))
 {
-  return __builtin___strcat_chk (__dest, __src, __bos (__dest));
+  return __builtin___strcat_chk (__dest, __src, __glibc_objsize (__dest));
 }
 
 
@@ -126,7 +132,8 @@ __fortify_function char *
 __NTH (strncat (char *__restrict __dest, const char *__restrict __src,
 		size_t __len))
 {
-  return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
+  return __builtin___strncat_chk (__dest, __src, __len,
+				  __glibc_objsize (__dest));
 }
 
 #endif /* bits/string_fortified.h */
diff --git a/string/bits/strings_fortified.h b/string/bits/strings_fortified.h
index d4091f4f69..7752faf4e3 100644
--- a/string/bits/strings_fortified.h
+++ b/string/bits/strings_fortified.h
@@ -22,13 +22,15 @@
 __fortify_function void
 __NTH (bcopy (const void *__src, void *__dest, size_t __len))
 {
-  (void) __builtin___memmove_chk (__dest, __src, __len, __bos0 (__dest));
+  (void) __builtin___memmove_chk (__dest, __src, __len,
+				  __glibc_objsize0 (__dest));
 }
 
 __fortify_function void
 __NTH (bzero (void *__dest, size_t __len))
 {
-  (void) __builtin___memset_chk (__dest, '\0', __len, __bos0 (__dest));
+  (void) __builtin___memset_chk (__dest, '\0', __len,
+				 __glibc_objsize0 (__dest));
 }
 
 #endif
-- 
2.29.2

Re: [PATCH v7 3/4] string: Enable __FORTIFY_LEVEL=3

[Adhemerval Zanella]

On 30/12/2020 03:43, Siddhesh Poyarekar wrote:
> This change enhances fortified string functions to use
> __builtin_dynamic_object_size under _FORTIFY_SOURCE=3 whenever the
> compiler supports it.

LGTM, thanks.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>

> ---
>  include/string.h                |  5 +++--
>  string/bits/string_fortified.h  | 29 ++++++++++++++++++-----------
>  string/bits/strings_fortified.h |  6 ++++--
>  3 files changed, 25 insertions(+), 15 deletions(-)
> 
> diff --git a/include/string.h b/include/string.h
> index 7d344d77d4..81dab39891 100644
> --- a/include/string.h
> +++ b/include/string.h
> @@ -123,10 +123,11 @@ libc_hidden_proto (__strerror_l)
>  void __explicit_bzero_chk_internal (void *, size_t, size_t)
>    __THROW __nonnull ((1)) attribute_hidden;
>  # define explicit_bzero(buf, len) \
> -  __explicit_bzero_chk_internal (buf, len, __bos0 (buf))
> +  __explicit_bzero_chk_internal (buf, len, __glibc_objsize0 (buf))
>  #elif !IS_IN (nonlib)
>  void __explicit_bzero_chk (void *, size_t, size_t) __THROW __nonnull ((1));
> -# define explicit_bzero(buf, len) __explicit_bzero_chk (buf, len, __bos0 (buf))
> +# define explicit_bzero(buf, len) __explicit_bzero_chk (buf, len,	      \
> +							__glibc_objsize0 (buf))
>  #endif
>  
>  libc_hidden_builtin_proto (memchr)
> diff --git a/string/bits/string_fortified.h b/string/bits/string_fortified.h
> index 4c1aeb45f1..92d75f10fa 100644
> --- a/string/bits/string_fortified.h
> +++ b/string/bits/string_fortified.h
> @@ -26,13 +26,15 @@ __fortify_function void *
>  __NTH (memcpy (void *__restrict __dest, const void *__restrict __src,
>  	       size_t __len))
>  {
> -  return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));
> +  return __builtin___memcpy_chk (__dest, __src, __len,
> +				 __glibc_objsize0 (__dest));
>  }
>  
>  __fortify_function void *
>  __NTH (memmove (void *__dest, const void *__src, size_t __len))
>  {
> -  return __builtin___memmove_chk (__dest, __src, __len, __bos0 (__dest));
> +  return __builtin___memmove_chk (__dest, __src, __len,
> +				  __glibc_objsize0 (__dest));
>  }
>  
>  #ifdef __USE_GNU
> @@ -40,7 +42,8 @@ __fortify_function void *
>  __NTH (mempcpy (void *__restrict __dest, const void *__restrict __src,
>  		size_t __len))
>  {
> -  return __builtin___mempcpy_chk (__dest, __src, __len, __bos0 (__dest));
> +  return __builtin___mempcpy_chk (__dest, __src, __len,
> +				  __glibc_objsize0 (__dest));
>  }
>  #endif
>  
> @@ -53,7 +56,8 @@ __NTH (mempcpy (void *__restrict __dest, const void *__restrict __src,
>  __fortify_function void *
>  __NTH (memset (void *__dest, int __ch, size_t __len))
>  {
> -  return __builtin___memset_chk (__dest, __ch, __len, __bos0 (__dest));
> +  return __builtin___memset_chk (__dest, __ch, __len,
> +				 __glibc_objsize0 (__dest));
>  }
>  
>  #ifdef __USE_MISC
> @@ -65,21 +69,21 @@ void __explicit_bzero_chk (void *__dest, size_t __len, size_t __destlen)
>  __fortify_function void
>  __NTH (explicit_bzero (void *__dest, size_t __len))
>  {
> -  __explicit_bzero_chk (__dest, __len, __bos0 (__dest));
> +  __explicit_bzero_chk (__dest, __len, __glibc_objsize0 (__dest));
>  }
>  #endif
>  
>  __fortify_function char *
>  __NTH (strcpy (char *__restrict __dest, const char *__restrict __src))
>  {
> -  return __builtin___strcpy_chk (__dest, __src, __bos (__dest));
> +  return __builtin___strcpy_chk (__dest, __src, __glibc_objsize (__dest));
>  }
>  
>  #ifdef __USE_GNU
>  __fortify_function char *
>  __NTH (stpcpy (char *__restrict __dest, const char *__restrict __src))
>  {
> -  return __builtin___stpcpy_chk (__dest, __src, __bos (__dest));
> +  return __builtin___stpcpy_chk (__dest, __src, __glibc_objsize (__dest));
>  }
>  #endif
>  
> @@ -88,14 +92,16 @@ __fortify_function char *
>  __NTH (strncpy (char *__restrict __dest, const char *__restrict __src,
>  		size_t __len))
>  {
> -  return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
> +  return __builtin___strncpy_chk (__dest, __src, __len,
> +				  __glibc_objsize (__dest));
>  }
>  
>  #if __GNUC_PREREQ (4, 7) || __glibc_clang_prereq (2, 6)
>  __fortify_function char *
>  __NTH (stpncpy (char *__dest, const char *__src, size_t __n))
>  {
> -  return __builtin___stpncpy_chk (__dest, __src, __n, __bos (__dest));
> +  return __builtin___stpncpy_chk (__dest, __src, __n,
> +				  __glibc_objsize (__dest));
>  }
>  #else
>  extern char *__stpncpy_chk (char *__dest, const char *__src, size_t __n,
> @@ -118,7 +124,7 @@ __NTH (stpncpy (char *__dest, const char *__src, size_t __n))
>  __fortify_function char *
>  __NTH (strcat (char *__restrict __dest, const char *__restrict __src))
>  {
> -  return __builtin___strcat_chk (__dest, __src, __bos (__dest));
> +  return __builtin___strcat_chk (__dest, __src, __glibc_objsize (__dest));
>  }
>  
>  
> @@ -126,7 +132,8 @@ __fortify_function char *
>  __NTH (strncat (char *__restrict __dest, const char *__restrict __src,
>  		size_t __len))
>  {
> -  return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
> +  return __builtin___strncat_chk (__dest, __src, __len,
> +				  __glibc_objsize (__dest));
>  }
>  
>  #endif /* bits/string_fortified.h */
> diff --git a/string/bits/strings_fortified.h b/string/bits/strings_fortified.h
> index d4091f4f69..7752faf4e3 100644
> --- a/string/bits/strings_fortified.h
> +++ b/string/bits/strings_fortified.h
> @@ -22,13 +22,15 @@
>  __fortify_function void
>  __NTH (bcopy (const void *__src, void *__dest, size_t __len))
>  {
> -  (void) __builtin___memmove_chk (__dest, __src, __len, __bos0 (__dest));
> +  (void) __builtin___memmove_chk (__dest, __src, __len,
> +				  __glibc_objsize0 (__dest));
>  }
>  
>  __fortify_function void
>  __NTH (bzero (void *__dest, size_t __len))
>  {
> -  (void) __builtin___memset_chk (__dest, '\0', __len, __bos0 (__dest));
> +  (void) __builtin___memset_chk (__dest, '\0', __len,
> +				 __glibc_objsize0 (__dest));
>  }
>  
>  #endif
> 

[PATCH v7 4/4] nonstring: Enable __FORTIFY_LEVEL=3

[Siddhesh Poyarekar]

Use __builtin_dynamic_object_size in the remaining functions that
don't have compiler builtins as is the case for string functions.
---
 io/bits/poll2.h       |  18 +++---
 libio/bits/stdio.h    |   2 +-
 libio/bits/stdio2.h   |  62 ++++++++++--------
 posix/bits/unistd.h   | 120 ++++++++++++++++++----------------
 socket/bits/socket2.h |  22 ++++---
 stdlib/bits/stdlib.h  |  42 ++++++------
 wcsmbs/bits/wchar2.h  | 146 ++++++++++++++++++++++++------------------
 7 files changed, 229 insertions(+), 183 deletions(-)

diff --git a/io/bits/poll2.h b/io/bits/poll2.h
index dca49717db..d204351bd0 100644
--- a/io/bits/poll2.h
+++ b/io/bits/poll2.h
@@ -35,12 +35,13 @@ extern int __REDIRECT (__poll_chk_warn, (struct pollfd *__fds, nfds_t __nfds,
 __fortify_function int
 poll (struct pollfd *__fds, nfds_t __nfds, int __timeout)
 {
-  if (__bos (__fds) != (__SIZE_TYPE__) -1)
+  if (__glibc_objsize (__fds) != (__SIZE_TYPE__) -1)
     {
       if (! __builtin_constant_p (__nfds))
-	return __poll_chk (__fds, __nfds, __timeout, __bos (__fds));
-      else if (__bos (__fds) / sizeof (*__fds) < __nfds)
-	return __poll_chk_warn (__fds, __nfds, __timeout, __bos (__fds));
+	return __poll_chk (__fds, __nfds, __timeout, __glibc_objsize (__fds));
+      else if (__glibc_objsize (__fds) / sizeof (*__fds) < __nfds)
+	return __poll_chk_warn (__fds, __nfds, __timeout,
+				__glibc_objsize (__fds));
     }
 
   return __poll_alias (__fds, __nfds, __timeout);
@@ -65,13 +66,14 @@ __fortify_function int
 ppoll (struct pollfd *__fds, nfds_t __nfds, const struct timespec *__timeout,
        const __sigset_t *__ss)
 {
-  if (__bos (__fds) != (__SIZE_TYPE__) -1)
+  if (__glibc_objsize (__fds) != (__SIZE_TYPE__) -1)
     {
       if (! __builtin_constant_p (__nfds))
-	return __ppoll_chk (__fds, __nfds, __timeout, __ss, __bos (__fds));
-      else if (__bos (__fds) / sizeof (*__fds) < __nfds)
+	return __ppoll_chk (__fds, __nfds, __timeout, __ss,
+			    __glibc_objsize (__fds));
+      else if (__glibc_objsize (__fds) / sizeof (*__fds) < __nfds)
 	return __ppoll_chk_warn (__fds, __nfds, __timeout, __ss,
-				 __bos (__fds));
+				 __glibc_objsize (__fds));
     }
 
   return __ppoll_alias (__fds, __nfds, __timeout, __ss);
diff --git a/libio/bits/stdio.h b/libio/bits/stdio.h
index 6745571ed5..6d1f0f9fc9 100644
--- a/libio/bits/stdio.h
+++ b/libio/bits/stdio.h
@@ -31,7 +31,7 @@
 
 
 #ifdef __USE_EXTERN_INLINES
-/* For -D_FORTIFY_SOURCE{,=2} bits/stdio2.h will define a different
+/* For -D_FORTIFY_SOURCE{,=2,=3} bits/stdio2.h will define a different
    inline.  */
 # if !(__USE_FORTIFY_LEVEL > 0 && defined __fortify_function)
 /* Write formatted output to stdout from argument list ARG.  */
diff --git a/libio/bits/stdio2.h b/libio/bits/stdio2.h
index ff9202c2cb..365c25b7b0 100644
--- a/libio/bits/stdio2.h
+++ b/libio/bits/stdio2.h
@@ -36,12 +36,13 @@ __fortify_function int
 __NTH (sprintf (char *__restrict __s, const char *__restrict __fmt, ...))
 {
   return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
-				  __bos (__s), __fmt, __va_arg_pack ());
+				  __glibc_objsize (__s), __fmt,
+				  __va_arg_pack ());
 }
 #elif !defined __cplusplus
 # define sprintf(str, ...) \
-  __builtin___sprintf_chk (str, __USE_FORTIFY_LEVEL - 1, __bos (str), \
-			   __VA_ARGS__)
+  __builtin___sprintf_chk (str, __USE_FORTIFY_LEVEL - 1,		      \
+			   __glibc_objsize (str), __VA_ARGS__)
 #endif
 
 __fortify_function int
@@ -49,7 +50,7 @@ __NTH (vsprintf (char *__restrict __s, const char *__restrict __fmt,
 		 __gnuc_va_list __ap))
 {
   return __builtin___vsprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
-				   __bos (__s), __fmt, __ap);
+				   __glibc_objsize (__s), __fmt, __ap);
 }
 
 #if defined __USE_ISOC99 || defined __USE_UNIX98
@@ -68,12 +69,13 @@ __NTH (snprintf (char *__restrict __s, size_t __n,
 		 const char *__restrict __fmt, ...))
 {
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
-				   __bos (__s), __fmt, __va_arg_pack ());
+				   __glibc_objsize (__s), __fmt,
+				   __va_arg_pack ());
 }
 # elif !defined __cplusplus
 #  define snprintf(str, len, ...) \
-  __builtin___snprintf_chk (str, len, __USE_FORTIFY_LEVEL - 1, __bos (str), \
-			    __VA_ARGS__)
+  __builtin___snprintf_chk (str, len, __USE_FORTIFY_LEVEL - 1,		      \
+			    __glibc_objsize (str), __VA_ARGS__)
 # endif
 
 __fortify_function int
@@ -81,7 +83,7 @@ __NTH (vsnprintf (char *__restrict __s, size_t __n,
 		  const char *__restrict __fmt, __gnuc_va_list __ap))
 {
   return __builtin___vsnprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
-				    __bos (__s), __fmt, __ap);
+				    __glibc_objsize (__s), __fmt, __ap);
 }
 
 #endif
@@ -237,8 +239,8 @@ extern char *__REDIRECT (__gets_warn, (char *__str), gets)
 __fortify_function __wur char *
 gets (char *__str)
 {
-  if (__bos (__str) != (size_t) -1)
-    return __gets_chk (__str, __bos (__str));
+  if (__glibc_objsize (__str) != (size_t) -1)
+    return __gets_chk (__str, __glibc_objsize (__str));
   return __gets_warn (__str);
 }
 #endif
@@ -259,13 +261,13 @@ extern char *__REDIRECT (__fgets_chk_warn,
 __fortify_function __wur __attr_access ((__write_only__, 1, 2)) char *
 fgets (char *__restrict __s, int __n, FILE *__restrict __stream)
 {
-  if (__bos (__s) != (size_t) -1)
+  if (__glibc_objsize (__s) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n) || __n <= 0)
-	return __fgets_chk (__s, __bos (__s), __n, __stream);
+	return __fgets_chk (__s, __glibc_objsize (__s), __n, __stream);
 
-      if ((size_t) __n > __bos (__s))
-	return __fgets_chk_warn (__s, __bos (__s), __n, __stream);
+      if ((size_t) __n > __glibc_objsize (__s))
+	return __fgets_chk_warn (__s, __glibc_objsize (__s), __n, __stream);
     }
   return __fgets_alias (__s, __n, __stream);
 }
@@ -289,15 +291,17 @@ __fortify_function __wur size_t
 fread (void *__restrict __ptr, size_t __size, size_t __n,
        FILE *__restrict __stream)
 {
-  if (__bos0 (__ptr) != (size_t) -1)
+  if (__glibc_objsize0 (__ptr) != (size_t) -1)
     {
       if (!__builtin_constant_p (__size)
 	  || !__builtin_constant_p (__n)
 	  || (__size | __n) >= (((size_t) 1) << (8 * sizeof (size_t) / 2)))
-	return __fread_chk (__ptr, __bos0 (__ptr), __size, __n, __stream);
+	return __fread_chk (__ptr, __glibc_objsize0 (__ptr), __size, __n,
+			    __stream);
 
-      if (__size * __n > __bos0 (__ptr))
-	return __fread_chk_warn (__ptr, __bos0 (__ptr), __size, __n, __stream);
+      if (__size * __n > __glibc_objsize0 (__ptr))
+	return __fread_chk_warn (__ptr, __glibc_objsize0 (__ptr), __size, __n,
+				 __stream);
     }
   return __fread_alias (__ptr, __size, __n, __stream);
 }
@@ -319,13 +323,15 @@ extern char *__REDIRECT (__fgets_unlocked_chk_warn,
 __fortify_function __wur __attr_access ((__write_only__, 1, 2)) char *
 fgets_unlocked (char *__restrict __s, int __n, FILE *__restrict __stream)
 {
-  if (__bos (__s) != (size_t) -1)
+  if (__glibc_objsize (__s) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n) || __n <= 0)
-	return __fgets_unlocked_chk (__s, __bos (__s), __n, __stream);
+	return __fgets_unlocked_chk (__s, __glibc_objsize (__s), __n,
+				     __stream);
 
-      if ((size_t) __n > __bos (__s))
-	return __fgets_unlocked_chk_warn (__s, __bos (__s), __n, __stream);
+      if ((size_t) __n > __glibc_objsize (__s))
+	return __fgets_unlocked_chk_warn (__s, __glibc_objsize (__s), __n,
+					  __stream);
     }
   return __fgets_unlocked_alias (__s, __n, __stream);
 }
@@ -352,17 +358,17 @@ __fortify_function __wur size_t
 fread_unlocked (void *__restrict __ptr, size_t __size, size_t __n,
 		FILE *__restrict __stream)
 {
-  if (__bos0 (__ptr) != (size_t) -1)
+  if (__glibc_objsize0 (__ptr) != (size_t) -1)
     {
       if (!__builtin_constant_p (__size)
 	  || !__builtin_constant_p (__n)
 	  || (__size | __n) >= (((size_t) 1) << (8 * sizeof (size_t) / 2)))
-	return __fread_unlocked_chk (__ptr, __bos0 (__ptr), __size, __n,
-				     __stream);
+	return __fread_unlocked_chk (__ptr, __glibc_objsize0 (__ptr), __size,
+				     __n, __stream);
 
-      if (__size * __n > __bos0 (__ptr))
-	return __fread_unlocked_chk_warn (__ptr, __bos0 (__ptr), __size, __n,
-					  __stream);
+      if (__size * __n > __glibc_objsize0 (__ptr))
+	return __fread_unlocked_chk_warn (__ptr, __glibc_objsize0 (__ptr),
+					  __size, __n, __stream);
     }
 
 # ifdef __USE_EXTERN_INLINES
diff --git a/posix/bits/unistd.h b/posix/bits/unistd.h
index 725a83eb0d..6c5ed0c618 100644
--- a/posix/bits/unistd.h
+++ b/posix/bits/unistd.h
@@ -35,13 +35,14 @@ extern ssize_t __REDIRECT (__read_chk_warn,
 __fortify_function __wur ssize_t
 read (int __fd, void *__buf, size_t __nbytes)
 {
-  if (__bos0 (__buf) != (size_t) -1)
+  if (__glibc_objsize0 (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__nbytes))
-	return __read_chk (__fd, __buf, __nbytes, __bos0 (__buf));
+	return __read_chk (__fd, __buf, __nbytes, __glibc_objsize0 (__buf));
 
-      if (__nbytes > __bos0 (__buf))
-	return __read_chk_warn (__fd, __buf, __nbytes, __bos0 (__buf));
+      if (__nbytes > __glibc_objsize0 (__buf))
+	return __read_chk_warn (__fd, __buf, __nbytes,
+				__glibc_objsize0 (__buf));
     }
   return __read_alias (__fd, __buf, __nbytes);
 }
@@ -77,14 +78,15 @@ extern ssize_t __REDIRECT (__pread64_chk_warn,
 __fortify_function __wur ssize_t
 pread (int __fd, void *__buf, size_t __nbytes, __off_t __offset)
 {
-  if (__bos0 (__buf) != (size_t) -1)
+  if (__glibc_objsize0 (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__nbytes))
-	return __pread_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf));
+	return __pread_chk (__fd, __buf, __nbytes, __offset,
+			    __glibc_objsize0 (__buf));
 
-      if ( __nbytes > __bos0 (__buf))
+      if ( __nbytes > __glibc_objsize0 (__buf))
 	return __pread_chk_warn (__fd, __buf, __nbytes, __offset,
-				 __bos0 (__buf));
+				 __glibc_objsize0 (__buf));
     }
   return __pread_alias (__fd, __buf, __nbytes, __offset);
 }
@@ -92,14 +94,15 @@ pread (int __fd, void *__buf, size_t __nbytes, __off_t __offset)
 __fortify_function __wur ssize_t
 pread (int __fd, void *__buf, size_t __nbytes, __off64_t __offset)
 {
-  if (__bos0 (__buf) != (size_t) -1)
+  if (__glibc_objsize0 (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__nbytes))
-	return __pread64_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf));
+	return __pread64_chk (__fd, __buf, __nbytes, __offset,
+			      __glibc_objsize0 (__buf));
 
-      if ( __nbytes > __bos0 (__buf))
+      if ( __nbytes > __glibc_objsize0 (__buf))
 	return __pread64_chk_warn (__fd, __buf, __nbytes, __offset,
-				   __bos0 (__buf));
+				   __glibc_objsize0 (__buf));
     }
 
   return __pread64_alias (__fd, __buf, __nbytes, __offset);
@@ -110,14 +113,15 @@ pread (int __fd, void *__buf, size_t __nbytes, __off64_t __offset)
 __fortify_function __wur ssize_t
 pread64 (int __fd, void *__buf, size_t __nbytes, __off64_t __offset)
 {
-  if (__bos0 (__buf) != (size_t) -1)
+  if (__glibc_objsize0 (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__nbytes))
-	return __pread64_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf));
+	return __pread64_chk (__fd, __buf, __nbytes, __offset,
+			      __glibc_objsize0 (__buf));
 
-      if ( __nbytes > __bos0 (__buf))
+      if ( __nbytes > __glibc_objsize0 (__buf))
 	return __pread64_chk_warn (__fd, __buf, __nbytes, __offset,
-				   __bos0 (__buf));
+				   __glibc_objsize0 (__buf));
     }
 
   return __pread64_alias (__fd, __buf, __nbytes, __offset);
@@ -145,13 +149,14 @@ __fortify_function __nonnull ((1, 2)) __wur ssize_t
 __NTH (readlink (const char *__restrict __path, char *__restrict __buf,
 		 size_t __len))
 {
-  if (__bos (__buf) != (size_t) -1)
+  if (__glibc_objsize (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__len))
-	return __readlink_chk (__path, __buf, __len, __bos (__buf));
+	return __readlink_chk (__path, __buf, __len, __glibc_objsize (__buf));
 
-      if ( __len > __bos (__buf))
-	return __readlink_chk_warn (__path, __buf, __len, __bos (__buf));
+      if ( __len > __glibc_objsize (__buf))
+	return __readlink_chk_warn (__path, __buf, __len,
+				    __glibc_objsize (__buf));
     }
   return __readlink_alias (__path, __buf, __len);
 }
@@ -179,14 +184,15 @@ __fortify_function __nonnull ((2, 3)) __wur ssize_t
 __NTH (readlinkat (int __fd, const char *__restrict __path,
 		   char *__restrict __buf, size_t __len))
 {
-  if (__bos (__buf) != (size_t) -1)
+  if (__glibc_objsize (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__len))
-	return __readlinkat_chk (__fd, __path, __buf, __len, __bos (__buf));
+	return __readlinkat_chk (__fd, __path, __buf, __len,
+				 __glibc_objsize (__buf));
 
-      if (__len > __bos (__buf))
+      if (__len > __glibc_objsize (__buf))
 	return __readlinkat_chk_warn (__fd, __path, __buf, __len,
-				      __bos (__buf));
+				      __glibc_objsize (__buf));
     }
   return __readlinkat_alias (__fd, __path, __buf, __len);
 }
@@ -206,13 +212,13 @@ extern char *__REDIRECT_NTH (__getcwd_chk_warn,
 __fortify_function __wur char *
 __NTH (getcwd (char *__buf, size_t __size))
 {
-  if (__bos (__buf) != (size_t) -1)
+  if (__glibc_objsize (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__size))
-	return __getcwd_chk (__buf, __size, __bos (__buf));
+	return __getcwd_chk (__buf, __size, __glibc_objsize (__buf));
 
-      if (__size > __bos (__buf))
-	return __getcwd_chk_warn (__buf, __size, __bos (__buf));
+      if (__size > __glibc_objsize (__buf))
+	return __getcwd_chk_warn (__buf, __size, __glibc_objsize (__buf));
     }
   return __getcwd_alias (__buf, __size);
 }
@@ -227,8 +233,8 @@ extern char *__REDIRECT_NTH (__getwd_warn, (char *__buf), getwd)
 __fortify_function __nonnull ((1)) __attribute_deprecated__ __wur char *
 __NTH (getwd (char *__buf))
 {
-  if (__bos (__buf) != (size_t) -1)
-    return __getwd_chk (__buf, __bos (__buf));
+  if (__glibc_objsize (__buf) != (size_t) -1)
+    return __getwd_chk (__buf, __glibc_objsize (__buf));
   return __getwd_warn (__buf);
 }
 #endif
@@ -248,13 +254,14 @@ extern size_t __REDIRECT_NTH (__confstr_chk_warn,
 __fortify_function size_t
 __NTH (confstr (int __name, char *__buf, size_t __len))
 {
-  if (__bos (__buf) != (size_t) -1)
+  if (__glibc_objsize (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__len))
-	return __confstr_chk (__name, __buf, __len, __bos (__buf));
+	return __confstr_chk (__name, __buf, __len, __glibc_objsize (__buf));
 
-      if (__bos (__buf) < __len)
-	return __confstr_chk_warn (__name, __buf, __len, __bos (__buf));
+      if (__glibc_objsize (__buf) < __len)
+	return __confstr_chk_warn (__name, __buf, __len,
+				   __glibc_objsize (__buf));
     }
   return __confstr_alias (__name, __buf, __len);
 }
@@ -273,13 +280,13 @@ extern int __REDIRECT_NTH (__getgroups_chk_warn,
 __fortify_function int
 __NTH (getgroups (int __size, __gid_t __list[]))
 {
-  if (__bos (__list) != (size_t) -1)
+  if (__glibc_objsize (__list) != (size_t) -1)
     {
       if (!__builtin_constant_p (__size) || __size < 0)
-	return __getgroups_chk (__size, __list, __bos (__list));
+	return __getgroups_chk (__size, __list, __glibc_objsize (__list));
 
-      if (__size * sizeof (__gid_t) > __bos (__list))
-	return __getgroups_chk_warn (__size, __list, __bos (__list));
+      if (__size * sizeof (__gid_t) > __glibc_objsize (__list))
+	return __getgroups_chk_warn (__size, __list, __glibc_objsize (__list));
     }
   return __getgroups_alias (__size, __list);
 }
@@ -300,13 +307,15 @@ extern int __REDIRECT_NTH (__ttyname_r_chk_warn,
 __fortify_function int
 __NTH (ttyname_r (int __fd, char *__buf, size_t __buflen))
 {
-  if (__bos (__buf) != (size_t) -1)
+  if (__glibc_objsize (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__buflen))
-	return __ttyname_r_chk (__fd, __buf, __buflen, __bos (__buf));
+	return __ttyname_r_chk (__fd, __buf, __buflen,
+				__glibc_objsize (__buf));
 
-      if (__buflen > __bos (__buf))
-	return __ttyname_r_chk_warn (__fd, __buf, __buflen, __bos (__buf));
+      if (__buflen > __glibc_objsize (__buf))
+	return __ttyname_r_chk_warn (__fd, __buf, __buflen,
+				     __glibc_objsize (__buf));
     }
   return __ttyname_r_alias (__fd, __buf, __buflen);
 }
@@ -326,13 +335,14 @@ extern int __REDIRECT (__getlogin_r_chk_warn,
 __fortify_function int
 getlogin_r (char *__buf, size_t __buflen)
 {
-  if (__bos (__buf) != (size_t) -1)
+  if (__glibc_objsize (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__buflen))
-	return __getlogin_r_chk (__buf, __buflen, __bos (__buf));
+	return __getlogin_r_chk (__buf, __buflen, __glibc_objsize (__buf));
 
-      if (__buflen > __bos (__buf))
-	return __getlogin_r_chk_warn (__buf, __buflen, __bos (__buf));
+      if (__buflen > __glibc_objsize (__buf))
+	return __getlogin_r_chk_warn (__buf, __buflen,
+				      __glibc_objsize (__buf));
     }
   return __getlogin_r_alias (__buf, __buflen);
 }
@@ -354,13 +364,14 @@ extern int __REDIRECT_NTH (__gethostname_chk_warn,
 __fortify_function int
 __NTH (gethostname (char *__buf, size_t __buflen))
 {
-  if (__bos (__buf) != (size_t) -1)
+  if (__glibc_objsize (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__buflen))
-	return __gethostname_chk (__buf, __buflen, __bos (__buf));
+	return __gethostname_chk (__buf, __buflen, __glibc_objsize (__buf));
 
-      if (__buflen > __bos (__buf))
-	return __gethostname_chk_warn (__buf, __buflen, __bos (__buf));
+      if (__buflen > __glibc_objsize (__buf))
+	return __gethostname_chk_warn (__buf, __buflen,
+				       __glibc_objsize (__buf));
     }
   return __gethostname_alias (__buf, __buflen);
 }
@@ -384,13 +395,14 @@ extern int __REDIRECT_NTH (__getdomainname_chk_warn,
 __fortify_function int
 __NTH (getdomainname (char *__buf, size_t __buflen))
 {
-  if (__bos (__buf) != (size_t) -1)
+  if (__glibc_objsize (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__buflen))
-	return __getdomainname_chk (__buf, __buflen, __bos (__buf));
+	return __getdomainname_chk (__buf, __buflen, __glibc_objsize (__buf));
 
-      if (__buflen > __bos (__buf))
-	return __getdomainname_chk_warn (__buf, __buflen, __bos (__buf));
+      if (__buflen > __glibc_objsize (__buf))
+	return __getdomainname_chk_warn (__buf, __buflen,
+					 __glibc_objsize (__buf));
     }
   return __getdomainname_alias (__buf, __buflen);
 }
diff --git a/socket/bits/socket2.h b/socket/bits/socket2.h
index c0421ce244..05418ba9c3 100644
--- a/socket/bits/socket2.h
+++ b/socket/bits/socket2.h
@@ -33,13 +33,15 @@ extern ssize_t __REDIRECT (__recv_chk_warn,
 __fortify_function ssize_t
 recv (int __fd, void *__buf, size_t __n, int __flags)
 {
-  if (__bos0 (__buf) != (size_t) -1)
+  if (__glibc_objsize0 (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n))
-	return __recv_chk (__fd, __buf, __n, __bos0 (__buf), __flags);
+	return __recv_chk (__fd, __buf, __n, __glibc_objsize0 (__buf),
+			   __flags);
 
-      if (__n > __bos0 (__buf))
-	return __recv_chk_warn (__fd, __buf, __n, __bos0 (__buf), __flags);
+      if (__n > __glibc_objsize0 (__buf))
+	return __recv_chk_warn (__fd, __buf, __n, __glibc_objsize0 (__buf),
+				__flags);
     }
   return __recv_alias (__fd, __buf, __n, __flags);
 }
@@ -64,14 +66,14 @@ __fortify_function ssize_t
 recvfrom (int __fd, void *__restrict __buf, size_t __n, int __flags,
 	  __SOCKADDR_ARG __addr, socklen_t *__restrict __addr_len)
 {
-  if (__bos0 (__buf) != (size_t) -1)
+  if (__glibc_objsize0 (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n))
-	return __recvfrom_chk (__fd, __buf, __n, __bos0 (__buf), __flags,
-			       __addr, __addr_len);
-      if (__n > __bos0 (__buf))
-	return __recvfrom_chk_warn (__fd, __buf, __n, __bos0 (__buf), __flags,
-				    __addr, __addr_len);
+	return __recvfrom_chk (__fd, __buf, __n, __glibc_objsize0 (__buf),
+			       __flags, __addr, __addr_len);
+      if (__n > __glibc_objsize0 (__buf))
+	return __recvfrom_chk_warn (__fd, __buf, __n, __glibc_objsize0 (__buf),
+				    __flags, __addr, __addr_len);
     }
   return __recvfrom_alias (__fd, __buf, __n, __flags, __addr, __addr_len);
 }
diff --git a/stdlib/bits/stdlib.h b/stdlib/bits/stdlib.h
index 9134d3f36b..b495cd6929 100644
--- a/stdlib/bits/stdlib.h
+++ b/stdlib/bits/stdlib.h
@@ -36,13 +36,14 @@ extern char *__REDIRECT_NTH (__realpath_chk_warn,
 __fortify_function __wur char *
 __NTH (realpath (const char *__restrict __name, char *__restrict __resolved))
 {
-  if (__bos (__resolved) != (size_t) -1)
+  if (__glibc_objsize (__resolved) != (size_t) -1)
     {
 #if defined _LIBC_LIMITS_H_ && defined PATH_MAX
-      if (__bos (__resolved) < PATH_MAX)
-	return __realpath_chk_warn (__name, __resolved, __bos (__resolved));
+      if (__glibc_objsize (__resolved) < PATH_MAX)
+	return __realpath_chk_warn (__name, __resolved,
+				    __glibc_objsize (__resolved));
 #endif
-      return __realpath_chk (__name, __resolved, __bos (__resolved));
+      return __realpath_chk (__name, __resolved, __glibc_objsize (__resolved));
     }
 
   return __realpath_alias (__name, __resolved);
@@ -64,12 +65,14 @@ extern int __REDIRECT_NTH (__ptsname_r_chk_warn,
 __fortify_function int
 __NTH (ptsname_r (int __fd, char *__buf, size_t __buflen))
 {
-  if (__bos (__buf) != (size_t) -1)
+  if (__glibc_objsize (__buf) != (size_t) -1)
     {
       if (!__builtin_constant_p (__buflen))
-	return __ptsname_r_chk (__fd, __buf, __buflen, __bos (__buf));
-      if (__buflen > __bos (__buf))
-	return __ptsname_r_chk_warn (__fd, __buf, __buflen, __bos (__buf));
+	return __ptsname_r_chk (__fd, __buf, __buflen,
+				__glibc_objsize (__buf));
+      if (__buflen > __glibc_objsize (__buf))
+	return __ptsname_r_chk_warn (__fd, __buf, __buflen,
+				     __glibc_objsize (__buf));
     }
   return __ptsname_r_alias (__fd, __buf, __buflen);
 }
@@ -90,8 +93,9 @@ __NTH (wctomb (char *__s, wchar_t __wchar))
 #if defined MB_LEN_MAX && MB_LEN_MAX != __STDLIB_MB_LEN_MAX
 # error "Assumed value of MB_LEN_MAX wrong"
 #endif
-  if (__bos (__s) != (size_t) -1 && __STDLIB_MB_LEN_MAX > __bos (__s))
-    return __wctomb_chk (__s, __wchar, __bos (__s));
+  if (__glibc_objsize (__s) != (size_t) -1
+      && __STDLIB_MB_LEN_MAX > __glibc_objsize (__s))
+    return __wctomb_chk (__s, __wchar, __glibc_objsize (__s));
   return __wctomb_alias (__s, __wchar);
 }
 
@@ -116,15 +120,16 @@ __fortify_function size_t
 __NTH (mbstowcs (wchar_t *__restrict __dst, const char *__restrict __src,
 		 size_t __len))
 {
-  if (__bos (__dst) != (size_t) -1)
+  if (__glibc_objsize (__dst) != (size_t) -1)
     {
       if (!__builtin_constant_p (__len))
 	return __mbstowcs_chk (__dst, __src, __len,
-			       __bos (__dst) / sizeof (wchar_t));
+			       __glibc_objsize (__dst) / sizeof (wchar_t));
 
-      if (__len > __bos (__dst) / sizeof (wchar_t))
+      if (__len > __glibc_objsize (__dst) / sizeof (wchar_t))
 	return __mbstowcs_chk_warn (__dst, __src, __len,
-				     __bos (__dst) / sizeof (wchar_t));
+				    (__glibc_objsize (__dst)
+				     / sizeof (wchar_t)));
     }
   return __mbstowcs_alias (__dst, __src, __len);
 }
@@ -149,12 +154,13 @@ __fortify_function size_t
 __NTH (wcstombs (char *__restrict __dst, const wchar_t *__restrict __src,
 		 size_t __len))
 {
-  if (__bos (__dst) != (size_t) -1)
+  if (__glibc_objsize (__dst) != (size_t) -1)
     {
       if (!__builtin_constant_p (__len))
-	return __wcstombs_chk (__dst, __src, __len, __bos (__dst));
-      if (__len > __bos (__dst))
-	return __wcstombs_chk_warn (__dst, __src, __len, __bos (__dst));
+	return __wcstombs_chk (__dst, __src, __len, __glibc_objsize (__dst));
+      if (__len > __glibc_objsize (__dst))
+	return __wcstombs_chk_warn (__dst, __src, __len,
+				    __glibc_objsize (__dst));
     }
   return __wcstombs_alias (__dst, __src, __len);
 }
diff --git a/wcsmbs/bits/wchar2.h b/wcsmbs/bits/wchar2.h
index 86e8e23e76..6631d6f76d 100644
--- a/wcsmbs/bits/wchar2.h
+++ b/wcsmbs/bits/wchar2.h
@@ -39,15 +39,15 @@ __fortify_function wchar_t *
 __NTH (wmemcpy (wchar_t *__restrict __s1, const wchar_t *__restrict __s2,
 		size_t __n))
 {
-  if (__bos0 (__s1) != (size_t) -1)
+  if (__glibc_objsize0 (__s1) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n))
 	return __wmemcpy_chk (__s1, __s2, __n,
-			      __bos0 (__s1) / sizeof (wchar_t));
+			      __glibc_objsize0 (__s1) / sizeof (wchar_t));
 
-      if (__n > __bos0 (__s1) / sizeof (wchar_t))
+      if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t))
 	return __wmemcpy_chk_warn (__s1, __s2, __n,
-				   __bos0 (__s1) / sizeof (wchar_t));
+				   __glibc_objsize0 (__s1) / sizeof (wchar_t));
     }
   return __wmemcpy_alias (__s1, __s2, __n);
 }
@@ -67,15 +67,16 @@ extern wchar_t *__REDIRECT_NTH (__wmemmove_chk_warn,
 __fortify_function wchar_t *
 __NTH (wmemmove (wchar_t *__s1, const wchar_t *__s2, size_t __n))
 {
-  if (__bos0 (__s1) != (size_t) -1)
+  if (__glibc_objsize0 (__s1) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n))
 	return __wmemmove_chk (__s1, __s2, __n,
-			       __bos0 (__s1) / sizeof (wchar_t));
+			       __glibc_objsize0 (__s1) / sizeof (wchar_t));
 
-      if (__n > __bos0 (__s1) / sizeof (wchar_t))
+      if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t))
 	return __wmemmove_chk_warn (__s1, __s2, __n,
-				    __bos0 (__s1) / sizeof (wchar_t));
+				    (__glibc_objsize0 (__s1)
+				     / sizeof (wchar_t)));
     }
   return __wmemmove_alias (__s1, __s2, __n);
 }
@@ -100,15 +101,16 @@ __fortify_function wchar_t *
 __NTH (wmempcpy (wchar_t *__restrict __s1, const wchar_t *__restrict __s2,
 		 size_t __n))
 {
-  if (__bos0 (__s1) != (size_t) -1)
+  if (__glibc_objsize0 (__s1) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n))
 	return __wmempcpy_chk (__s1, __s2, __n,
-			       __bos0 (__s1) / sizeof (wchar_t));
+			       __glibc_objsize0 (__s1) / sizeof (wchar_t));
 
-      if (__n > __bos0 (__s1) / sizeof (wchar_t))
+      if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t))
 	return __wmempcpy_chk_warn (__s1, __s2, __n,
-				    __bos0 (__s1) / sizeof (wchar_t));
+				    (__glibc_objsize0 (__s1)
+				     / sizeof (wchar_t)));
     }
   return __wmempcpy_alias (__s1, __s2, __n);
 }
@@ -128,14 +130,15 @@ extern wchar_t *__REDIRECT_NTH (__wmemset_chk_warn,
 __fortify_function wchar_t *
 __NTH (wmemset (wchar_t *__s, wchar_t __c, size_t __n))
 {
-  if (__bos0 (__s) != (size_t) -1)
+  if (__glibc_objsize0 (__s) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n))
-	return __wmemset_chk (__s, __c, __n, __bos0 (__s) / sizeof (wchar_t));
+	return __wmemset_chk (__s, __c, __n,
+			      __glibc_objsize0 (__s) / sizeof (wchar_t));
 
-      if (__n > __bos0 (__s) / sizeof (wchar_t))
+      if (__n > __glibc_objsize0 (__s) / sizeof (wchar_t))
 	return __wmemset_chk_warn (__s, __c, __n,
-				   __bos0 (__s) / sizeof (wchar_t));
+				   __glibc_objsize0 (__s) / sizeof (wchar_t));
     }
   return __wmemset_alias (__s, __c, __n);
 }
@@ -151,8 +154,9 @@ extern wchar_t *__REDIRECT_NTH (__wcscpy_alias,
 __fortify_function wchar_t *
 __NTH (wcscpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src))
 {
-  if (__bos (__dest) != (size_t) -1)
-    return __wcscpy_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t));
+  if (__glibc_objsize (__dest) != (size_t) -1)
+    return __wcscpy_chk (__dest, __src,
+			 __glibc_objsize (__dest) / sizeof (wchar_t));
   return __wcscpy_alias (__dest, __src);
 }
 
@@ -167,8 +171,9 @@ extern wchar_t *__REDIRECT_NTH (__wcpcpy_alias,
 __fortify_function wchar_t *
 __NTH (wcpcpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src))
 {
-  if (__bos (__dest) != (size_t) -1)
-    return __wcpcpy_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t));
+  if (__glibc_objsize (__dest) != (size_t) -1)
+    return __wcpcpy_chk (__dest, __src,
+			 __glibc_objsize (__dest) / sizeof (wchar_t));
   return __wcpcpy_alias (__dest, __src);
 }
 
@@ -191,14 +196,15 @@ __fortify_function wchar_t *
 __NTH (wcsncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src,
 		size_t __n))
 {
-  if (__bos (__dest) != (size_t) -1)
+  if (__glibc_objsize (__dest) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n))
 	return __wcsncpy_chk (__dest, __src, __n,
-			      __bos (__dest) / sizeof (wchar_t));
-      if (__n > __bos (__dest) / sizeof (wchar_t))
+			      __glibc_objsize (__dest) / sizeof (wchar_t));
+      if (__n > __glibc_objsize (__dest) / sizeof (wchar_t))
 	return __wcsncpy_chk_warn (__dest, __src, __n,
-				   __bos (__dest) / sizeof (wchar_t));
+				   (__glibc_objsize (__dest)
+				    / sizeof (wchar_t)));
     }
   return __wcsncpy_alias (__dest, __src, __n);
 }
@@ -222,14 +228,15 @@ __fortify_function wchar_t *
 __NTH (wcpncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src,
 		size_t __n))
 {
-  if (__bos (__dest) != (size_t) -1)
+  if (__glibc_objsize (__dest) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n))
 	return __wcpncpy_chk (__dest, __src, __n,
-			      __bos (__dest) / sizeof (wchar_t));
-      if (__n > __bos (__dest) / sizeof (wchar_t))
+			      __glibc_objsize (__dest) / sizeof (wchar_t));
+      if (__n > __glibc_objsize (__dest) / sizeof (wchar_t))
 	return __wcpncpy_chk_warn (__dest, __src, __n,
-				   __bos (__dest) / sizeof (wchar_t));
+				   (__glibc_objsize (__dest)
+				    / sizeof (wchar_t)));
     }
   return __wcpncpy_alias (__dest, __src, __n);
 }
@@ -245,8 +252,9 @@ extern wchar_t *__REDIRECT_NTH (__wcscat_alias,
 __fortify_function wchar_t *
 __NTH (wcscat (wchar_t *__restrict __dest, const wchar_t *__restrict __src))
 {
-  if (__bos (__dest) != (size_t) -1)
-    return __wcscat_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t));
+  if (__glibc_objsize (__dest) != (size_t) -1)
+    return __wcscat_chk (__dest, __src,
+			 __glibc_objsize (__dest) / sizeof (wchar_t));
   return __wcscat_alias (__dest, __src);
 }
 
@@ -263,9 +271,9 @@ __fortify_function wchar_t *
 __NTH (wcsncat (wchar_t *__restrict __dest, const wchar_t *__restrict __src,
 		size_t __n))
 {
-  if (__bos (__dest) != (size_t) -1)
+  if (__glibc_objsize (__dest) != (size_t) -1)
     return __wcsncat_chk (__dest, __src, __n,
-			  __bos (__dest) / sizeof (wchar_t));
+			  __glibc_objsize (__dest) / sizeof (wchar_t));
   return __wcsncat_alias (__dest, __src, __n);
 }
 
@@ -285,18 +293,18 @@ __fortify_function int
 __NTH (swprintf (wchar_t *__restrict __s, size_t __n,
 		 const wchar_t *__restrict __fmt, ...))
 {
-  if (__bos (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1)
+  if (__glibc_objsize (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1)
     return __swprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
-			   __bos (__s) / sizeof (wchar_t),
+			   __glibc_objsize (__s) / sizeof (wchar_t),
 			   __fmt, __va_arg_pack ());
   return __swprintf_alias (__s, __n, __fmt, __va_arg_pack ());
 }
 #elif !defined __cplusplus
 /* XXX We might want to have support in gcc for swprintf.  */
 # define swprintf(s, n, ...) \
-  (__bos (s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1			      \
+  (__glibc_objsize (s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1		      \
    ? __swprintf_chk (s, n, __USE_FORTIFY_LEVEL - 1,			      \
-		     __bos (s) / sizeof (wchar_t), __VA_ARGS__)		      \
+		     __glibc_objsize (s) / sizeof (wchar_t), __VA_ARGS__)	      \
    : swprintf (s, n, __VA_ARGS__))
 #endif
 
@@ -315,9 +323,10 @@ __fortify_function int
 __NTH (vswprintf (wchar_t *__restrict __s, size_t __n,
 		  const wchar_t *__restrict __fmt, __gnuc_va_list __ap))
 {
-  if (__bos (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1)
+  if (__glibc_objsize (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1)
     return __vswprintf_chk (__s, __n,  __USE_FORTIFY_LEVEL - 1,
-			    __bos (__s) / sizeof (wchar_t), __fmt, __ap);
+			    __glibc_objsize (__s) / sizeof (wchar_t), __fmt,
+			    __ap);
   return __vswprintf_alias (__s, __n, __fmt, __ap);
 }
 
@@ -383,14 +392,15 @@ extern wchar_t *__REDIRECT (__fgetws_chk_warn,
 __fortify_function __wur wchar_t *
 fgetws (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream)
 {
-  if (__bos (__s) != (size_t) -1)
+  if (__glibc_objsize (__s) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n) || __n <= 0)
-	return __fgetws_chk (__s, __bos (__s) / sizeof (wchar_t),
+	return __fgetws_chk (__s, __glibc_objsize (__s) / sizeof (wchar_t),
 			     __n, __stream);
 
-      if ((size_t) __n > __bos (__s) / sizeof (wchar_t))
-	return __fgetws_chk_warn (__s, __bos (__s) / sizeof (wchar_t),
+      if ((size_t) __n > __glibc_objsize (__s) / sizeof (wchar_t))
+	return __fgetws_chk_warn (__s,
+				  __glibc_objsize (__s) / sizeof (wchar_t),
 				  __n, __stream);
     }
   return __fgetws_alias (__s, __n, __stream);
@@ -414,14 +424,17 @@ extern wchar_t *__REDIRECT (__fgetws_unlocked_chk_warn,
 __fortify_function __wur wchar_t *
 fgetws_unlocked (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream)
 {
-  if (__bos (__s) != (size_t) -1)
+  if (__glibc_objsize (__s) != (size_t) -1)
     {
       if (!__builtin_constant_p (__n) || __n <= 0)
-	return __fgetws_unlocked_chk (__s, __bos (__s) / sizeof (wchar_t),
+	return __fgetws_unlocked_chk (__s,
+				      __glibc_objsize (__s) / sizeof (wchar_t),
 				      __n, __stream);
 
-      if ((size_t) __n > __bos (__s) / sizeof (wchar_t))
-	return __fgetws_unlocked_chk_warn (__s, __bos (__s) / sizeof (wchar_t),
+      if ((size_t) __n > __glibc_objsize (__s) / sizeof (wchar_t))
+	return __fgetws_unlocked_chk_warn (__s,
+					   (__glibc_objsize (__s)
+					    / sizeof (wchar_t)),
 					   __n, __stream);
     }
   return __fgetws_unlocked_alias (__s, __n, __stream);
@@ -447,8 +460,9 @@ __NTH (wcrtomb (char *__restrict __s, wchar_t __wchar,
 #if defined MB_LEN_MAX && MB_LEN_MAX != __WCHAR_MB_LEN_MAX
 # error "Assumed value of MB_LEN_MAX wrong"
 #endif
-  if (__bos (__s) != (size_t) -1 && __WCHAR_MB_LEN_MAX > __bos (__s))
-    return __wcrtomb_chk (__s, __wchar, __ps, __bos (__s));
+  if (__glibc_objsize (__s) != (size_t) -1
+      && __WCHAR_MB_LEN_MAX > __glibc_objsize (__s))
+    return __wcrtomb_chk (__s, __wchar, __ps, __glibc_objsize (__s));
   return __wcrtomb_alias (__s, __wchar, __ps);
 }
 
@@ -474,15 +488,16 @@ __fortify_function size_t
 __NTH (mbsrtowcs (wchar_t *__restrict __dst, const char **__restrict __src,
 		  size_t __len, mbstate_t *__restrict __ps))
 {
-  if (__bos (__dst) != (size_t) -1)
+  if (__glibc_objsize (__dst) != (size_t) -1)
     {
       if (!__builtin_constant_p (__len))
 	return __mbsrtowcs_chk (__dst, __src, __len, __ps,
-				__bos (__dst) / sizeof (wchar_t));
+				__glibc_objsize (__dst) / sizeof (wchar_t));
 
-      if (__len > __bos (__dst) / sizeof (wchar_t))
+      if (__len > __glibc_objsize (__dst) / sizeof (wchar_t))
 	return __mbsrtowcs_chk_warn (__dst, __src, __len, __ps,
-				     __bos (__dst) / sizeof (wchar_t));
+				     (__glibc_objsize (__dst)
+				      / sizeof (wchar_t)));
     }
   return __mbsrtowcs_alias (__dst, __src, __len, __ps);
 }
@@ -508,13 +523,15 @@ __fortify_function size_t
 __NTH (wcsrtombs (char *__restrict __dst, const wchar_t **__restrict __src,
 		  size_t __len, mbstate_t *__restrict __ps))
 {
-  if (__bos (__dst) != (size_t) -1)
+  if (__glibc_objsize (__dst) != (size_t) -1)
     {
       if (!__builtin_constant_p (__len))
-	return __wcsrtombs_chk (__dst, __src, __len, __ps, __bos (__dst));
+	return __wcsrtombs_chk (__dst, __src, __len, __ps,
+				__glibc_objsize (__dst));
 
-      if (__len > __bos (__dst))
-	return __wcsrtombs_chk_warn (__dst, __src, __len, __ps, __bos (__dst));
+      if (__len > __glibc_objsize (__dst))
+	return __wcsrtombs_chk_warn (__dst, __src, __len, __ps,
+				     __glibc_objsize (__dst));
     }
   return __wcsrtombs_alias (__dst, __src, __len, __ps);
 }
@@ -542,15 +559,16 @@ __fortify_function size_t
 __NTH (mbsnrtowcs (wchar_t *__restrict __dst, const char **__restrict __src,
 		   size_t __nmc, size_t __len, mbstate_t *__restrict __ps))
 {
-  if (__bos (__dst) != (size_t) -1)
+  if (__glibc_objsize (__dst) != (size_t) -1)
     {
       if (!__builtin_constant_p (__len))
 	return __mbsnrtowcs_chk (__dst, __src, __nmc, __len, __ps,
-				 __bos (__dst) / sizeof (wchar_t));
+				 __glibc_objsize (__dst) / sizeof (wchar_t));
 
-      if (__len > __bos (__dst) / sizeof (wchar_t))
+      if (__len > __glibc_objsize (__dst) / sizeof (wchar_t))
 	return __mbsnrtowcs_chk_warn (__dst, __src, __nmc, __len, __ps,
-				      __bos (__dst) / sizeof (wchar_t));
+				      (__glibc_objsize (__dst)
+				       / sizeof (wchar_t)));
     }
   return __mbsnrtowcs_alias (__dst, __src, __nmc, __len, __ps);
 }
@@ -578,15 +596,15 @@ __fortify_function size_t
 __NTH (wcsnrtombs (char *__restrict __dst, const wchar_t **__restrict __src,
 		   size_t __nwc, size_t __len, mbstate_t *__restrict __ps))
 {
-  if (__bos (__dst) != (size_t) -1)
+  if (__glibc_objsize (__dst) != (size_t) -1)
     {
       if (!__builtin_constant_p (__len))
 	return __wcsnrtombs_chk (__dst, __src, __nwc, __len, __ps,
-				 __bos (__dst));
+				 __glibc_objsize (__dst));
 
-      if (__len > __bos (__dst))
+      if (__len > __glibc_objsize (__dst))
 	return __wcsnrtombs_chk_warn (__dst, __src, __nwc, __len, __ps,
-				      __bos (__dst));
+				      __glibc_objsize (__dst));
     }
   return __wcsnrtombs_alias (__dst, __src, __nwc, __len, __ps);
 }
-- 
2.29.2

Re: [PATCH v7 4/4] nonstring: Enable __FORTIFY_LEVEL=3

[Adhemerval Zanella]

On 30/12/2020 03:43, Siddhesh Poyarekar wrote:
> Use __builtin_dynamic_object_size in the remaining functions that
> don't have compiler builtins as is the case for string functions.

LGTM, thanks.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>

> ---
>  io/bits/poll2.h       |  18 +++---
>  libio/bits/stdio.h    |   2 +-
>  libio/bits/stdio2.h   |  62 ++++++++++--------
>  posix/bits/unistd.h   | 120 ++++++++++++++++++----------------
>  socket/bits/socket2.h |  22 ++++---
>  stdlib/bits/stdlib.h  |  42 ++++++------
>  wcsmbs/bits/wchar2.h  | 146 ++++++++++++++++++++++++------------------
>  7 files changed, 229 insertions(+), 183 deletions(-)
> 
> diff --git a/io/bits/poll2.h b/io/bits/poll2.h
> index dca49717db..d204351bd0 100644
> --- a/io/bits/poll2.h
> +++ b/io/bits/poll2.h
> @@ -35,12 +35,13 @@ extern int __REDIRECT (__poll_chk_warn, (struct pollfd *__fds, nfds_t __nfds,
>  __fortify_function int
>  poll (struct pollfd *__fds, nfds_t __nfds, int __timeout)
>  {
> -  if (__bos (__fds) != (__SIZE_TYPE__) -1)
> +  if (__glibc_objsize (__fds) != (__SIZE_TYPE__) -1)
>      {
>        if (! __builtin_constant_p (__nfds))
> -	return __poll_chk (__fds, __nfds, __timeout, __bos (__fds));
> -      else if (__bos (__fds) / sizeof (*__fds) < __nfds)
> -	return __poll_chk_warn (__fds, __nfds, __timeout, __bos (__fds));
> +	return __poll_chk (__fds, __nfds, __timeout, __glibc_objsize (__fds));
> +      else if (__glibc_objsize (__fds) / sizeof (*__fds) < __nfds)
> +	return __poll_chk_warn (__fds, __nfds, __timeout,
> +				__glibc_objsize (__fds));
>      }
>  
>    return __poll_alias (__fds, __nfds, __timeout);
> @@ -65,13 +66,14 @@ __fortify_function int
>  ppoll (struct pollfd *__fds, nfds_t __nfds, const struct timespec *__timeout,
>         const __sigset_t *__ss)
>  {
> -  if (__bos (__fds) != (__SIZE_TYPE__) -1)
> +  if (__glibc_objsize (__fds) != (__SIZE_TYPE__) -1)
>      {
>        if (! __builtin_constant_p (__nfds))
> -	return __ppoll_chk (__fds, __nfds, __timeout, __ss, __bos (__fds));
> -      else if (__bos (__fds) / sizeof (*__fds) < __nfds)
> +	return __ppoll_chk (__fds, __nfds, __timeout, __ss,
> +			    __glibc_objsize (__fds));
> +      else if (__glibc_objsize (__fds) / sizeof (*__fds) < __nfds)
>  	return __ppoll_chk_warn (__fds, __nfds, __timeout, __ss,
> -				 __bos (__fds));
> +				 __glibc_objsize (__fds));
>      }
>  
>    return __ppoll_alias (__fds, __nfds, __timeout, __ss);
> diff --git a/libio/bits/stdio.h b/libio/bits/stdio.h
> index 6745571ed5..6d1f0f9fc9 100644
> --- a/libio/bits/stdio.h
> +++ b/libio/bits/stdio.h
> @@ -31,7 +31,7 @@
>  
>  
>  #ifdef __USE_EXTERN_INLINES
> -/* For -D_FORTIFY_SOURCE{,=2} bits/stdio2.h will define a different
> +/* For -D_FORTIFY_SOURCE{,=2,=3} bits/stdio2.h will define a different
>     inline.  */
>  # if !(__USE_FORTIFY_LEVEL > 0 && defined __fortify_function)
>  /* Write formatted output to stdout from argument list ARG.  */
> diff --git a/libio/bits/stdio2.h b/libio/bits/stdio2.h
> index ff9202c2cb..365c25b7b0 100644
> --- a/libio/bits/stdio2.h
> +++ b/libio/bits/stdio2.h
> @@ -36,12 +36,13 @@ __fortify_function int
>  __NTH (sprintf (char *__restrict __s, const char *__restrict __fmt, ...))
>  {
>    return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
> -				  __bos (__s), __fmt, __va_arg_pack ());
> +				  __glibc_objsize (__s), __fmt,
> +				  __va_arg_pack ());
>  }
>  #elif !defined __cplusplus
>  # define sprintf(str, ...) \
> -  __builtin___sprintf_chk (str, __USE_FORTIFY_LEVEL - 1, __bos (str), \
> -			   __VA_ARGS__)
> +  __builtin___sprintf_chk (str, __USE_FORTIFY_LEVEL - 1,		      \
> +			   __glibc_objsize (str), __VA_ARGS__)
>  #endif
>  
>  __fortify_function int
> @@ -49,7 +50,7 @@ __NTH (vsprintf (char *__restrict __s, const char *__restrict __fmt,
>  		 __gnuc_va_list __ap))
>  {
>    return __builtin___vsprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
> -				   __bos (__s), __fmt, __ap);
> +				   __glibc_objsize (__s), __fmt, __ap);
>  }
>  
>  #if defined __USE_ISOC99 || defined __USE_UNIX98
> @@ -68,12 +69,13 @@ __NTH (snprintf (char *__restrict __s, size_t __n,
>  		 const char *__restrict __fmt, ...))
>  {
>    return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
> -				   __bos (__s), __fmt, __va_arg_pack ());
> +				   __glibc_objsize (__s), __fmt,
> +				   __va_arg_pack ());
>  }
>  # elif !defined __cplusplus
>  #  define snprintf(str, len, ...) \
> -  __builtin___snprintf_chk (str, len, __USE_FORTIFY_LEVEL - 1, __bos (str), \
> -			    __VA_ARGS__)
> +  __builtin___snprintf_chk (str, len, __USE_FORTIFY_LEVEL - 1,		      \
> +			    __glibc_objsize (str), __VA_ARGS__)
>  # endif
>  
>  __fortify_function int
> @@ -81,7 +83,7 @@ __NTH (vsnprintf (char *__restrict __s, size_t __n,
>  		  const char *__restrict __fmt, __gnuc_va_list __ap))
>  {
>    return __builtin___vsnprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
> -				    __bos (__s), __fmt, __ap);
> +				    __glibc_objsize (__s), __fmt, __ap);
>  }
>  
>  #endif
> @@ -237,8 +239,8 @@ extern char *__REDIRECT (__gets_warn, (char *__str), gets)
>  __fortify_function __wur char *
>  gets (char *__str)
>  {
> -  if (__bos (__str) != (size_t) -1)
> -    return __gets_chk (__str, __bos (__str));
> +  if (__glibc_objsize (__str) != (size_t) -1)
> +    return __gets_chk (__str, __glibc_objsize (__str));
>    return __gets_warn (__str);
>  }
>  #endif
> @@ -259,13 +261,13 @@ extern char *__REDIRECT (__fgets_chk_warn,
>  __fortify_function __wur __attr_access ((__write_only__, 1, 2)) char *
>  fgets (char *__restrict __s, int __n, FILE *__restrict __stream)
>  {
> -  if (__bos (__s) != (size_t) -1)
> +  if (__glibc_objsize (__s) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n) || __n <= 0)
> -	return __fgets_chk (__s, __bos (__s), __n, __stream);
> +	return __fgets_chk (__s, __glibc_objsize (__s), __n, __stream);
>  
> -      if ((size_t) __n > __bos (__s))
> -	return __fgets_chk_warn (__s, __bos (__s), __n, __stream);
> +      if ((size_t) __n > __glibc_objsize (__s))
> +	return __fgets_chk_warn (__s, __glibc_objsize (__s), __n, __stream);
>      }
>    return __fgets_alias (__s, __n, __stream);
>  }
> @@ -289,15 +291,17 @@ __fortify_function __wur size_t
>  fread (void *__restrict __ptr, size_t __size, size_t __n,
>         FILE *__restrict __stream)
>  {
> -  if (__bos0 (__ptr) != (size_t) -1)
> +  if (__glibc_objsize0 (__ptr) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__size)
>  	  || !__builtin_constant_p (__n)
>  	  || (__size | __n) >= (((size_t) 1) << (8 * sizeof (size_t) / 2)))
> -	return __fread_chk (__ptr, __bos0 (__ptr), __size, __n, __stream);
> +	return __fread_chk (__ptr, __glibc_objsize0 (__ptr), __size, __n,
> +			    __stream);
>  
> -      if (__size * __n > __bos0 (__ptr))
> -	return __fread_chk_warn (__ptr, __bos0 (__ptr), __size, __n, __stream);
> +      if (__size * __n > __glibc_objsize0 (__ptr))
> +	return __fread_chk_warn (__ptr, __glibc_objsize0 (__ptr), __size, __n,
> +				 __stream);
>      }
>    return __fread_alias (__ptr, __size, __n, __stream);
>  }
> @@ -319,13 +323,15 @@ extern char *__REDIRECT (__fgets_unlocked_chk_warn,
>  __fortify_function __wur __attr_access ((__write_only__, 1, 2)) char *
>  fgets_unlocked (char *__restrict __s, int __n, FILE *__restrict __stream)
>  {
> -  if (__bos (__s) != (size_t) -1)
> +  if (__glibc_objsize (__s) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n) || __n <= 0)
> -	return __fgets_unlocked_chk (__s, __bos (__s), __n, __stream);
> +	return __fgets_unlocked_chk (__s, __glibc_objsize (__s), __n,
> +				     __stream);
>  
> -      if ((size_t) __n > __bos (__s))
> -	return __fgets_unlocked_chk_warn (__s, __bos (__s), __n, __stream);
> +      if ((size_t) __n > __glibc_objsize (__s))
> +	return __fgets_unlocked_chk_warn (__s, __glibc_objsize (__s), __n,
> +					  __stream);
>      }
>    return __fgets_unlocked_alias (__s, __n, __stream);
>  }
> @@ -352,17 +358,17 @@ __fortify_function __wur size_t
>  fread_unlocked (void *__restrict __ptr, size_t __size, size_t __n,
>  		FILE *__restrict __stream)
>  {
> -  if (__bos0 (__ptr) != (size_t) -1)
> +  if (__glibc_objsize0 (__ptr) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__size)
>  	  || !__builtin_constant_p (__n)
>  	  || (__size | __n) >= (((size_t) 1) << (8 * sizeof (size_t) / 2)))
> -	return __fread_unlocked_chk (__ptr, __bos0 (__ptr), __size, __n,
> -				     __stream);
> +	return __fread_unlocked_chk (__ptr, __glibc_objsize0 (__ptr), __size,
> +				     __n, __stream);
>  
> -      if (__size * __n > __bos0 (__ptr))
> -	return __fread_unlocked_chk_warn (__ptr, __bos0 (__ptr), __size, __n,
> -					  __stream);
> +      if (__size * __n > __glibc_objsize0 (__ptr))
> +	return __fread_unlocked_chk_warn (__ptr, __glibc_objsize0 (__ptr),
> +					  __size, __n, __stream);
>      }
>  
>  # ifdef __USE_EXTERN_INLINES
> diff --git a/posix/bits/unistd.h b/posix/bits/unistd.h
> index 725a83eb0d..6c5ed0c618 100644
> --- a/posix/bits/unistd.h
> +++ b/posix/bits/unistd.h
> @@ -35,13 +35,14 @@ extern ssize_t __REDIRECT (__read_chk_warn,
>  __fortify_function __wur ssize_t
>  read (int __fd, void *__buf, size_t __nbytes)
>  {
> -  if (__bos0 (__buf) != (size_t) -1)
> +  if (__glibc_objsize0 (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__nbytes))
> -	return __read_chk (__fd, __buf, __nbytes, __bos0 (__buf));
> +	return __read_chk (__fd, __buf, __nbytes, __glibc_objsize0 (__buf));
>  
> -      if (__nbytes > __bos0 (__buf))
> -	return __read_chk_warn (__fd, __buf, __nbytes, __bos0 (__buf));
> +      if (__nbytes > __glibc_objsize0 (__buf))
> +	return __read_chk_warn (__fd, __buf, __nbytes,
> +				__glibc_objsize0 (__buf));
>      }
>    return __read_alias (__fd, __buf, __nbytes);
>  }
> @@ -77,14 +78,15 @@ extern ssize_t __REDIRECT (__pread64_chk_warn,
>  __fortify_function __wur ssize_t
>  pread (int __fd, void *__buf, size_t __nbytes, __off_t __offset)
>  {
> -  if (__bos0 (__buf) != (size_t) -1)
> +  if (__glibc_objsize0 (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__nbytes))
> -	return __pread_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf));
> +	return __pread_chk (__fd, __buf, __nbytes, __offset,
> +			    __glibc_objsize0 (__buf));
>  
> -      if ( __nbytes > __bos0 (__buf))
> +      if ( __nbytes > __glibc_objsize0 (__buf))
>  	return __pread_chk_warn (__fd, __buf, __nbytes, __offset,
> -				 __bos0 (__buf));
> +				 __glibc_objsize0 (__buf));
>      }
>    return __pread_alias (__fd, __buf, __nbytes, __offset);
>  }
> @@ -92,14 +94,15 @@ pread (int __fd, void *__buf, size_t __nbytes, __off_t __offset)
>  __fortify_function __wur ssize_t
>  pread (int __fd, void *__buf, size_t __nbytes, __off64_t __offset)
>  {
> -  if (__bos0 (__buf) != (size_t) -1)
> +  if (__glibc_objsize0 (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__nbytes))
> -	return __pread64_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf));
> +	return __pread64_chk (__fd, __buf, __nbytes, __offset,
> +			      __glibc_objsize0 (__buf));
>  
> -      if ( __nbytes > __bos0 (__buf))
> +      if ( __nbytes > __glibc_objsize0 (__buf))
>  	return __pread64_chk_warn (__fd, __buf, __nbytes, __offset,
> -				   __bos0 (__buf));
> +				   __glibc_objsize0 (__buf));
>      }
>  
>    return __pread64_alias (__fd, __buf, __nbytes, __offset);
> @@ -110,14 +113,15 @@ pread (int __fd, void *__buf, size_t __nbytes, __off64_t __offset)
>  __fortify_function __wur ssize_t
>  pread64 (int __fd, void *__buf, size_t __nbytes, __off64_t __offset)
>  {
> -  if (__bos0 (__buf) != (size_t) -1)
> +  if (__glibc_objsize0 (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__nbytes))
> -	return __pread64_chk (__fd, __buf, __nbytes, __offset, __bos0 (__buf));
> +	return __pread64_chk (__fd, __buf, __nbytes, __offset,
> +			      __glibc_objsize0 (__buf));
>  
> -      if ( __nbytes > __bos0 (__buf))
> +      if ( __nbytes > __glibc_objsize0 (__buf))
>  	return __pread64_chk_warn (__fd, __buf, __nbytes, __offset,
> -				   __bos0 (__buf));
> +				   __glibc_objsize0 (__buf));
>      }
>  
>    return __pread64_alias (__fd, __buf, __nbytes, __offset);
> @@ -145,13 +149,14 @@ __fortify_function __nonnull ((1, 2)) __wur ssize_t
>  __NTH (readlink (const char *__restrict __path, char *__restrict __buf,
>  		 size_t __len))
>  {
> -  if (__bos (__buf) != (size_t) -1)
> +  if (__glibc_objsize (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__len))
> -	return __readlink_chk (__path, __buf, __len, __bos (__buf));
> +	return __readlink_chk (__path, __buf, __len, __glibc_objsize (__buf));
>  
> -      if ( __len > __bos (__buf))
> -	return __readlink_chk_warn (__path, __buf, __len, __bos (__buf));
> +      if ( __len > __glibc_objsize (__buf))
> +	return __readlink_chk_warn (__path, __buf, __len,
> +				    __glibc_objsize (__buf));
>      }
>    return __readlink_alias (__path, __buf, __len);
>  }
> @@ -179,14 +184,15 @@ __fortify_function __nonnull ((2, 3)) __wur ssize_t
>  __NTH (readlinkat (int __fd, const char *__restrict __path,
>  		   char *__restrict __buf, size_t __len))
>  {
> -  if (__bos (__buf) != (size_t) -1)
> +  if (__glibc_objsize (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__len))
> -	return __readlinkat_chk (__fd, __path, __buf, __len, __bos (__buf));
> +	return __readlinkat_chk (__fd, __path, __buf, __len,
> +				 __glibc_objsize (__buf));
>  
> -      if (__len > __bos (__buf))
> +      if (__len > __glibc_objsize (__buf))
>  	return __readlinkat_chk_warn (__fd, __path, __buf, __len,
> -				      __bos (__buf));
> +				      __glibc_objsize (__buf));
>      }
>    return __readlinkat_alias (__fd, __path, __buf, __len);
>  }
> @@ -206,13 +212,13 @@ extern char *__REDIRECT_NTH (__getcwd_chk_warn,
>  __fortify_function __wur char *
>  __NTH (getcwd (char *__buf, size_t __size))
>  {
> -  if (__bos (__buf) != (size_t) -1)
> +  if (__glibc_objsize (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__size))
> -	return __getcwd_chk (__buf, __size, __bos (__buf));
> +	return __getcwd_chk (__buf, __size, __glibc_objsize (__buf));
>  
> -      if (__size > __bos (__buf))
> -	return __getcwd_chk_warn (__buf, __size, __bos (__buf));
> +      if (__size > __glibc_objsize (__buf))
> +	return __getcwd_chk_warn (__buf, __size, __glibc_objsize (__buf));
>      }
>    return __getcwd_alias (__buf, __size);
>  }
> @@ -227,8 +233,8 @@ extern char *__REDIRECT_NTH (__getwd_warn, (char *__buf), getwd)
>  __fortify_function __nonnull ((1)) __attribute_deprecated__ __wur char *
>  __NTH (getwd (char *__buf))
>  {
> -  if (__bos (__buf) != (size_t) -1)
> -    return __getwd_chk (__buf, __bos (__buf));
> +  if (__glibc_objsize (__buf) != (size_t) -1)
> +    return __getwd_chk (__buf, __glibc_objsize (__buf));
>    return __getwd_warn (__buf);
>  }
>  #endif
> @@ -248,13 +254,14 @@ extern size_t __REDIRECT_NTH (__confstr_chk_warn,
>  __fortify_function size_t
>  __NTH (confstr (int __name, char *__buf, size_t __len))
>  {
> -  if (__bos (__buf) != (size_t) -1)
> +  if (__glibc_objsize (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__len))
> -	return __confstr_chk (__name, __buf, __len, __bos (__buf));
> +	return __confstr_chk (__name, __buf, __len, __glibc_objsize (__buf));
>  
> -      if (__bos (__buf) < __len)
> -	return __confstr_chk_warn (__name, __buf, __len, __bos (__buf));
> +      if (__glibc_objsize (__buf) < __len)
> +	return __confstr_chk_warn (__name, __buf, __len,
> +				   __glibc_objsize (__buf));
>      }
>    return __confstr_alias (__name, __buf, __len);
>  }
> @@ -273,13 +280,13 @@ extern int __REDIRECT_NTH (__getgroups_chk_warn,
>  __fortify_function int
>  __NTH (getgroups (int __size, __gid_t __list[]))
>  {
> -  if (__bos (__list) != (size_t) -1)
> +  if (__glibc_objsize (__list) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__size) || __size < 0)
> -	return __getgroups_chk (__size, __list, __bos (__list));
> +	return __getgroups_chk (__size, __list, __glibc_objsize (__list));
>  
> -      if (__size * sizeof (__gid_t) > __bos (__list))
> -	return __getgroups_chk_warn (__size, __list, __bos (__list));
> +      if (__size * sizeof (__gid_t) > __glibc_objsize (__list))
> +	return __getgroups_chk_warn (__size, __list, __glibc_objsize (__list));
>      }
>    return __getgroups_alias (__size, __list);
>  }
> @@ -300,13 +307,15 @@ extern int __REDIRECT_NTH (__ttyname_r_chk_warn,
>  __fortify_function int
>  __NTH (ttyname_r (int __fd, char *__buf, size_t __buflen))
>  {
> -  if (__bos (__buf) != (size_t) -1)
> +  if (__glibc_objsize (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__buflen))
> -	return __ttyname_r_chk (__fd, __buf, __buflen, __bos (__buf));
> +	return __ttyname_r_chk (__fd, __buf, __buflen,
> +				__glibc_objsize (__buf));
>  
> -      if (__buflen > __bos (__buf))
> -	return __ttyname_r_chk_warn (__fd, __buf, __buflen, __bos (__buf));
> +      if (__buflen > __glibc_objsize (__buf))
> +	return __ttyname_r_chk_warn (__fd, __buf, __buflen,
> +				     __glibc_objsize (__buf));
>      }
>    return __ttyname_r_alias (__fd, __buf, __buflen);
>  }
> @@ -326,13 +335,14 @@ extern int __REDIRECT (__getlogin_r_chk_warn,
>  __fortify_function int
>  getlogin_r (char *__buf, size_t __buflen)
>  {
> -  if (__bos (__buf) != (size_t) -1)
> +  if (__glibc_objsize (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__buflen))
> -	return __getlogin_r_chk (__buf, __buflen, __bos (__buf));
> +	return __getlogin_r_chk (__buf, __buflen, __glibc_objsize (__buf));
>  
> -      if (__buflen > __bos (__buf))
> -	return __getlogin_r_chk_warn (__buf, __buflen, __bos (__buf));
> +      if (__buflen > __glibc_objsize (__buf))
> +	return __getlogin_r_chk_warn (__buf, __buflen,
> +				      __glibc_objsize (__buf));
>      }
>    return __getlogin_r_alias (__buf, __buflen);
>  }
> @@ -354,13 +364,14 @@ extern int __REDIRECT_NTH (__gethostname_chk_warn,
>  __fortify_function int
>  __NTH (gethostname (char *__buf, size_t __buflen))
>  {
> -  if (__bos (__buf) != (size_t) -1)
> +  if (__glibc_objsize (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__buflen))
> -	return __gethostname_chk (__buf, __buflen, __bos (__buf));
> +	return __gethostname_chk (__buf, __buflen, __glibc_objsize (__buf));
>  
> -      if (__buflen > __bos (__buf))
> -	return __gethostname_chk_warn (__buf, __buflen, __bos (__buf));
> +      if (__buflen > __glibc_objsize (__buf))
> +	return __gethostname_chk_warn (__buf, __buflen,
> +				       __glibc_objsize (__buf));
>      }
>    return __gethostname_alias (__buf, __buflen);
>  }
> @@ -384,13 +395,14 @@ extern int __REDIRECT_NTH (__getdomainname_chk_warn,
>  __fortify_function int
>  __NTH (getdomainname (char *__buf, size_t __buflen))
>  {
> -  if (__bos (__buf) != (size_t) -1)
> +  if (__glibc_objsize (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__buflen))
> -	return __getdomainname_chk (__buf, __buflen, __bos (__buf));
> +	return __getdomainname_chk (__buf, __buflen, __glibc_objsize (__buf));
>  
> -      if (__buflen > __bos (__buf))
> -	return __getdomainname_chk_warn (__buf, __buflen, __bos (__buf));
> +      if (__buflen > __glibc_objsize (__buf))
> +	return __getdomainname_chk_warn (__buf, __buflen,
> +					 __glibc_objsize (__buf));
>      }
>    return __getdomainname_alias (__buf, __buflen);
>  }
> diff --git a/socket/bits/socket2.h b/socket/bits/socket2.h
> index c0421ce244..05418ba9c3 100644
> --- a/socket/bits/socket2.h
> +++ b/socket/bits/socket2.h
> @@ -33,13 +33,15 @@ extern ssize_t __REDIRECT (__recv_chk_warn,
>  __fortify_function ssize_t
>  recv (int __fd, void *__buf, size_t __n, int __flags)
>  {
> -  if (__bos0 (__buf) != (size_t) -1)
> +  if (__glibc_objsize0 (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n))
> -	return __recv_chk (__fd, __buf, __n, __bos0 (__buf), __flags);
> +	return __recv_chk (__fd, __buf, __n, __glibc_objsize0 (__buf),
> +			   __flags);
>  
> -      if (__n > __bos0 (__buf))
> -	return __recv_chk_warn (__fd, __buf, __n, __bos0 (__buf), __flags);
> +      if (__n > __glibc_objsize0 (__buf))
> +	return __recv_chk_warn (__fd, __buf, __n, __glibc_objsize0 (__buf),
> +				__flags);
>      }
>    return __recv_alias (__fd, __buf, __n, __flags);
>  }
> @@ -64,14 +66,14 @@ __fortify_function ssize_t
>  recvfrom (int __fd, void *__restrict __buf, size_t __n, int __flags,
>  	  __SOCKADDR_ARG __addr, socklen_t *__restrict __addr_len)
>  {
> -  if (__bos0 (__buf) != (size_t) -1)
> +  if (__glibc_objsize0 (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n))
> -	return __recvfrom_chk (__fd, __buf, __n, __bos0 (__buf), __flags,
> -			       __addr, __addr_len);
> -      if (__n > __bos0 (__buf))
> -	return __recvfrom_chk_warn (__fd, __buf, __n, __bos0 (__buf), __flags,
> -				    __addr, __addr_len);
> +	return __recvfrom_chk (__fd, __buf, __n, __glibc_objsize0 (__buf),
> +			       __flags, __addr, __addr_len);
> +      if (__n > __glibc_objsize0 (__buf))
> +	return __recvfrom_chk_warn (__fd, __buf, __n, __glibc_objsize0 (__buf),
> +				    __flags, __addr, __addr_len);
>      }
>    return __recvfrom_alias (__fd, __buf, __n, __flags, __addr, __addr_len);
>  }
> diff --git a/stdlib/bits/stdlib.h b/stdlib/bits/stdlib.h
> index 9134d3f36b..b495cd6929 100644
> --- a/stdlib/bits/stdlib.h
> +++ b/stdlib/bits/stdlib.h
> @@ -36,13 +36,14 @@ extern char *__REDIRECT_NTH (__realpath_chk_warn,
>  __fortify_function __wur char *
>  __NTH (realpath (const char *__restrict __name, char *__restrict __resolved))
>  {
> -  if (__bos (__resolved) != (size_t) -1)
> +  if (__glibc_objsize (__resolved) != (size_t) -1)
>      {
>  #if defined _LIBC_LIMITS_H_ && defined PATH_MAX
> -      if (__bos (__resolved) < PATH_MAX)
> -	return __realpath_chk_warn (__name, __resolved, __bos (__resolved));
> +      if (__glibc_objsize (__resolved) < PATH_MAX)
> +	return __realpath_chk_warn (__name, __resolved,
> +				    __glibc_objsize (__resolved));
>  #endif
> -      return __realpath_chk (__name, __resolved, __bos (__resolved));
> +      return __realpath_chk (__name, __resolved, __glibc_objsize (__resolved));
>      }
>  
>    return __realpath_alias (__name, __resolved);
> @@ -64,12 +65,14 @@ extern int __REDIRECT_NTH (__ptsname_r_chk_warn,
>  __fortify_function int
>  __NTH (ptsname_r (int __fd, char *__buf, size_t __buflen))
>  {
> -  if (__bos (__buf) != (size_t) -1)
> +  if (__glibc_objsize (__buf) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__buflen))
> -	return __ptsname_r_chk (__fd, __buf, __buflen, __bos (__buf));
> -      if (__buflen > __bos (__buf))
> -	return __ptsname_r_chk_warn (__fd, __buf, __buflen, __bos (__buf));
> +	return __ptsname_r_chk (__fd, __buf, __buflen,
> +				__glibc_objsize (__buf));
> +      if (__buflen > __glibc_objsize (__buf))
> +	return __ptsname_r_chk_warn (__fd, __buf, __buflen,
> +				     __glibc_objsize (__buf));
>      }
>    return __ptsname_r_alias (__fd, __buf, __buflen);
>  }
> @@ -90,8 +93,9 @@ __NTH (wctomb (char *__s, wchar_t __wchar))
>  #if defined MB_LEN_MAX && MB_LEN_MAX != __STDLIB_MB_LEN_MAX
>  # error "Assumed value of MB_LEN_MAX wrong"
>  #endif
> -  if (__bos (__s) != (size_t) -1 && __STDLIB_MB_LEN_MAX > __bos (__s))
> -    return __wctomb_chk (__s, __wchar, __bos (__s));
> +  if (__glibc_objsize (__s) != (size_t) -1
> +      && __STDLIB_MB_LEN_MAX > __glibc_objsize (__s))
> +    return __wctomb_chk (__s, __wchar, __glibc_objsize (__s));
>    return __wctomb_alias (__s, __wchar);
>  }
>  
> @@ -116,15 +120,16 @@ __fortify_function size_t
>  __NTH (mbstowcs (wchar_t *__restrict __dst, const char *__restrict __src,
>  		 size_t __len))
>  {
> -  if (__bos (__dst) != (size_t) -1)
> +  if (__glibc_objsize (__dst) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__len))
>  	return __mbstowcs_chk (__dst, __src, __len,
> -			       __bos (__dst) / sizeof (wchar_t));
> +			       __glibc_objsize (__dst) / sizeof (wchar_t));
>  
> -      if (__len > __bos (__dst) / sizeof (wchar_t))
> +      if (__len > __glibc_objsize (__dst) / sizeof (wchar_t))
>  	return __mbstowcs_chk_warn (__dst, __src, __len,
> -				     __bos (__dst) / sizeof (wchar_t));
> +				    (__glibc_objsize (__dst)
> +				     / sizeof (wchar_t)));
>      }
>    return __mbstowcs_alias (__dst, __src, __len);
>  }
> @@ -149,12 +154,13 @@ __fortify_function size_t
>  __NTH (wcstombs (char *__restrict __dst, const wchar_t *__restrict __src,
>  		 size_t __len))
>  {
> -  if (__bos (__dst) != (size_t) -1)
> +  if (__glibc_objsize (__dst) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__len))
> -	return __wcstombs_chk (__dst, __src, __len, __bos (__dst));
> -      if (__len > __bos (__dst))
> -	return __wcstombs_chk_warn (__dst, __src, __len, __bos (__dst));
> +	return __wcstombs_chk (__dst, __src, __len, __glibc_objsize (__dst));
> +      if (__len > __glibc_objsize (__dst))
> +	return __wcstombs_chk_warn (__dst, __src, __len,
> +				    __glibc_objsize (__dst));
>      }
>    return __wcstombs_alias (__dst, __src, __len);
>  }
> diff --git a/wcsmbs/bits/wchar2.h b/wcsmbs/bits/wchar2.h
> index 86e8e23e76..6631d6f76d 100644
> --- a/wcsmbs/bits/wchar2.h
> +++ b/wcsmbs/bits/wchar2.h
> @@ -39,15 +39,15 @@ __fortify_function wchar_t *
>  __NTH (wmemcpy (wchar_t *__restrict __s1, const wchar_t *__restrict __s2,
>  		size_t __n))
>  {
> -  if (__bos0 (__s1) != (size_t) -1)
> +  if (__glibc_objsize0 (__s1) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n))
>  	return __wmemcpy_chk (__s1, __s2, __n,
> -			      __bos0 (__s1) / sizeof (wchar_t));
> +			      __glibc_objsize0 (__s1) / sizeof (wchar_t));
>  
> -      if (__n > __bos0 (__s1) / sizeof (wchar_t))
> +      if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t))
>  	return __wmemcpy_chk_warn (__s1, __s2, __n,
> -				   __bos0 (__s1) / sizeof (wchar_t));
> +				   __glibc_objsize0 (__s1) / sizeof (wchar_t));
>      }
>    return __wmemcpy_alias (__s1, __s2, __n);
>  }
> @@ -67,15 +67,16 @@ extern wchar_t *__REDIRECT_NTH (__wmemmove_chk_warn,
>  __fortify_function wchar_t *
>  __NTH (wmemmove (wchar_t *__s1, const wchar_t *__s2, size_t __n))
>  {
> -  if (__bos0 (__s1) != (size_t) -1)
> +  if (__glibc_objsize0 (__s1) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n))
>  	return __wmemmove_chk (__s1, __s2, __n,
> -			       __bos0 (__s1) / sizeof (wchar_t));
> +			       __glibc_objsize0 (__s1) / sizeof (wchar_t));
>  
> -      if (__n > __bos0 (__s1) / sizeof (wchar_t))
> +      if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t))
>  	return __wmemmove_chk_warn (__s1, __s2, __n,
> -				    __bos0 (__s1) / sizeof (wchar_t));
> +				    (__glibc_objsize0 (__s1)
> +				     / sizeof (wchar_t)));
>      }
>    return __wmemmove_alias (__s1, __s2, __n);
>  }
> @@ -100,15 +101,16 @@ __fortify_function wchar_t *
>  __NTH (wmempcpy (wchar_t *__restrict __s1, const wchar_t *__restrict __s2,
>  		 size_t __n))
>  {
> -  if (__bos0 (__s1) != (size_t) -1)
> +  if (__glibc_objsize0 (__s1) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n))
>  	return __wmempcpy_chk (__s1, __s2, __n,
> -			       __bos0 (__s1) / sizeof (wchar_t));
> +			       __glibc_objsize0 (__s1) / sizeof (wchar_t));
>  
> -      if (__n > __bos0 (__s1) / sizeof (wchar_t))
> +      if (__n > __glibc_objsize0 (__s1) / sizeof (wchar_t))
>  	return __wmempcpy_chk_warn (__s1, __s2, __n,
> -				    __bos0 (__s1) / sizeof (wchar_t));
> +				    (__glibc_objsize0 (__s1)
> +				     / sizeof (wchar_t)));
>      }
>    return __wmempcpy_alias (__s1, __s2, __n);
>  }
> @@ -128,14 +130,15 @@ extern wchar_t *__REDIRECT_NTH (__wmemset_chk_warn,
>  __fortify_function wchar_t *
>  __NTH (wmemset (wchar_t *__s, wchar_t __c, size_t __n))
>  {
> -  if (__bos0 (__s) != (size_t) -1)
> +  if (__glibc_objsize0 (__s) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n))
> -	return __wmemset_chk (__s, __c, __n, __bos0 (__s) / sizeof (wchar_t));
> +	return __wmemset_chk (__s, __c, __n,
> +			      __glibc_objsize0 (__s) / sizeof (wchar_t));
>  
> -      if (__n > __bos0 (__s) / sizeof (wchar_t))
> +      if (__n > __glibc_objsize0 (__s) / sizeof (wchar_t))
>  	return __wmemset_chk_warn (__s, __c, __n,
> -				   __bos0 (__s) / sizeof (wchar_t));
> +				   __glibc_objsize0 (__s) / sizeof (wchar_t));
>      }
>    return __wmemset_alias (__s, __c, __n);
>  }
> @@ -151,8 +154,9 @@ extern wchar_t *__REDIRECT_NTH (__wcscpy_alias,
>  __fortify_function wchar_t *
>  __NTH (wcscpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src))
>  {
> -  if (__bos (__dest) != (size_t) -1)
> -    return __wcscpy_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t));
> +  if (__glibc_objsize (__dest) != (size_t) -1)
> +    return __wcscpy_chk (__dest, __src,
> +			 __glibc_objsize (__dest) / sizeof (wchar_t));
>    return __wcscpy_alias (__dest, __src);
>  }
>  
> @@ -167,8 +171,9 @@ extern wchar_t *__REDIRECT_NTH (__wcpcpy_alias,
>  __fortify_function wchar_t *
>  __NTH (wcpcpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src))
>  {
> -  if (__bos (__dest) != (size_t) -1)
> -    return __wcpcpy_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t));
> +  if (__glibc_objsize (__dest) != (size_t) -1)
> +    return __wcpcpy_chk (__dest, __src,
> +			 __glibc_objsize (__dest) / sizeof (wchar_t));
>    return __wcpcpy_alias (__dest, __src);
>  }
>  
> @@ -191,14 +196,15 @@ __fortify_function wchar_t *
>  __NTH (wcsncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src,
>  		size_t __n))
>  {
> -  if (__bos (__dest) != (size_t) -1)
> +  if (__glibc_objsize (__dest) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n))
>  	return __wcsncpy_chk (__dest, __src, __n,
> -			      __bos (__dest) / sizeof (wchar_t));
> -      if (__n > __bos (__dest) / sizeof (wchar_t))
> +			      __glibc_objsize (__dest) / sizeof (wchar_t));
> +      if (__n > __glibc_objsize (__dest) / sizeof (wchar_t))
>  	return __wcsncpy_chk_warn (__dest, __src, __n,
> -				   __bos (__dest) / sizeof (wchar_t));
> +				   (__glibc_objsize (__dest)
> +				    / sizeof (wchar_t)));
>      }
>    return __wcsncpy_alias (__dest, __src, __n);
>  }
> @@ -222,14 +228,15 @@ __fortify_function wchar_t *
>  __NTH (wcpncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src,
>  		size_t __n))
>  {
> -  if (__bos (__dest) != (size_t) -1)
> +  if (__glibc_objsize (__dest) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n))
>  	return __wcpncpy_chk (__dest, __src, __n,
> -			      __bos (__dest) / sizeof (wchar_t));
> -      if (__n > __bos (__dest) / sizeof (wchar_t))
> +			      __glibc_objsize (__dest) / sizeof (wchar_t));
> +      if (__n > __glibc_objsize (__dest) / sizeof (wchar_t))
>  	return __wcpncpy_chk_warn (__dest, __src, __n,
> -				   __bos (__dest) / sizeof (wchar_t));
> +				   (__glibc_objsize (__dest)
> +				    / sizeof (wchar_t)));
>      }
>    return __wcpncpy_alias (__dest, __src, __n);
>  }
> @@ -245,8 +252,9 @@ extern wchar_t *__REDIRECT_NTH (__wcscat_alias,
>  __fortify_function wchar_t *
>  __NTH (wcscat (wchar_t *__restrict __dest, const wchar_t *__restrict __src))
>  {
> -  if (__bos (__dest) != (size_t) -1)
> -    return __wcscat_chk (__dest, __src, __bos (__dest) / sizeof (wchar_t));
> +  if (__glibc_objsize (__dest) != (size_t) -1)
> +    return __wcscat_chk (__dest, __src,
> +			 __glibc_objsize (__dest) / sizeof (wchar_t));
>    return __wcscat_alias (__dest, __src);
>  }
>  
> @@ -263,9 +271,9 @@ __fortify_function wchar_t *
>  __NTH (wcsncat (wchar_t *__restrict __dest, const wchar_t *__restrict __src,
>  		size_t __n))
>  {
> -  if (__bos (__dest) != (size_t) -1)
> +  if (__glibc_objsize (__dest) != (size_t) -1)
>      return __wcsncat_chk (__dest, __src, __n,
> -			  __bos (__dest) / sizeof (wchar_t));
> +			  __glibc_objsize (__dest) / sizeof (wchar_t));
>    return __wcsncat_alias (__dest, __src, __n);
>  }
>  
> @@ -285,18 +293,18 @@ __fortify_function int
>  __NTH (swprintf (wchar_t *__restrict __s, size_t __n,
>  		 const wchar_t *__restrict __fmt, ...))
>  {
> -  if (__bos (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1)
> +  if (__glibc_objsize (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1)
>      return __swprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
> -			   __bos (__s) / sizeof (wchar_t),
> +			   __glibc_objsize (__s) / sizeof (wchar_t),
>  			   __fmt, __va_arg_pack ());
>    return __swprintf_alias (__s, __n, __fmt, __va_arg_pack ());
>  }
>  #elif !defined __cplusplus
>  /* XXX We might want to have support in gcc for swprintf.  */
>  # define swprintf(s, n, ...) \
> -  (__bos (s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1			      \
> +  (__glibc_objsize (s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1		      \
>     ? __swprintf_chk (s, n, __USE_FORTIFY_LEVEL - 1,			      \
> -		     __bos (s) / sizeof (wchar_t), __VA_ARGS__)		      \
> +		     __glibc_objsize (s) / sizeof (wchar_t), __VA_ARGS__)	      \
>     : swprintf (s, n, __VA_ARGS__))
>  #endif
>  
> @@ -315,9 +323,10 @@ __fortify_function int
>  __NTH (vswprintf (wchar_t *__restrict __s, size_t __n,
>  		  const wchar_t *__restrict __fmt, __gnuc_va_list __ap))
>  {
> -  if (__bos (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1)
> +  if (__glibc_objsize (__s) != (size_t) -1 || __USE_FORTIFY_LEVEL > 1)
>      return __vswprintf_chk (__s, __n,  __USE_FORTIFY_LEVEL - 1,
> -			    __bos (__s) / sizeof (wchar_t), __fmt, __ap);
> +			    __glibc_objsize (__s) / sizeof (wchar_t), __fmt,
> +			    __ap);
>    return __vswprintf_alias (__s, __n, __fmt, __ap);
>  }
>  
> @@ -383,14 +392,15 @@ extern wchar_t *__REDIRECT (__fgetws_chk_warn,
>  __fortify_function __wur wchar_t *
>  fgetws (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream)
>  {
> -  if (__bos (__s) != (size_t) -1)
> +  if (__glibc_objsize (__s) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n) || __n <= 0)
> -	return __fgetws_chk (__s, __bos (__s) / sizeof (wchar_t),
> +	return __fgetws_chk (__s, __glibc_objsize (__s) / sizeof (wchar_t),
>  			     __n, __stream);
>  
> -      if ((size_t) __n > __bos (__s) / sizeof (wchar_t))
> -	return __fgetws_chk_warn (__s, __bos (__s) / sizeof (wchar_t),
> +      if ((size_t) __n > __glibc_objsize (__s) / sizeof (wchar_t))
> +	return __fgetws_chk_warn (__s,
> +				  __glibc_objsize (__s) / sizeof (wchar_t),
>  				  __n, __stream);
>      }
>    return __fgetws_alias (__s, __n, __stream);
> @@ -414,14 +424,17 @@ extern wchar_t *__REDIRECT (__fgetws_unlocked_chk_warn,
>  __fortify_function __wur wchar_t *
>  fgetws_unlocked (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream)
>  {
> -  if (__bos (__s) != (size_t) -1)
> +  if (__glibc_objsize (__s) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__n) || __n <= 0)
> -	return __fgetws_unlocked_chk (__s, __bos (__s) / sizeof (wchar_t),
> +	return __fgetws_unlocked_chk (__s,
> +				      __glibc_objsize (__s) / sizeof (wchar_t),
>  				      __n, __stream);
>  
> -      if ((size_t) __n > __bos (__s) / sizeof (wchar_t))
> -	return __fgetws_unlocked_chk_warn (__s, __bos (__s) / sizeof (wchar_t),
> +      if ((size_t) __n > __glibc_objsize (__s) / sizeof (wchar_t))
> +	return __fgetws_unlocked_chk_warn (__s,
> +					   (__glibc_objsize (__s)
> +					    / sizeof (wchar_t)),
>  					   __n, __stream);
>      }
>    return __fgetws_unlocked_alias (__s, __n, __stream);
> @@ -447,8 +460,9 @@ __NTH (wcrtomb (char *__restrict __s, wchar_t __wchar,
>  #if defined MB_LEN_MAX && MB_LEN_MAX != __WCHAR_MB_LEN_MAX
>  # error "Assumed value of MB_LEN_MAX wrong"
>  #endif
> -  if (__bos (__s) != (size_t) -1 && __WCHAR_MB_LEN_MAX > __bos (__s))
> -    return __wcrtomb_chk (__s, __wchar, __ps, __bos (__s));
> +  if (__glibc_objsize (__s) != (size_t) -1
> +      && __WCHAR_MB_LEN_MAX > __glibc_objsize (__s))
> +    return __wcrtomb_chk (__s, __wchar, __ps, __glibc_objsize (__s));
>    return __wcrtomb_alias (__s, __wchar, __ps);
>  }
>  
> @@ -474,15 +488,16 @@ __fortify_function size_t
>  __NTH (mbsrtowcs (wchar_t *__restrict __dst, const char **__restrict __src,
>  		  size_t __len, mbstate_t *__restrict __ps))
>  {
> -  if (__bos (__dst) != (size_t) -1)
> +  if (__glibc_objsize (__dst) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__len))
>  	return __mbsrtowcs_chk (__dst, __src, __len, __ps,
> -				__bos (__dst) / sizeof (wchar_t));
> +				__glibc_objsize (__dst) / sizeof (wchar_t));
>  
> -      if (__len > __bos (__dst) / sizeof (wchar_t))
> +      if (__len > __glibc_objsize (__dst) / sizeof (wchar_t))
>  	return __mbsrtowcs_chk_warn (__dst, __src, __len, __ps,
> -				     __bos (__dst) / sizeof (wchar_t));
> +				     (__glibc_objsize (__dst)
> +				      / sizeof (wchar_t)));
>      }
>    return __mbsrtowcs_alias (__dst, __src, __len, __ps);
>  }
> @@ -508,13 +523,15 @@ __fortify_function size_t
>  __NTH (wcsrtombs (char *__restrict __dst, const wchar_t **__restrict __src,
>  		  size_t __len, mbstate_t *__restrict __ps))
>  {
> -  if (__bos (__dst) != (size_t) -1)
> +  if (__glibc_objsize (__dst) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__len))
> -	return __wcsrtombs_chk (__dst, __src, __len, __ps, __bos (__dst));
> +	return __wcsrtombs_chk (__dst, __src, __len, __ps,
> +				__glibc_objsize (__dst));
>  
> -      if (__len > __bos (__dst))
> -	return __wcsrtombs_chk_warn (__dst, __src, __len, __ps, __bos (__dst));
> +      if (__len > __glibc_objsize (__dst))
> +	return __wcsrtombs_chk_warn (__dst, __src, __len, __ps,
> +				     __glibc_objsize (__dst));
>      }
>    return __wcsrtombs_alias (__dst, __src, __len, __ps);
>  }
> @@ -542,15 +559,16 @@ __fortify_function size_t
>  __NTH (mbsnrtowcs (wchar_t *__restrict __dst, const char **__restrict __src,
>  		   size_t __nmc, size_t __len, mbstate_t *__restrict __ps))
>  {
> -  if (__bos (__dst) != (size_t) -1)
> +  if (__glibc_objsize (__dst) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__len))
>  	return __mbsnrtowcs_chk (__dst, __src, __nmc, __len, __ps,
> -				 __bos (__dst) / sizeof (wchar_t));
> +				 __glibc_objsize (__dst) / sizeof (wchar_t));
>  
> -      if (__len > __bos (__dst) / sizeof (wchar_t))
> +      if (__len > __glibc_objsize (__dst) / sizeof (wchar_t))
>  	return __mbsnrtowcs_chk_warn (__dst, __src, __nmc, __len, __ps,
> -				      __bos (__dst) / sizeof (wchar_t));
> +				      (__glibc_objsize (__dst)
> +				       / sizeof (wchar_t)));
>      }
>    return __mbsnrtowcs_alias (__dst, __src, __nmc, __len, __ps);
>  }
> @@ -578,15 +596,15 @@ __fortify_function size_t
>  __NTH (wcsnrtombs (char *__restrict __dst, const wchar_t **__restrict __src,
>  		   size_t __nwc, size_t __len, mbstate_t *__restrict __ps))
>  {
> -  if (__bos (__dst) != (size_t) -1)
> +  if (__glibc_objsize (__dst) != (size_t) -1)
>      {
>        if (!__builtin_constant_p (__len))
>  	return __wcsnrtombs_chk (__dst, __src, __nwc, __len, __ps,
> -				 __bos (__dst));
> +				 __glibc_objsize (__dst));
>  
> -      if (__len > __bos (__dst))
> +      if (__len > __glibc_objsize (__dst))
>  	return __wcsnrtombs_chk_warn (__dst, __src, __nwc, __len, __ps,
> -				      __bos (__dst));
> +				      __glibc_objsize (__dst));
>      }
>    return __wcsnrtombs_alias (__dst, __src, __nwc, __len, __ps);
>  }
>