<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/80236>80236</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            Stack protector should have a trapping mode
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            new issue
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          matheusmoreira
      </td>
    </tr>
</table>

<pre>
    The current implementation of the stack smashing protection machinery references the `__stack_chk_fail` symbol, thereby requiring that this function be defined. This is not always desirable. There should also be an alternative code generation mode which uses `__builtin_trap` instead.

Rich Felker [wrote] in the GCC Bugzilla in 2020:

> This is less secure than it could be, since it depends on the ability to make function calls (and possibly operate on global data and make syscalls in the callee) in a process whose state is compromised.
>
> For example the GOT entries used by PLT could be clobbered or `%gs:0x10` (i386 syscall vector) could be clobbered by the same stack-based overflow that caused the stack protector event in the first place.

This feature would also make the stack smashing protection machinery much easier to integrate with in `-ffreestanding -nostdlib` programs. Various sanitizers already have support for trap instruction generation:

> `-fsanitize-trap[=opts]`
>
>    The `-fsanitize-trap=` option instructs the compiler to report for sanitizers 
>    mentioned in comma-separated list of opts undefined behavior using 
>    `__builtin_trap` rather than a `libubsan` library routine. 
>
>    The advantage of this is that the `libubsan` library is not needed and is not 
>    linked in, so this is usable even in freestanding environments.

This feature would be the stack smashing protector equivalent.

References:

 - [GCC Bug 93509 - Stack protector should offer trap-only handling][gcc.bug.93509]
 - [GCC Stack smashing protection][gccint]

[wrote]: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93509#c0
[gcc.bug.93509]: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93509
[gccint]: https://gcc.gnu.org/onlinedocs/gccint/Stack-Smashing-Protection.html
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJysVsFy2zYQ_RrosiMNRVqydNDBjqNeOtNM4-nVswBXJGoQYLCgFOXrOwsyUuzYTQ-9yEOA-_D24e0zkdk2nminVvdq9TDDIbUh7jpMLQ3chUg24kyH-rx7bAnMECP5BLbrHXXkEyYbPIQDpJaAE5pn4A65tb6BPoZEJr_QoWmtp3iGSAeK5A1xLlHr4ukp1z2Z9vnpgNapdQF87nRwqvwgL0XSUvdlsFFgU4sJUmsZDoMf4TVBTQfrqV7Ao-xYBh8SoDvhmaEmthG1I9mlSMBtGFwN6DhILXpAlyh6TPZIYEJN0JCnOHbXyfOptaaFgYlHznqwLln_lCL2wth6ToT1QhUPqrgbf_-Ukj25Z4qgVvcn0UOtHsD63PtvHz7A_dB8s86hrJVFWajq7kcEVX28NOSIGZjMEEk08GATmNyHJlGKrTckizX15GuGMB6D2jqbzpACdPhMV9UMOsegyg36GvrAbLU7Q-ilb5LqxgWNDmpMCPJOLuczj4VTF_JApMqtLKBcuhGipzZwdkQiIW9C18fQWaaLRNXHa4_7EIG-orhqlOaPRyCfoiUWzWvQZ_j0--OlXzAuaE2RaghRLkSVq4ZVdVd8XRZyHarc2Gqz_s4WjmRSiMLyDQh9Hu2L3eThuUY5NBwpHlw4jZYzmJlcjT75W6gf81CMghxs5AS9Q0Mv3JDv8UCY5AJPVwNmVf_r-HSDaYGQLUW5UOsTNfm6Tja1wkCti_nhEIk4oa8FZ-4Dp9pZLbr0MTQRO17AXxhtGBgYvU32G0UGdJGwPkOLRwIe-j7EBIcQQUyeHR6HkdB1Ot4wbKbwHXaeB2R1r6qH0CdWqwe5rZ8dACCz-VZtJRUQ-nzwdxJjeoirrBuliHSh-0NLLw6QwLLBUy1CmdB1OGfqUfSrwVlOEmTCEgY_5QloavFoQ4SBRcwXeG8GQZTojOOEorzirB40o5dNZ3VEScEwJOtpAe8rgfURfcKGxnQdM2DKPnoPd8o9T1RTnWd2WnkB76x_ziLk2AgX9IElJLObRaEXLiJ_tDF4kZB_ZWv9b36Wcfky2CM68ullXF7-NbwyFcwlPqe4hG21KrYwh8-vhnAK9XA40OjYefBOzOxrZ30jzlvdN8Ys9NAsMogsvTrg83szeCm3Pl3qpt9rtKvqDtqU-txBuVflXg5s_LAIsVHlXk9xr8o9t-H0JFRMY1W1t7WqHkZWZWWKC_JPhP-PE34An9r5BWrwTqYhGB63pKrcZ7Hmnyex5p8uYi3a1LlZvavqbbXFGe2Wt8X6drW93dzM2l2x0WWxvNGVKZdrOuAW6_XWrJdrXFbL9aaa2V1ZlDdFWSyLarUubxYVLm-1XlY3hupqozfqpqAOrVs4d-yE4swyD7TbFGW1njnU5Dh_0ZSlpxPkTVWW8oETd1Iz10PD6qaQoecrSrLJ0e4dY-VUxOysXrwhnwWzIbrdK-Fsage9MKFT5V6Qpz_zPoa_yYhumY8omfn-EwAA__-nPiz6">