On Mon, Aug 17, 2020 at 03:31:26PM -0700, H. Peter Anvin wrote:
On 2020-08-17 15:02, Nick Desaulniers wrote:
LLVM implemented a recent "libcall optimization" that lowers calls to `sprintf(dest, "%s", str)` where the return value is used to `stpcpy(dest, str) - dest`. This generally avoids the machinery involved in parsing format strings. This optimization was introduced into clang-12. Because the kernel does not provide an implementation of stpcpy, we observe linkage failures for almost all targets when building with ToT clang.
The interface is unsafe as it does not perform any bounds checking. Disable this "libcall optimization" via `-fno-builtin-stpcpy`.
Unlike commit 5f074f3e192f ("lib/string.c: implement a basic bcmp") which cited failures with `-fno-builtin-*` flags being retained in LLVM LTO, that bug seems to have been fixed by https://reviews.llvm.org/D71193, so the above sha can now be reverted in favor of `-fno-builtin-bcmp`.
stpcpy() and (to a lesser degree) mempcpy() are fairly useful routines in general. Perhaps we *should* provide them?
As Nick mentioned, I really don't want to expand the already bad interfaces from libc. We have enough messes to clean up already, and I don't want to add more. The kernel already uses a subset of C, we have (several) separate non-libc memory allocators, we're using strscpy() and scnprintf() widely in favor of their buggy libc counterparts, etc. We don't need to match the libc string interfaces especially when they're arguably bug-prone foot-guns. :)