This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH BZ#20422] Do not allow asan/msan/tsan and fortify at the same time.
- From: Yuri Gribov <tetra2005 at gmail dot com>
- To: Florian Weimer <fw at deneb dot enyo dot de>
- Cc: Jakub Jelinek <jakub at redhat dot com>, Kostya Serebryany <kcc at google dot com>, Andrew Pinski <pinskia at gmail dot com>, Maxim Ostapenko <m dot ostapenko at samsung dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Sun, 2 Oct 2016 15:02:11 +0100
- Subject: Re: [PATCH BZ#20422] Do not allow asan/msan/tsan and fortify at the same time.
- Authentication-results: sourceware.org; auth=none
- References: <8d2403c8-466d-8f1a-e563-8b729deef9ce@redhat.com> <CAJOtW+5r0NQOHh1MKGSoCVyDto7LtJE7d3-oqJy-Yei6AECb8g@mail.gmail.com> <87lgyb9lhf.fsf@mid.deneb.enyo.de> <CAJOtW+7xjtx=DxEOSnaPfpU708RdUJYLRX8prv0bFW=x47+tmA@mail.gmail.com> <20160929100429.GQ7282@tucnak.redhat.com> <CAJOtW+5gnekVLcnUCrHWjYL1agspyZ-v_kOgEp8kyCrviGADJw@mail.gmail.com> <20160929104408.GR7282@tucnak.redhat.com> <CA+=Sn1mj83AL=XKinTbJDwOEEVReVFWTsbprKuVVMbsu=OdA7w@mail.gmail.com> <CAN=P9pjzpygMJKjUDtkKxRn4+4BDG_wJ3qbQhehSJa5UenV6gA@mail.gmail.com> <87fuofp4sq.fsf@mid.deneb.enyo.de> <20161002093953.GS7282@tucnak.redhat.com> <8760pbnl1m.fsf@mid.deneb.enyo.de>
On Sun, Oct 2, 2016 at 10:43 AM, Florian Weimer <fw@deneb.enyo.de> wrote:
> * Jakub Jelinek:
>
>> Because you really don't know what kind of information will each tool want
>> to know, and that can significantly differ between valgrind, [amt]san etc.
Frankly I'm not sure why an arbitrary dynamic tool would want to
handle fortified APIs differently from to their unfortified
counterparts. It's certainly not the case for sanitizers.
>> In sanitizer_common, you can come up with some macros that will serve the
>> needs of all the tools, and have each tool use those macros, other than
>> that, it is a trivial 3 liner wrapper for each fortification function.
>
> Uh-oh, would you subject matter experts please come up with a
> consistent opinion what is *actually* needed?
>
> Further up thread, in
> <CAJOtW+7xjtx=DxEOSnaPfpU708RdUJYLRX8prv0bFW=x47+tmA@mail.gmail.com>,
> Yuri Gribov said that the sanitizers will work fine despite the
> additional indirection.
>
> If this is not actually true, then of course it does not make sense to
> maintain the unfortify bits in glibc.
Well, simple dynamic redirection of fortified APIs would be enough for
all sanitizer tools (ASan, MSan, TSan) and probably also Valgrind. I
suggested that it's common across majority of dynamic tools (which
would justify it's centralized implementation, be it in Glibc itself
or outside) but this has been debated by Jakub above.
-Y