On 09/07/2015 09:59 PM, Jonathan Wakely wrote: > On 07/09/15 21:31 +0200, Florian Weimer wrote: >> * Jonathan Wakely: >> >>> This patch adds the "debug mode lite" we've been talking about, by >>> changing __glibcxx_assert to be activated by _GLIBCXX_ASSERTIONS >>> instead of _GLIBCXX_DEBUG (and making the latter imply the former). >> >> Interesting. Is this mode ABI-compatible with the default mode? > > Yes, that's the main reason I want to make this change.
Good. Past discussions of similar proposals indicated that these #ifdefs are still ODR violations. >> Should _FORTIFY_SOURCE imply _GLIBCXX_ASSERTIONS? > > Yes, I think it should. > > You can read my notes on these "debug mode lite" checks at > https://gcc.gnu.org/wiki/LibstdcxxDebugMode (including "This should be > discussed with Glibc and security teams" and I specifically had you in > mind when I wrote that :-) I doubt we can achieve the complexity goals in all cases. I expect that for (int i = 0; i < 10000; ++i) { vector[i]; } is optimized away in default mode, but with _GLIBCXX_ASSERTIONS, it is not. The last time I looked at this, GCC was unable to move bounds checks out of loops. -- Florian Weimer / Red Hat Product Security
