[PATCH] [EXPERIMENTAL] autocrap autohardening

Poul-Henning Kamp phk at phk.freebsd.dk
Tue May 6 23:28:30 CEST 2014


In message <536778A5.8030707 at schokola.de>, Nils Goroll writes:

>brief summary of a #varnish-hacking discussion from my understanding (please
>correct or comment if you disagree):
>
>* we do want hardening options by default

In general Varnish is a paranoid source code, so anything the compiler
can do to help we welcome.

Obviously there are things too intrusive/pointless/useless for production,
and that's why I'm aiming for three "levels":

>  - developer

>  - production

>  - performance

The last one is intented only for people who want to shave the last
epsilon performance out of the bottom of the barrel and it should be
the same as -production, less only those compiler options proven to cause a
performance hit.

>* The patch needs to be tested against gcc and llvm/clang

Well, it needs to not make jenkins cry...

>* phk would like the compiler flag tests be implemented using the methodology
>  from Makefile.phk / config.phk in favor of wrap-compiler-for-flag-check

It's not so much a "like" as a "I don't think the autocrap* way scales"

GCC and LLVM is locked in mortal combat for being "the best" compiler
right now, and new (and useful!) -W and -f options sprout like weeds.

LLVM has sort of taken the consequences and introduced a "ignore -W and
-f options you don't know" but I don't belive GCC has done that, which
means that selecting the right CFLAGS is a rather nightmarish (and
slow!) process, unless we do something smarter.

The idea I played with in the "Makefile.phk" prototype is to run a
file through the compiler:

        #if WARNS >= 1
                "-Wall"
                "-Werror"
        #endif
        #if WARNS >= 2
                "-W"
                "-fstack-protector"
                "-Wno-format-y2k"
                "-Wstrict-prototypes"
	[...]
	#endif

And then use #ifdefs against the compilers predefines to sort
compiler/version/OS specific options out:

        #if defined(__SVR4) && defined(sun)
                "-Wspecial_option_forSolaris"
        #endif
        #if defined(LLVM) && LLVM_Version > 234345
                "-Wfind_bugs_like_heartbleed"
        #endif

and so on.

Once the file is run through "${CC} -E" you have only have to
polish off the #line and quotes, and your ${CFLAGS} is all cooked.

The big benefit is that it gives us very finegrained control and it
runs very very fast and reliably, compared to having autocrap
check for each and every option.

Also, I find it a LOT more readable.


-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.



More information about the varnish-dev mailing list