From: Willy Tarreau Date: Tue, 20 Mar 2018 15:46:46 +0000 (+0100) Subject: BUILD/BUG: enable -fno-strict-overflow by default X-Git-Tag: v1.9-dev1~359 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cde05c85ef3da3c54b79d7ad3570d0e13ebd620c;p=thirdparty%2Fhaproxy.git BUILD/BUG: enable -fno-strict-overflow by default Some time ago, integer overflows detection stopped working in the timer code on recent compliers and were addressed by commit 73bdb32 ("BUG/MAJOR: Use -fwrapv."). By then it was thought that -fno-strict-overflow was not needed as implied, but it resulted from a misinterpretation of the doc, as this one is still needed to disable pointer overflow optimization that is automatically enabled at -O2/-O3/-Os. Unfortunately the compiler happily removes overflow checks without the slightest warning so it's not trivial to guess the extent of this issue without comparing the emitted asm code. By checking the emitted assembly code with and without the option, it was found that the only affected location was the reported one, in ssl_sock_parse_clienthello(), where the test can never fail on any system where the highest userland pointer is at least 64kB away from wrapping (ie all 32/64 bit OS in field), so there it is harmless. This patch must be backported to all maintained versions. Special thanks to Ilya Shipitsin for reporting this issue. --- diff --git a/Makefile b/Makefile index 217dcd360b..5d17004100 100644 --- a/Makefile +++ b/Makefile @@ -148,6 +148,7 @@ DEBUG_CFLAGS = -g # to be sure we get the intended behavior. SPEC_CFLAGS := -fno-strict-aliasing -Wdeclaration-after-statement SPEC_CFLAGS += $(call cc-opt,-fwrapv) +SPEC_CFLAGS += $(call cc-opt,-fno-strict-overflow) SPEC_CFLAGS += $(call cc-nowarn,format-truncation) SPEC_CFLAGS += $(call cc-nowarn,address-of-packed-member) SPEC_CFLAGS += $(call cc-nowarn,null-dereference)