Age | Commit message (Collapse) | Author |
|
libsupc++. Passes the (limited) tests in the gcc 4.2.1 testsuite.
ok patrick@, tom@
|
|
break which cannot be easily crossed.
ok kettenis@ jsg@
|
|
Adapted from a change to mainline gcc while it was still GPLv2.
Original diff found by stefan@
Adaptation by me
ICE caught by ml(at)extensibl(dot)com while he was porting MLton
to OpenBSD.
Ok stefan@
"Go for it" deraadt@
|
|
C11 feature that is starting to get used in places such as Mesa.
This implementation takes a different approach to upstream and is therefore
not covered by GPLv3.
ok stefan@, jsg@
|
|
From Miod Vallat
I trust miod deraadt@
|
|
arm9e (armv5te w/o xscale extensions). We no longer support anything
less than armv5te and this allows some additional instructions.
-mthumb-interwork remains off by default.
ok patrick@
|
|
into a register. Fixes an ICE when building Mesa with __sync builtins.
From Roger Sayle in gcc svn rev 121779 in Feb 2007 before the license
change.
Tested by miod and matthieu.
|
|
this can happen due to the frame layout change introduced in order to
support the stack protector. Fix from miod.
Bug originally observed by jca and condensed to a 3-liner by myself,
basically local [] arrays being initialized with shorter strings.
|
|
from Jan Schreiber, ok deraadt@
|
|
|
|
Help with testing and ok kettenis@
|
|
emit a "sync" instruction.
ok visa@
|
|
In some cases GCC would generate a cmpxchg8b instruction with a memory
reference that used %ebx. This is wrong (and will almost certainly result
in SIGSEGV). This fix uses a new memory constraint "W" to prevent the use
of %ebx in this case. This differs from the approach taken by upstream so
there are no GPLv3 issues here.
Fixes the Mesa i965 dri module on i386.
ok jsg@
|
|
NOTE: cc1 uses brk/sbrk, which was only enabled in pledge a few hours
ago. So this requires a fairly new kernel if compiling monster c++
programs..
|
|
(cc1 "toplev.c" uses brk/sbrk, so it is on hold to figure out the right
direction...)
ok semarie pascal
|
|
kettenis ok'd me poking around in here; ingo ok'd the diff
|
|
gcc and g++ can currently have different ideas on the size of a
packed enum type:
enum __attribute__((packed)) foo { a = 0, b};
gcc: 1
g++: 4
enum foo { a = 0, b} __attribute__((packed));
gcc: 1
g++: 1
The first format is actually the preferred one according to the
documentation.
https://gcc.gnu.org/onlinedocs/gcc-4.2.1/gcc/Type-Attributes.html
g++ will accept the first format and silently not actually choose a
smaller size.
This was responsible for memory corruption with recent versions
of Mesa where c and c++ code share a header with a packed enum type.
The problem was reported in
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=39219
and fixed in gcc >= 4.3.6 in rev 144284.
This was after the switch from gplv2 but it's a trivial one line change.
ok guenther@ deraadt@ kettenis@
|
|
This symbol isn't used anywhere outside libstdc++, thus no bump.
Upstream initially went the samy way, but then implemented a different fix,
which don't work for us. Eventually we should move to whitelisting the list
of symbols exported anyway.
okay miod@, no objections from sthen@; also supported by a few a while ago
|
|
creating calls: cache the RTL, let a declaration alter the asm spec, and
set the same RTL attributes. For all three, let a declaration set the ELF
visibility.
ok miod@
|
|
required by the upcoming libm work.
OK miod@.
|
|
to the gcc info documentation as well.
|
|
|
|
gets a chance to be reordered.
|
|
this is allowed in C11 and 3rd-party software is relying upon this to be
accepted by the compiler.
Nevertheless warn about this if -pedantic.
ok ajacoutot@ deraadt@ millert@
|
|
for (undefined) references with non-default visibility on mips64.
|
|
non-default visibility.
See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=20218 for details.
This version comes from FreeBSD and has been made available under the GPLv2
license. It has some additional bits thrown in from me to make it work in
mips64 too, and another bit to stop the C++ compiler to randomly emit
visibility information for C++ symbols that in the end aren't referenced.
ok guenther@
|
|
'cc -static'. To explicitly request the legacy behaviour, use -nopie.
For the few port affected by this, bumps will follow shortly.
looks good to kettenis@, ok kurt@
|
|
archdep.h help from kettenis@
|
|
self-relocate.
|
|
self-relocate.
ok kurt@
|
|
such that they self-relocate. okay kettenis@
|
|
self-relocate.
|
|
self-relocate.
Based on a diff from kurt@
ok deraadt@
|
|
self-relocate.
Based on a diff for amd64 from kurt@
|
|
self-relocate.
Based on a diff for amd64 from kurt@
|
|
and defines for compatibility with the equivalent gcc header.
cpuid.h was introduced in gcc 4.3 and a compatible header has
been included with recent versions of clang.
Earlier version ok miod@. Tested in a ports bulk build by landry@.
|
|
kill large portions of the ports tree. Most notably, it broke devel/gperf at
runtime.
ok martynas@, "make a decision" deraadt@
|
|
kprintf attribute shouldn't accept them.
ok martynas@
|
|
From dt71 at gmx.com via FreeBSD
Required to build with recent versions of clang.
|
|
This is the flag name that modern GCC and Clang have de facto
standardized on for the functionality that we locally named
-Wstack-larger-than-N.
ok brad, miod
|
|
Currently, GCC 4.2 silently ignores the "aligned" attribute for
objects allocated on the stack if the specified minimum alignment
exceeds the platform's natural stack alignment. This has bitten us in
the past, so we shouldn't allow this to continue.
Fixing the "ignores" problem seems hard, so this commit settles for
tackling the "silently" problem instead.
ok miod, and possibly guenther and deraadt
|
|
a little pointer-sized gap before the return value. This protects
from common off-by-one type of bugs and costs nothing: the attacker
won't be able to overwrite return pointer. Developed at m2k14,
thanks for the hackathon!
|
|
This will make the environment more hostile and help detect bugs
that depend on overrunning one variable into another, with almost
no performance cost.
Discussed with Theo at m2k14 hackathon. "oh god yes" tedu@, "oh nice" djm@
|
|
16byte boundary. However, GCC 16-byte aligns arrays of >=16 BITS,
not BYTES.
This diff improves bug detectability for code which has local arrays
of [16 .. 127] bits: in those cases SSP will now detect even 1-byte
overflows.
OK kettenis@. Tested in snaps for a week.
|
|
additional functions --- those that have local array definitions,
or have references to local frame addresses.
Note that upstream uses -fstack-protector-strong and misleads people:
-fstack-protector, -fstack-protector-all, -fstack-protector-strong
can you tell which one is safe?
Luckily, OpenBSD has its own compiler and is able to do the right
thing for security: this is enabled by default, and called
-fstack-protector.
OK deraadt@, miod@. Tested for 3 months.
|
|
|
|
ok deraadt@
|
|
which operates on element counts rather than buffer sizes. I'll start
annotating headers in a few weeks, after the hackathon. OK millert@.
|
|
additional functions to be protected --- those that have local array
definitions, or have references to local frame addresses.
Note 1: Han explicitly licensed this under GPLv2 for us.
Note 2: Do *not* use this anywhere in "src" Makefiles, as the other
GCC doesn't have this option yet (but I'm working on it).
|
|
size almost always has security implications. I think this quote
from Theo summarizes the situation best:
Which is why it is important to have at least one unforgiving
platform in the ecosystem which properly labels shit shit.
That's OpenBSD. If anyone can't handle that, they can go to platforms
which hide the reality.
|