From: Siddhesh Poyarekar <siddhesh@sourceware.org>
To: Adhemerval Zanella <adhemerval.zanella@linaro.org>,
libc-alpha@sourceware.org
Cc: fweimer@redhat.com, jakub@redhat.com
Subject: Re: [PATCH 1/2] string: _FORTIFY_SOURCE=3 using __builtin_dynamic_object_size
Date: Tue, 29 Dec 2020 20:44:10 +0530 [thread overview]
Message-ID: <616160c4-5077-b832-cc9a-3a84bcf0c09f@sourceware.org> (raw)
In-Reply-To: <3582945f-21f4-3640-426b-0a9e39329d04@linaro.org>
On 12/28/20 10:14 PM, Adhemerval Zanella via Libc-alpha wrote:
> For previous discussion I couldn't really grap what is the GCC intention
> regarding this new builtin. Would it willing to implement with the same
> semantic as LLVM has done or depending of result when glibc starts to
> provide it GCC will either change its semantic or not implement at all?
The original conversation around it is here[1], although the
conversation is more about extending __builtin_object_size vs
introducing a new builtin (i.e. the __builtin_dynamic_object_size that
eventually went into llvm).
My understanding from that conversation is that the gcc community sees
value in the builtin and is willing to consider it as long as its
semantics are comprehensively documented. Right now the only real
explanation for __builtin_dynamic_object_size is that "it's like
__builtin_object_size", which is inaccurate and misleading.
I wanted to do this first too, i.e. document
__builtin_dynamic_object_size semantics and work on getting it included
in gcc but I couldn't make the gcc stage 1 deadline (which was last
month) and decided to pick it up in 2021.
> If the former, using _FORTIFY_SOURCE=3 should be fine. However, if it
> is the latter I think it would be better to add it as another and different
> FORTIFY flag ( _FORTIFY_SOURCE_DYNAMIC or something like that).
>
> I really want to avoid the issue where developers would not see the
> expected code generation when using _FORTIFY_SOURCE=3 with gcc or the worse,
> where _FORTIFY_SOURCE=3 would have different semantic depending of the
> compiler used.
I don't foresee semantic differences diverging enough to be a
compatibility issue for developers using _FORTIFY_SOURCE=3. At worst,
it could result in developers either seeing performance differences
(because one compiler emits better code than the other due to the kind
of information it chooses to glean and retain from the builtin) or is
able to (or not) fortify functions, again because of how well it can
deduce object sizes. Such differences already exist in
__builtin_object_size.
Does that address your concern?
> This should be in a different patch, where glibc would handle not support
> _FORTIFY_SOURCE levels and emit the expected warnings.
OK.
> I think from previous version that Florian suggested renamed this internal macros
> to __glibc_objsize[0].
Hmm, I missed that. I'll rename it to __glibc_objsize.
Thanks,
Siddhesh
[1] https://gcc.gnu.org/legacy-ml/gcc/2019-01/msg00188.html
next prev parent reply other threads:[~2020-12-29 15:14 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-19 6:33 [PATCH v6 0/2] _FORTIFY_SOURCE=3 Siddhesh Poyarekar
2020-12-19 6:33 ` [PATCH 1/2] string: _FORTIFY_SOURCE=3 using __builtin_dynamic_object_size Siddhesh Poyarekar
2020-12-28 16:44 ` Adhemerval Zanella
2020-12-29 15:14 ` Siddhesh Poyarekar [this message]
2020-12-19 6:33 ` [PATCH 2/2] nonstring: " Siddhesh Poyarekar
2020-12-28 17:36 ` Adhemerval Zanella
2020-12-29 14:04 ` Siddhesh Poyarekar
2020-12-29 14:26 ` Jakub Jelinek
2020-12-22 13:00 ` [PATCH v6 0/2] _FORTIFY_SOURCE=3 Siddhesh Poyarekar
2020-12-22 21:49 ` Adhemerval Zanella
-- strict thread matches above, loose matches on Subject: below --
2020-12-10 18:13 [PATCH " Siddhesh Poyarekar
2020-12-10 18:13 ` [PATCH 1/2] string: _FORTIFY_SOURCE=3 using __builtin_dynamic_object_size Siddhesh Poyarekar
2020-12-10 19:10 ` Paul Eggert
2020-12-11 1:36 ` Siddhesh Poyarekar
2020-12-11 2:42 ` Paul Eggert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=616160c4-5077-b832-cc9a-3a84bcf0c09f@sourceware.org \
--to=siddhesh@sourceware.org \
--cc=adhemerval.zanella@linaro.org \
--cc=fweimer@redhat.com \
--cc=jakub@redhat.com \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).