NetBSD Problem Report #57288
From www@netbsd.org Fri Mar 24 06:03:49 2023
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 5C3071A9239
for <gnats-bugs@gnats.NetBSD.org>; Fri, 24 Mar 2023 06:03:49 +0000 (UTC)
Message-Id: <20230324060348.3BC721A923C@mollari.NetBSD.org>
Date: Fri, 24 Mar 2023 06:03:48 +0000 (UTC)
From: arthur200126@gmail.com
Reply-To: arthur200126@gmail.com
To: gnats-bugs@NetBSD.org
Subject: include/ssp/ssp.h: Use __builtin_dynamic_object_size for LLVM > 9 and GCC > 12
X-Send-Pr-Version: www-1.0
>Number: 57288
>Category: lib
>Synopsis: include/ssp/ssp.h: Use __builtin_dynamic_object_size for LLVM > 9 and GCC > 12
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: lib-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Mar 24 06:05:00 +0000 2023
>Last-Modified: Wed Mar 29 13:40:01 +0000 2023
>Originator: Mingye Wang
>Release: trunk, 24 March 2023
>Organization:
>Environment:
Irrelevant, just reading the source code.
>Description:
LLVM 9.0 and GCC 12.0 introduced support for __builtin_dynamic_object_size, which feeds into glibc's level 3 of _FORTIFY_SOURCE -- the point of the new builtin is to also give sizes unknown at compile time. NetBSD trunk currently uses LLVM 10.0git, which does have the feature.
NetBSD has its own implementation of the stuff in ssp, but its headers have not yet been updated to use the new thing. This affects downstream projects such as newlib and Cygwin, which use the NetBSD ssp.
>How-To-Repeat:
grep for __builtin_dynamic_object_size.
>Fix:
In the part that defines __SSP_FORTIFY_LEVEL, write instead:
```
#if !defined(__cplusplus)
# if _FORTIFY_SOURCE > 0 && !defined(__lint__) && \
(__OPTIMIZE__ > 0 || defined(__clang__)) && __GNUC_PREREQ__(4, 1)
# if _FORTIFY_SOURCE > 2 && __has_builtin(__builtin_dynamic_object_size)
# define __SSP_FORTIFY_LEVEL 3
# elif _FORTIFY_SOURCE > 1
# define __SSP_FORTIFY_LEVEL 2
# else
# define __SSP_FORTIFY_LEVEL 1
# endif
# else
# define __SSP_FORTIFY_LEVEL 0
# endif
#else
# define __SSP_FORTIFY_LEVEL 0
#endif
```
In the part that defines __ssp_bos{,0}, write instead:
```
#if __SSP_FORTIFY_LEVEL > 2
# define __ssp_bos(ptr) __builtin_dynamic_object_size(ptr, 1)
# define __ssp_bos0(ptr) __builtin_dynamic_object_size(ptr, 0)
#else
# define __ssp_bos(ptr) __builtin_object_size(ptr, __SSP_FORTIFY_LEVEL > 1)
# define __ssp_bos0(ptr) __builtin_object_size(ptr, 0)
#endif
```
>Audit-Trail:
From: Mingye Wang <arthur200126@gmail.com>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: lib/57288
Date: Fri, 24 Mar 2023 22:42:49 +0800
--000000000000e9d84b05f7a668df
Content-Type: text/plain; charset="UTF-8"
Ouch, pretend that I wrote >= on the subject line. I should also mention
that I lobbed an analogous bug at GCC at
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109270 -- they have a libssp
independent of glibc.
Apple libc *should* also get a report, but they don't make reports
externally-available, so no links there. Filed #275008996 at Android
because they also have a libc with this thing.
--000000000000e9d84b05f7a668df
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Ouch, pretend that I wrote >=3D on the subject line. I =
should also mention that I lobbed an analogous bug at GCC at=C2=A0<div dir=
=3D"auto"><a href=3D"https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D109270"=
target=3D"_blank">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D109270</a=
> -- they have a libssp independent of glibc.</div><div dir=3D"auto"><br></=
div><div dir=3D"auto">Apple libc *should* also get a report, but they don&#=
39;t make reports externally-available, so no links there. Filed #275008996=
at Android because they also have a libc with this thing.</div><div dir=3D=
"auto"></div>
</div>
--000000000000e9d84b05f7a668df--
From: Mingye Wang <arthur200126@gmail.com>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: lib/57288
Date: Sat, 25 Mar 2023 14:10:37 +0800
Huh, __has_builtin may be too recent (GCC 10) to stuff into these
headers. I am afraid that some hard version check is in order. Or you
could just...
#if defined(__clang__) || __GNUC__ >= 10
#define __has_fancy_builtin(x) __has_builtin(x)
#else
#define __has_fancy_builtin(x) 0
#endif
Well, it's "fancy" because it would be very wrong if applied to the
usual things from before GCC 10. Nah it's a terrible idea.
From: "Christos Zoulas" <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/57288 CVS commit: src/include/ssp
Date: Wed, 29 Mar 2023 09:37:10 -0400
Module Name: src
Committed By: christos
Date: Wed Mar 29 13:37:10 UTC 2023
Modified Files:
src/include/ssp: ssp.h
Log Message:
PR/57288: Mingye Wang: <ssp/ssp.h>: Use __builtin_dynamic_object_size
for LLVM > 9 and GCC > 12, introducing _SSP_FORTIFY_LEVEL == 3
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/include/ssp/ssp.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
(Contact us)
$NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2023
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.