-
Bug
-
Resolution: Fixed
-
P4
-
8u201
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8228723 | openjdk8u222 | Andrew Hughes | P4 | Resolved | Fixed | master |
8199552 appears in OpenJDK 11 as:
https://hg.openjdk.java.net/jdk-updates/jdk11u/rev/8b060cdf0251
A backport for 8u was not provided to us prior to the upstream availability of 8u20{1,2}, so we did our own along the lines of the 11u version. This added -fstack-protector in the same place after -pipe for the JDK in flags.m4 and after -fcheck-new in the HotSpot repository gcc.make makefiles for Linux, BSD and Solaris.
When the 8u version did become available, it was quite different:
https://hg.openjdk.java.net//jdk8u/jdk8u/rev/2c9ec0970599
Here, the addition is restricted to x86 and it adds them to LEGACY_EXTRA_CFLAGS and LEGACY_EXTRA_CXXFLAGS rather than altering the HotSpot build itself.
For the JDK part, the change adds it to both CCXXFLAGS_JDK and CFLAGS_JDK. As the former is used by C and C++ compiles, this has the effect of adding -fstack-protector twice.
The CFLAGS_JDK addition is particularly problematic because it occurs after with_extra_cflags is appended. This means that -fstack-protector overrides user options like -fstack-protector-strong, weakening such protection.
e.g.
[7] CFLAGS := -Wall -Wno-parentheses -Wextra -Wno-unused -Wno-unused-parameter -Wformat=2 -pipe -D_GNU_SOURCE -D_REENTRANT -D_LARGEFILE64_SOURCE -fno-omit-frame-pointer -fstack-protector -D_LP64=1 -D_LITTLE_ENDIAN -DLINUX -DARCH='"amd64"' -Damd64 -DNDEBUG -DRELEASE='"1.8.0-internal"' -I/home/andrew/builder/8u-dev/jdk/include -I/home/andrew/builder/8u-dev/jdk/include/linux -I/home/andrew/projects/openjdk/upstream/jdk8u-dev/jdk/src/share/javavm/export -I/home/andrew/projects/openjdk/upstream/jdk8u-dev/jdk/src/solaris/javavm/export -I/home/andrew/projects/openjdk/upstream/jdk8u-dev/jdk/src/share/native/common -I/home/andrew/projects/openjdk/upstream/jdk8u-dev/jdk/src/solaris/native/common -O2 -pipe -march=core2 -ggdb -mno-tls-direct-seg-refs -fno-strict-aliasing -fstack-protector -fno-delete-null-pointer-checks -fno-lifetime-dse -fPIC -I/home/andrew/builder/8u-dev/jdk/gensrc_headers -I/home/andrew/projects/openjdk/upstream/jdk8u-dev/jdk/src/share/native/java/lang/fdlibm/include
In the above, the -fstack-protector after -fno-omit-frame-pointer comes from CCXXFLAGS_JDK. The one after -fno-strict-aliasing comes from CFLAGS_JDK and is after the extra CFLAGS specified by the user (-O2 -pipe -march=core2 -ggdb -mno-tls-direct-seg-refs)
I suggest we drop the CFLAGS_JDK and also apply this change across all architectures, as is done in OpenJDK 11.
https://hg.openjdk.java.net/jdk-updates/jdk11u/rev/8b060cdf0251
A backport for 8u was not provided to us prior to the upstream availability of 8u20{1,2}, so we did our own along the lines of the 11u version. This added -fstack-protector in the same place after -pipe for the JDK in flags.m4 and after -fcheck-new in the HotSpot repository gcc.make makefiles for Linux, BSD and Solaris.
When the 8u version did become available, it was quite different:
https://hg.openjdk.java.net//jdk8u/jdk8u/rev/2c9ec0970599
Here, the addition is restricted to x86 and it adds them to LEGACY_EXTRA_CFLAGS and LEGACY_EXTRA_CXXFLAGS rather than altering the HotSpot build itself.
For the JDK part, the change adds it to both CCXXFLAGS_JDK and CFLAGS_JDK. As the former is used by C and C++ compiles, this has the effect of adding -fstack-protector twice.
The CFLAGS_JDK addition is particularly problematic because it occurs after with_extra_cflags is appended. This means that -fstack-protector overrides user options like -fstack-protector-strong, weakening such protection.
e.g.
[7] CFLAGS := -Wall -Wno-parentheses -Wextra -Wno-unused -Wno-unused-parameter -Wformat=2 -pipe -D_GNU_SOURCE -D_REENTRANT -D_LARGEFILE64_SOURCE -fno-omit-frame-pointer -fstack-protector -D_LP64=1 -D_LITTLE_ENDIAN -DLINUX -DARCH='"amd64"' -Damd64 -DNDEBUG -DRELEASE='"1.8.0-internal"' -I/home/andrew/builder/8u-dev/jdk/include -I/home/andrew/builder/8u-dev/jdk/include/linux -I/home/andrew/projects/openjdk/upstream/jdk8u-dev/jdk/src/share/javavm/export -I/home/andrew/projects/openjdk/upstream/jdk8u-dev/jdk/src/solaris/javavm/export -I/home/andrew/projects/openjdk/upstream/jdk8u-dev/jdk/src/share/native/common -I/home/andrew/projects/openjdk/upstream/jdk8u-dev/jdk/src/solaris/native/common -O2 -pipe -march=core2 -ggdb -mno-tls-direct-seg-refs -fno-strict-aliasing -fstack-protector -fno-delete-null-pointer-checks -fno-lifetime-dse -fPIC -I/home/andrew/builder/8u-dev/jdk/gensrc_headers -I/home/andrew/projects/openjdk/upstream/jdk8u-dev/jdk/src/share/native/java/lang/fdlibm/include
In the above, the -fstack-protector after -fno-omit-frame-pointer comes from CCXXFLAGS_JDK. The one after -fno-strict-aliasing comes from CFLAGS_JDK and is after the extra CFLAGS specified by the user (-O2 -pipe -march=core2 -ggdb -mno-tls-direct-seg-refs)
I suggest we drop the CFLAGS_JDK and also apply this change across all architectures, as is done in OpenJDK 11.
- backported by
-
JDK-8228723 Backport of JDK-8199552 to OpenJDK 8 leads to duplicate -fstack-protector flags, overriding --with-extra-cflags
-
- Resolved
-