From perlbug@plan9.de

Created by perlbug@plan9.de

beginning with 5.10.something, perl enforces the use of -fstack-protector,
even when Configure was explicitly told the compiler flags, and there is
no way to switch it off.

unfortunately, gcc supports this flag on most platforms, even if the
underlying support is missing. simple test programs (sucha s the one
used by Configure) might pass, but the generated programs might segfault
or worse (for exmaple, on uclibc systems, all the cast to float tests
segfault).

besides, it would be nice not to enforce the use of certain compiler
flags that are absoltuely unnecessary (perl works fine without
-fstack-protector).

so... please please please make -fstack-protector configurable somehow,
better yet, don't override user-specified flags and/or improve the tets
for platform support.

thanks :)

Flags:
    category=core
    severity=wishlist

Site configuration information for perl 5.12.2:

Configured by Marc Lehmann at Mon Nov 22 07:24:35 CET 2010.

Summary of my perl5 (revision 5 version 12 subversion 2) configuration:
   
  Platform:
    osname=linux, osvers=2.6.32-5-amd64, archname=x86_64-linux
    uname='linux cerebro 2.6.32-5-amd64 #1 smp fri sep 17 21:50:19 utc 2010 x86_64 gnulinux '
    config_args='-Duselargefiles -Duse64bitint -Dusemymalloc=n -Dstatic_ext=Fcntl -Dcc=gcc -Dccflags=-ggdb -gdwarf-2 -g3 -Dcppflags=-DPERL_DISABLE_PMC -DPERL_ARENA_SIZE=1048576 -D_GNU_SOURCE  -I/opt/include -Doptimize=-DPERL_DISABLE_PMC -DPERL_ARENA_SIZE=1048576 -D_GNU_SOURCE  -I/opt/include -O6 -fno-strict-aliasing -Dcccdlflags=-fPIC -Dldflags=-L/opt/perl/lib -L/opt/lib -Dlibs=-ldl -lm -lcrypt -Dprefix=/opt/perl -Dprivlib=/opt/perl/lib/perl5 -Darchlib=/opt/perl/lib/perl5 -Dvendorprefix=/opt/perl -Dvendorlib=/opt/perl/lib/perl5 -Dvendorarch=/opt/perl/lib/perl5 -Dsiteprefix=/opt/perl -Dsitelib=/opt/perl/lib/perl5 -Dsitearch=/opt/perl/lib/perl5 -Dsitebin=/opt/perl/bin -Dman1dir=/opt/perl/man/man1 -Dman3dir=/opt/perl/man/man3 -Dsiteman1dir=/opt/perl/man/man1 -Dsiteman3dir=/opt/perl/man/man3 -Dman1ext=1 -Dman3ext=3 -Dpager=/usr/bin/less -Uafs -Uusesfio -Uusenm -Uuseshrplib -Ud_dosuid -Dusethreads=undef -Duse5005threads=undef -Duseithreads=undef -Dusemultiplicity=undef -Demail=perl-binary@plan9.de -Dcf_email=perl-binary@plan9.de -Dcf_by=Marc Lehmann -Dlocincpth=/opt/perl/include /opt/include -Dmyhostname=localhost -Dmultiarch=undef -Dbin=/opt/perl/bin -Dxxxusedevel -DxxxDEBUGGING -Dxxxuse_debugging_perl -Dxxxuse_debugmalloc -dEs'
    hint=recommended, useposix=true, d_sigaction=define
    useithreads=undef, usemultiplicity=undef
    useperlio=define, d_sfio=undef, uselargefiles=define, usesocks=undef
    use64bitint=define, use64bitall=define, uselongdouble=undef
    usemymalloc=n, bincompat5005=undef
  Compiler:
    cc='gcc', ccflags ='-ggdb -gdwarf-2 -g3 -fno-strict-aliasing -pipe -I/opt/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64',
    optimize='-DPERL_DISABLE_PMC -DPERL_ARENA_SIZE=1048576 -D_GNU_SOURCE -I/opt/include -O6 -fno-strict-aliasing',
    cppflags='-DPERL_DISABLE_PMC -DPERL_ARENA_SIZE=1048576 -D_GNU_SOURCE -I/opt/include -ggdb -gdwarf-2 -g3 -fno-strict-aliasing -pipe -I/opt/include'
    ccversion='', gccversion='4.4.5 20100728 (prerelease)', gccosandvers=''
    intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
    d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
    ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8
    alignbytes=8, prototype=define
  Linker and Libraries:
    ld='gcc', ldflags ='-L/opt/perl/lib -L/opt/lib -L/usr/local/lib'
    libpth=/usr/local/lib /lib /usr/lib /lib64 /usr/lib64
    libs=-ldl -lm -lcrypt
    perllibs=-ldl -lm -lcrypt
    libc=/lib/libc-2.11.2.so, so=so, useshrplib=false, libperl=libperl.a
    gnulibc_version='2.11.2'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E'
    cccdlflags='-fPIC', lddlflags='-shared -DPERL_DISABLE_PMC -DPERL_ARENA_SIZE=1048576 -D_GNU_SOURCE -I/opt/include -O6 -fno-strict-aliasing -L/opt/perl/lib -L/opt/lib -L/usr/local/lib'

Locally applied patches:
    


@INC for perl 5.12.2:
    /root/src/sex
    /opt/perl/lib/perl5
    /opt/perl/lib/perl5
    /opt/perl/lib/perl5
    .


Environment for perl 5.12.2:
    HOME=/root
    LANG (unset)
    LANGUAGE (unset)
    LC_CTYPE=en_US.UTF-8
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/root/s2:/root/s:/opt/bin:/opt/sbin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11/bin:/usr/games:/usr/local/bin:/usr/local/sbin:/root/pserv:.
    PERL5LIB=/root/src/sex
    PERL5_CPANPLUS_CONFIG=/root/.cpanplus/config
    PERLDB_OPTS=ornaments=0
    PERL_ANYEVENT_DBI_TESTS=1
    PERL_ANYEVENT_EDNS0=1
    PERL_ANYEVENT_NET_TESTS=1
    PERL_ANYEVENT_PROTOCOLS=ipv4,ipv6
    PERL_ANYEVENT_STRICT=1
    PERL_BADLANG (unset)
    PERL_UNICODE=E
    SHELL=/bin/bash

From @doughera88

On Fri, 26 Nov 2010, perlbug @​ plan9 . de wrote​:

# New Ticket Created by perlbug@​plan9.de
# Please include the string​: [perl #79838]
# in the subject line of all future correspondence about this issue.
# <URL​: http​://rt.perl.org/rt3/Ticket/Display.html?id=79838 >

beginning with 5.10.something, perl enforces the use of -fstack-protector,
even when Configure was explicitly told the compiler flags, and there is
no way to switch it off.

I agree with your general premise that it should be possible to get
Configure to do what you need it to do in order to build perl the way you
want to build it.

I should point out, however, that while it isn't easy, it is possible to
turn it off by running Configure interactively and removing it when
prompted.

unfortunately, gcc supports this flag on most platforms, even if the
underlying support is missing. simple test programs (sucha s the one
used by Configure) might pass, but the generated programs might segfault
or worse (for exmaple, on uclibc systems, all the cast to float tests
segfault).

I wasn't aware that gcc might be misleading us this way. If you could
supply us with a better test program, that would be very helpful.

besides, it would be nice not to enforce the use of certain compiler
flags that are absoltuely unnecessary (perl works fine without
-fstack-protector).

so... please please please make -fstack-protector configurable somehow,
better yet, don't override user-specified flags and/or improve the tets
for platform support.

Unfortunately, other users do rely on us supplementing the user-specified
C flags, so I don't think we can win there no matter what we do. There
might be some clever approach, but it's not occurring to me at the moment.

Meanwhile, yes, an improved test program would likely be a very good idea.

--
  Andy Dougherty doughera@​lafayette.edu

The RT System itself - Status changed from 'new' to 'open'

From @Tux

On Sun, 28 Nov 2010 14​:27​:51 -0500 (EST), Andy Dougherty
<doughera@​lafayette.edu> wrote​:

so... please please please make -fstack-protector configurable somehow,
better yet, don't override user-specified flags and/or improve the tets
for platform support.

Unfortunately, other users do rely on us supplementing the user-specified
C flags, so I don't think we can win there no matter what we do. There
might be some clever approach, but it's not occurring to me at the moment.

-Ucflags/-ffnork,-DFROUBLE

/could/ be a way to go specify what CFLAGS/LDFLAGS/... should be
filtered out before the final decision. Just a brainstorm idea

Meanwhile, yes, an improved test program would likely be a very good idea.

Absolutely

--
H.Merijn Brand http​://tux.nl Perl Monger http​://amsterdam.pm.org/
using 5.00307 through 5.12 and porting perl5.13.x on HP-UX 10.20, 11.00,
11.11, 11.23 and 11.31, OpenSuSE 10.1, 11.0 .. 11.3 and AIX 5.2 and 5.3.
http​://mirrors.develooper.com/hpux/ http​://www.test-smoke.org/
http​://qa.perl.org http​://www.goldmark.org/jeff/stupid-disclaimers/

From @ikegami

On Sun, Nov 28, 2010 at 2​:27 PM, Andy Dougherty <doughera@​lafayette.edu>wrote​:

On Fri, 26 Nov 2010, perlbug @​ plan9 . de wrote​:> so... please please
please make -fstack-protector configurable somehow,

better yet, don't override user-specified flags and/or improve the tets
for platform support.

Unfortunately, other users do rely on us supplementing the user-specified
C flags, so I don't think we can win there no matter what we do. There
might be some clever approach, but it's not occurring to me at the moment.

If Perl only supplements, then -fno-stack-protector should work, right? Does
it?

From @doughera88

On Mon, 29 Nov 2010, Eric Brine wrote​:

  On Fri\, 26 Nov 2010\, perlbug @​ plan9 \. de wrote​:> so\.\.\. please
  please please make \-fstack\-protector configurable somehow\,
  > better yet\, don't override user\-specified flags and/or improve
  the tets
  > for platform support\.

If Perl only supplements, then -fno-stack-protector should work, right? Does
it?

Yes, good call. Configure even actually already contains code to
explicitly deal with this situation. (Thanks, Nicholas!) Explicitly
adding -fno-stack-protector to ccflags will cause Configure to not add
-fstack-protector. This will fix the immediate problem.

Still, I agree that a test file that made this happen automatically would
be even better. I just don't know what such a test might look like.

--
  Andy Dougherty doughera@​lafayette.edu

From @rurban

Andy Dougherty schrieb​:

On Mon, 29 Nov 2010, Eric Brine wrote​:

   On Fri\, 26 Nov 2010\, perlbug @​ plan9 \. de wrote​:>  so\.\.\. please
   please please make \-fstack\-protector configurable somehow\,
   >  better yet\, don't override user\-specified flags and/or improve
   the tets
   >  for platform support\.

If Perl only supplements, then -fno-stack-protector should work, right? Does
it?

Yes, good call. Configure even actually already contains code to
explicitly deal with this situation. (Thanks, Nicholas!) Explicitly
adding -fno-stack-protector to ccflags will cause Configure to not add
-fstack-protector. This will fix the immediate problem.

Still, I agree that a test file that made this happen automatically would
be even better. I just don't know what such a test might look like.

And just to add to the mix​:
Using -fstack-protector twice, because it's in CCFLAGS and LDFLAGS,
because we call the compiler and linker seperately sometimes
(GNUMakefile vs. ExtUtils​::Embed), will cause a gcc crash.

So if I fold the compiler and linker flags together with the typical
compile+link command, I explicitly have to remove -fstack-protector from
LDFLAGS; in B​::C cc_harness.

$ perl -V​:ccflags -V​:ldflags
ccflags='-DPERL_USE_SAFE_PUTENV -U__STRICT_ANSI__ -g3
-fno-strict-aliasing -pipe -fstack-protector -I/usr/local/include';
ldflags=' -Wl,--enable-auto-import -Wl,--export-all-symbols
-Wl,--enable-auto-image-base -fstack-protector -L/usr/local/lib';

--
Reini Urban
http​://phpwiki.org/ http​://murbreak.at/

From schmorp@schmorp.de

On Sun, Nov 28, 2010 at 02​:27​:51PM -0500, Andy Dougherty <doughera@​lafayette.edu> wrote​:

beginning with 5.10.something, perl enforces the use of -fstack-protector,
even when Configure was explicitly told the compiler flags, and there is
no way to switch it off.

I agree with your general premise that it should be possible to get
Configure to do what you need it to do in order to build perl the way you
want to build it.

just saw your reply by accident (I wasn't included in your reply's
address).

I should point out, however, that while it isn't easy, it is possible to
turn it off by running Configure interactively and removing it when
prompted.

Yeah, or by perl -pi -e 's/...' Configure, which is wat I am doing now.

I wasn't aware that gcc might be misleading us this way. If you could
supply us with a better test program, that would be very helpful.

Presumably, you would just need to run the program and if it crashes,
assume -fstack-protector doesn't quite work.

so... please please please make -fstack-protector configurable somehow,
better yet, don't override user-specified flags and/or improve the tets
for platform support.

Unfortunately, other users do rely on us supplementing the user-specified
C flags,

I primarily asked for a way to disable -fstack-protector. Somehow.

So, which other users rely on your enforcing -fstack-protector? Is there
really any platform that needs that flag? I doubt that, so that argument
simply doesn't apply.

--
  The choice of a Deliantra, the free code+content MORPG
  -----==- _GNU_ http​://www.deliantra.net
  ----==-- _ generation
  ---==---(_)__ __ ____ __ Marc Lehmann
  --==---/ / _ \/ // /\ \/ / schmorp@​schmorp.de
  -=====/_/_//_/\_,_/ /_/\_\

From @tonycoz

Sorry for the long delayed response.

On Fri Dec 10 19​:07​:02 2010, schmorp@​schmorp.de wrote​:

On Sun, Nov 28, 2010 at 02​:27​:51PM -0500, Andy Dougherty
<doughera@​lafayette.edu> wrote​:

beginning with 5.10.something, perl enforces the use of
-fstack-protector,
even when Configure was explicitly told the compiler flags, and
there is
no way to switch it off.

I agree with your general premise that it should be possible to get
Configure to do what you need it to do in order to build perl the
way you
want to build it.

just saw your reply by accident (I wasn't included in your reply's
address).

I should point out, however, that while it isn't easy, it is
possible to
turn it off by running Configure interactively and removing it when
prompted.

Yeah, or by perl -pi -e 's/...' Configure, which is wat I am doing
now.

I wasn't aware that gcc might be misleading us this way. If you
could
supply us with a better test program, that would be very helpful.

Presumably, you would just need to run the program and if it crashes,
assume -fstack-protector doesn't quite work.

The test does run the compiled program, the check uses the checkccflag
definition, which does​:

echo "int main(void) { return 0; }" > gcctest.c;
if $cc -O2 $flag -o gcctest gcctest.c 2>gcctest.out && ./gcctest; then

So the only solution is a better test program, which you'll need to
supply since you're the one who sees the problem.

so... please please please make -fstack-protector configurable
somehow,
better yet, don't override user-specified flags and/or improve the
tets
for platform support.

Unfortunately, other users do rely on us supplementing the user-
specified
C flags,

I primarily asked for a way to disable -fstack-protector. Somehow.

As mentioned by Eric and confirmed by Andy, adding -fno-stack-protector
will disable -fstack-protector, for example I did​:

  ./Configure -des -Dusedevel -Accflags=-fno-stack-protector

and no -fstack-protector flag was added by Configure.

So, which other users rely on your enforcing -fstack-protector? Is
there
really any platform that needs that flag? I doubt that, so that
argument
simply doesn't apply.

-fstack-protector is a security hardening tool.

Is it necessary? It probably depends on how you're using perl.

Are you able to provide a test program for Configure that can be used to
test for -fstack-protector?

Tony

From schmorp@schmorp.de

On Tue, Sep 03, 2013 at 09​:34​:20PM -0700, Tony Cook via RT <perlbug-followup@​perl.org> wrote​:

Presumably, you would just need to run the program and if it crashes,
assume -fstack-protector doesn't quite work.

The test does run the compiled program, the check uses the checkccflag
definition, which does​:

Since the compiled tets program did crash, I presume it's new that the tets
program is atcually being executed, which should fix it.

As mentioned by Eric and confirmed by Andy, adding -fno-stack-protector
will disable -fstack-protector, for example I did​:

That also didn't work (configure always added -fstack-protector after it),
so if that is fixed, that's all I need.

Is it necessary? It probably depends on how you're using perl.

Indeed, which is why Configfure shouldn't force it's use it. If it no
longer does, that's fine. I don't think Configure needs to perfectly
support any exotic platform.

Are you able to provide a test program for Configure that can be used to
test for -fstack-protector?

The test program did crash when I ran it manually, so that wasn't the
problem. Either it wasn't run back then, or it was run differently, or the
fact that it crashed didn't register enough.

--
  The choice of a Deliantra, the free code+content MORPG
  -----==- _GNU_ http​://www.deliantra.net
  ----==-- _ generation
  ---==---(_)__ __ ____ __ Marc Lehmann
  --==---/ / _ \/ // /\ \/ / schmorp@​schmorp.de
  -=====/_/_//_/\_,_/ /_/\_\

From @tonycoz

On Tue Sep 03 23​:12​:12 2013, schmorp@​schmorp.de wrote​:

On Tue, Sep 03, 2013 at 09​:34​:20PM -0700, Tony Cook via RT <perlbug-
followup@​perl.org> wrote​:

Presumably, you would just need to run the program and if it
crashes,
assume -fstack-protector doesn't quite work.

The test does run the compiled program, the check uses the
checkccflag
definition, which does​:

Since the compiled tets program did crash, I presume it's new that the
tets
program is atcually being executed, which should fix it.

Configure has been executing the test program it created since before
5.12 (which you reported this ticket against.)

But if you're happy with the current behaviour, I'm happy to close the
ticket.

Tony

From @tonycoz

On Wed Sep 04 22​:31​:24 2013, tonyc wrote​:

Configure has been executing the test program it created since before
5.12 (which you reported this ticket against.)

But if you're happy with the current behaviour, I'm happy to close the
ticket.

And so closing it.

Tony

@tonycoz - Status changed from 'open' to 'resolved'