BUILD/BUG: enable -fno-strict-overflow by default

Some time ago, integer overflows detection stopped working in the timer
code on recent compliers and were addressed by commit 73bdb32 ("BUG/MAJOR:
Use -fwrapv."). By then it was thought that -fno-strict-overflow was not
needed as implied, but it resulted from a misinterpretation of the doc,
as this one is still needed to disable pointer overflow optimization that
is automatically enabled at -O2/-O3/-Os.

Unfortunately the compiler happily removes overflow checks without the
slightest warning so it's not trivial to guess the extent of this issue
without comparing the emitted asm code. By checking the emitted assembly
code with and without the option, it was found that the only affected
location was the reported one, in ssl_sock_parse_clienthello(), where
the test can never fail on any system where the highest userland pointer
is at least 64kB away from wrapping (ie all 32/64 bit OS in field), so
there it is harmless.

This patch must be backported to all maintained versions.

Special thanks to Ilya Shipitsin for reporting this issue.
This commit is contained in:
Willy Tarreau 2018-03-20 16:46:46 +01:00
parent c98aebcdb8
commit cde05c85ef
1 changed files with 1 additions and 0 deletions

View File

@ -148,6 +148,7 @@ DEBUG_CFLAGS = -g
# to be sure we get the intended behavior. # to be sure we get the intended behavior.
SPEC_CFLAGS := -fno-strict-aliasing -Wdeclaration-after-statement SPEC_CFLAGS := -fno-strict-aliasing -Wdeclaration-after-statement
SPEC_CFLAGS += $(call cc-opt,-fwrapv) SPEC_CFLAGS += $(call cc-opt,-fwrapv)
SPEC_CFLAGS += $(call cc-opt,-fno-strict-overflow)
SPEC_CFLAGS += $(call cc-nowarn,format-truncation) SPEC_CFLAGS += $(call cc-nowarn,format-truncation)
SPEC_CFLAGS += $(call cc-nowarn,address-of-packed-member) SPEC_CFLAGS += $(call cc-nowarn,address-of-packed-member)
SPEC_CFLAGS += $(call cc-nowarn,null-dereference) SPEC_CFLAGS += $(call cc-nowarn,null-dereference)