This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH BZ#20422] Do not allow asan/msan/tsan and fortify at the same time.
- From: Florian Weimer <fw at deneb dot enyo dot de>
- To: Kostya Serebryany <kcc at google dot com>
- Cc: Andrew Pinski <pinskia at gmail dot com>, Jakub Jelinek <jakub at redhat dot com>, Yuri Gribov <tetra2005 at gmail dot com>, Maxim Ostapenko <m dot ostapenko at samsung dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Sun, 02 Oct 2016 09:51:17 +0200
- Subject: Re: [PATCH BZ#20422] Do not allow asan/msan/tsan and fortify at the same time.
- Authentication-results: sourceware.org; auth=none
- References: <57CDAB08.8060601@samsung.com> <8d2403c8-466d-8f1a-e563-8b729deef9ce@redhat.com> <CAJOtW+5r0NQOHh1MKGSoCVyDto7LtJE7d3-oqJy-Yei6AECb8g@mail.gmail.com> <87lgyb9lhf.fsf@mid.deneb.enyo.de> <CAJOtW+7xjtx=DxEOSnaPfpU708RdUJYLRX8prv0bFW=x47+tmA@mail.gmail.com> <20160929100429.GQ7282@tucnak.redhat.com> <CAJOtW+5gnekVLcnUCrHWjYL1agspyZ-v_kOgEp8kyCrviGADJw@mail.gmail.com> <20160929104408.GR7282@tucnak.redhat.com> <CA+=Sn1mj83AL=XKinTbJDwOEEVReVFWTsbprKuVVMbsu=OdA7w@mail.gmail.com> <CAN=P9pjzpygMJKjUDtkKxRn4+4BDG_wJ3qbQhehSJa5UenV6gA@mail.gmail.com>
* Kostya Serebryany:
> 80 interceptors to support *san and fortification is 80 too many, IMHO.
> The fact that other pre-compiled libraries use fortify by default is very sad.
> I think this is a clear case of misuse of fortify because now users of
> the library can't opt out.
If we had some libc-unfortify.so DSO, you *could* opt out.
> If someone is willing to provide a patch to sanitizers that is
> * in sanitizer_common,
> * uses a separate file for all of these 80 functions,
> * does not touch any other file (in a significant way, at least)
> * has tests
> I'll most likely accept it.
Why do you want to put this into sanitizer_common?
It would make more sense to maintain this inside glibc, so that it can
be updated in sync with fortification development. We can keep an eye
on the ability to build the sources separately from glibc, to bridge
the time until this DSO is routinely shipped as part of glibc.