llvm dev - Nov 2021 - Why are the sanitizer compiled with -fno-stack-protector ?

Hi,

According to
https://github.com/llvm/llvm-project/commit/5829a98c48cf9009e4887e89e3075b3058909e8e
the sanitizers are compiled with -fno-stack-protector to avoid introducing a
libc dependency.
Is this still necessary?  Are there any other reasons why sanitizers cannot be
compiled with
stack protector enabled?

-Tom

Hi Tom,

Before we try to answer "are there any other reasons to not do X",
(and I don't know the answer off the top of my head)
I'd like to hear your "reasons to do X".

Bundling -fno-stack-protector with e.g. ASAN serves no purpose that I can
see.
-fno-stack-protector is a production feature.
It is a (weak but useful) security mitigation, it doesn't help to find
bugs.
ASAN (and other sanitizers) are testing tools, not commonly used in
production.
They find stack buffer overflows much better than fno-stack-protector does.

The exception is perhaps UBSAN with minimal run-time or in trap mode.
This one *is* commonly used in production and it would be reasonable to
allow it together with -fno-stack-protector.

--kcc



On Fri, Nov 19, 2021 at 4:21 PM Tom Stellard via llvm-dev <
llvm-dev at lists.llvm.org> wrote:
> Hi,
>
> According to
>
https://github.com/llvm/llvm-project/commit/5829a98c48cf9009e4887e89e3075b3058909e8e
> the sanitizers are compiled with -fno-stack-protector to avoid introducing
> a libc dependency.
> Is this still necessary?  Are there any other reasons why sanitizers
> cannot be compiled with
> stack protector enabled?
>
> -Tom
>
> _______________________________________________
> LLVM Developers mailing list
> llvm-dev at lists.llvm.org
> https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.llvm.org/pipermail/llvm-dev/attachments/20211122/9e1b42de/attachment.html>