secp256k1 icon indicating copy to clipboard operation
secp256k1 copied to clipboard

Published 20 hours ago verified publisher icon bitcoin-core

cmake: Add `--no-undefined` linker option

Open hebasto opened this issue 1 year ago • 6 comments

This PR adds the --no-undefined option to a linker, which supports it.

From the GNU ld docs:

--no-undefined

Report unresolved symbol references from regular object files. This is done even if the linker is creating a non-symbolic shared library.

Closes https://github.com/bitcoin-core/secp256k1/issues/1556.

~Looking for Concept (N)ACKs. Once ACKed, I'll add the same functionality to the Autotools-based build system.~

hebasto avatar Jun 28 '24 12:06 hebasto

Concept ACK.

I think we might be after -Wl,--no-allow-shlib-undefined, though, and only for the shared lib as that's what we care about. --no-undefined is strictly stronger, I guess, and should also be satisfied for the binaries. So I suppose the sledgehammer approach here should be fine.

theuni avatar Jun 28 '24 15:06 theuni

I think we might be after -Wl,--no-allow-shlib-undefined...

From my experience, it fails to catch an issue like one I demoed in https://github.com/bitcoin-core/secp256k1/issues/1556.

hebasto avatar Jun 28 '24 15:06 hebasto

I think we might be after -Wl,--no-allow-shlib-undefined, though, and only for the shared lib as that's what we care about. --no-undefined is strictly stronger, I guess, and should also be satisfied for the binaries. So I suppose the sledgehammer approach here should be fine.

If https://stackoverflow.com/a/2356407 is right, then --no-undefined covers objects created by the linker and --no-allow-shlib-undefined covers shared libraries consumed by the linker.

real-or-random avatar Jun 28 '24 15:06 real-or-random

Concept ACK

real-or-random avatar Jun 28 '24 15:06 real-or-random

Looking for Concept (N)ACKs. Once ACKed, I'll add the same functionality to the Autotools-based build system.

Added a commit for the Autotools-based build system.

hebasto avatar Jun 28 '24 17:06 hebasto

I think we need to make add an exception to this if external default callbacks are enabled because the entire point of this option is that the user provides the callbacks at link time.

Right. I did it in CMake, but forgot about it in Autotools. Fixed.

hebasto avatar Jun 29 '24 10:06 hebasto

This PR adds the --no-undefined option to a linker, which supports it.

Using sanitizers with Clang involves a static sanitizer runtime by default, which eventually fails when using the --no-undefined option. As a workaround, a dynamically linked sanitizer runtime can be forced with -shared-libsan, which in turn requires setting RPATH or LD_PRELOAD.

Perhaps we could set --no-undefined for non-sanitizer jobs in the CI?

In any case, closing for now.

hebasto avatar Jun 04 '25 15:06 hebasto