-
Notifications
You must be signed in to change notification settings - Fork 35.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build: Disable _FORTIFY_SOURCE
if using MSan
#30140
Conversation
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. |
Concept NACK. If anything should be changed, it would be the implementation of applying the hardening flags in the CMake branch, so it's possible to override them using standard CMake variables. Not push more complexity into the build system, and hardcode specific things. Removing APPEND_*FLAGS shouldn't be a goal, as it needs to exist, to do what it exists for (actually give a mechanism for always overriding a flag, regardless of what CMake try's to do). Otherwise in future, if we (or any other user) needs to do something, there may not be a (easy, working) way to do so, depending on the implementation details of the CMake build system. |
I disagree. The current implementation is undocumented and error-prone on the user side.
This statement seems quite arbitrary. Considering that the build system is full of "hardcode specific things" that "push more complexity into", what are explicit criteria for such a reasoning?
It is not a goal of this PR. Rather removing the need to use them when building with MSan. |
In the CMake branch? If this is the case, then it needs to be reworked anyway...? Another reason undefining a flag like this needs to be easily possible, is if you want to set the fortify level to anything other than what we pick, it needs to be undefined first. So this all needs to be possible outside of MSAN. Given that, we should also use the same mechanisms, rather than hardcoding things here. |
In the master branch.
|
Your PR here doesn't change that. Anyone wanting to use MSAN needs to do extensive setup, and build a fully instrumented toolchain. It can't be expected to work out of the box. |
Right. I didn't mean the latter. Just quoted the main system configuration stage for brevity.
It does. The second commit proves it, doesn't it? |
No. I don't see how that commit sets up a fully instrumented MSAN toolchain. |
Sure. It "shifts responsibility to disable |
Setting a single preprocessor flag isn't instrumenting a toolchain? I still haven't seen a good reason to not use the mechanisms that exist to set flags, given those mechanisms need to exist (i.e undefining and redefining fortify source), and should be tested so they are known to be working. |
This PR shifts responsibility to disable
_FORTIFY_SOURCE
from the user to the build system, which:APPEND_CPPFLAGS
in such a corner case