[llvm-dev] CFI, Safe-Stack, and -fno-sanitize-trap
175 views
Skip to first unread message
Artem Dinaburg via llvm-dev
Jan 31, 2017, 2:34:59 PM1/31/17
to llvm...@lists.llvm.org
Hi,
I am using clang++3.9 to build a simple program with both CFI and safe-stack. I am getting linker errors when combining -fsanitize=safe-stack, -fsanitize=cfi, and -fno-sanitize-trap=all. Combining safe-stack and CFI without -fno-sanitize-trap=all works as expected.
It looks like clang is attempting to link in two compiler-rt libraries, one for ubsan and one for safestack, and this causes multiply defined symbols.
Is this the expected behavior? Can only one sanitizer at a time have trapping disabled?
The command line to trigger is below.
---
$ clang++-3.9 -flto -fvisibility=default -fsanitize=safe-stack -fsanitize=cfi -fuse-ld=gold -fno-sanitize-trap=all hello.cpp
... lots of multiply defined symbol errors...
/usr/bin/ld.gold: error: /usr/lib/llvm-3.9/bin/../lib/clang/3.9.1/lib/linux/libclang_rt.safestack-x86_64.a(sanitizer_common_nolibc.cc.o): multiple definition of '__sanitizer::Abort()'
/usr/bin/ld.gold: /usr/lib/llvm-3.9/bin/../lib/clang/3.9.1/lib/linux/libclang_rt.ubsan_standalone-x86_64.a(sanitizer_posix_libcdep.cc.o): previous definition here
/usr/bin/ld.gold: error: /usr/lib/llvm-3.9/bin/../lib/clang/3.9.1/lib/linux/libclang_rt.safestack-x86_64.a(sanitizer_common_nolibc.cc.o): multiple definition of '__sanitizer::SleepForSeconds(int)'
/usr/bin/ld.gold: /usr/lib/llvm-3.9/bin/../lib/clang/3.9.1/lib/linux/libclang_rt.ubsan_standalone-x86_64.a(sanitizer_posix_libcdep.cc.o): previous definition here
clang: error: linker command failed with exit code 1 (use -v to see invocation)
---
hello.cpp:
---
#include <iostream>
int main(int argc, const char* argv[]) {
std::cout << "Hello, World\n";
return 0;
}
---
Thanks,
Artem
I am using clang++3.9 to build a simple program with both CFI and safe-stack. I am getting linker errors when combining -fsanitize=safe-stack, -fsanitize=cfi, and -fno-sanitize-trap=all. Combining safe-stack and CFI without -fno-sanitize-trap=all works as expected.
It looks like clang is attempting to link in two compiler-rt libraries, one for ubsan and one for safestack, and this causes multiply defined symbols.
Is this the expected behavior? Can only one sanitizer at a time have trapping disabled?
The command line to trigger is below.
---
$ clang++-3.9 -flto -fvisibility=default -fsanitize=safe-stack -fsanitize=cfi -fuse-ld=gold -fno-sanitize-trap=all hello.cpp
... lots of multiply defined symbol errors...
/usr/bin/ld.gold: error: /usr/lib/llvm-3.9/bin/../lib/clang/3.9.1/lib/linux/libclang_rt.safestack-x86_64.a(sanitizer_common_nolibc.cc.o): multiple definition of '__sanitizer::Abort()'
/usr/bin/ld.gold: /usr/lib/llvm-3.9/bin/../lib/clang/3.9.1/lib/linux/libclang_rt.ubsan_standalone-x86_64.a(sanitizer_posix_libcdep.cc.o): previous definition here
/usr/bin/ld.gold: error: /usr/lib/llvm-3.9/bin/../lib/clang/3.9.1/lib/linux/libclang_rt.safestack-x86_64.a(sanitizer_common_nolibc.cc.o): multiple definition of '__sanitizer::SleepForSeconds(int)'
/usr/bin/ld.gold: /usr/lib/llvm-3.9/bin/../lib/clang/3.9.1/lib/linux/libclang_rt.ubsan_standalone-x86_64.a(sanitizer_posix_libcdep.cc.o): previous definition here
clang: error: linker command failed with exit code 1 (use -v to see invocation)
---
hello.cpp:
---
#include <iostream>
int main(int argc, const char* argv[]) {
std::cout << "Hello, World\n";
return 0;
}
---
Thanks,
Artem
Peter Collingbourne via llvm-dev
Feb 4, 2017, 4:59:49 PM2/4/17
to Artem Dinaburg, llvm-dev
Hi Artem,
Thanks for the bug report! It should certainly be possible to use safestack with CFI in non-trapping mode, or indeed with any other sanitizer. I've sent https://reviews.llvm.org/D29545 for review which should fix this bug.
Peter
_______________________________________________
LLVM Developers mailing list
llvm...@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
--
Peter
Reply all
Reply to author
Forward
0 new messages