On Mon, Sep 15, 2025 at 6:04 AM Florian Weimer <f...@deneb.enyo.de> wrote:
>
> * H. J. Lu:
>
> >> Is it possible to enable stack protector for individual functions if
> >> !flag_stack_protect?
> >
> > I don't think so. We only have
> >
> > @cindex @code{no_stack_protector} function attribute
> > @item no_stack_protector
> > This attribute prevents stack protection code for the function.
> >
> > and
> >
> > @cindex @code{stack_protect} function attribute
> > @item stack_protect
> > This attribute adds stack protection code to the function if
> > flags @option{-fstack-protector}, @option{-fstack-protector-strong}
> > or @option{-fstack-protector-explicit} are set.
> >
> > If we add another attribute to enable stack protector for individual
> > functions
> > without -fstack-protector, I will try to accommodate it.
>
> This already seems to have the effect:
>
> int f (void);
>
> __attribute__ ((optimize ("stack-protector-all"))) int
> g (void)
> {
> f();
> }
>
No, it doesn't work:
[hjl@gnu-zen4-1 pr121911]$ cat bar.c
#include <stdlib.h>
#include <stddef.h>
const size_t __stack_chk_guard = 0x2d853605a4d9a09cUL;
void
__stack_chk_fail (void)
{
exit (0); /* pass */
}
__attribute__ ((noipa, optimize ("stack-protector-all")))
void
smash (char *p, int i)
{
p[i] = 42;
}
int
main (void)
{
char foo[255];
/* smash stack */
for (int i = 0; i <= 400; i++)
smash (foo, i);
return 1;
}
[hjl@gnu-zen4-1 pr121911]$ gcc -O2 -g -mstack-protector-guard=global
ssp-global-hidden-3.c
[hjl@gnu-zen4-1 pr121911]$ gdb a.out
GNU gdb (Fedora Linux) 16.3-1.fc42
Copyright (C) 2024 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from a.out...
(gdb) r
Starting program: /export/home/hjl/bugs/gcc/pr121911/a.out
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x00000000004003b2 in main () at ssp-global-hidden-3.c:37
37 }
Missing rpms, try: dnf --enablerepo='*debug*' install
glibc-debuginfo-2.41-11.0.fc42.x86_64
(gdb)
--
H.J.
