I agree. It's also inappropriate for something as low level as libgcc to have dependencies on other libraries such as libssp.
We'll propose a patch adding '-fno-stack-protector' to the gcc list and see how it goes.
-- Michael
On Thu, Sep 2, 2010 at 9:23 AM, Mark Mitchell mark@codesourcery.com wrote:
On 9/1/2010 2:10 PM, Michael Hope wrote:
3. Should libgcc be built without -fstack-protector?
To put it more strongly, I believe that libgcc should not be built with -fstack-protector.
I don't think there's any reason to expect that all code in libgcc would continue to work with stack-protection checks inserted (e.g., low-level primitives for thread safety or exception-handling, where chaos may ensue if a fault occurs in the midst of the stack-protection code). Furthermore, those checks will increase overhead for all users of the library. And, if libgcc has dependencies on other shared libraries, that could potentially break binary compatibility across Linux distributions.
If someone wants to build libgcc with -fstack-protector, that would require an assessment of all code in libgcc to make sure that is safe. libgcc is emphatically not "application" code.
-- Mark Mitchell CodeSourcery mark@codesourcery.com (650) 331-3385 x713
linaro-toolchain mailing list linaro-toolchain@lists.linaro.org http://lists.linaro.org/mailman/listinfo/linaro-toolchain