Add support for LTO and Gold linker (#1812)

This commit add (optional) support for Link-Time-Optimization and Gold linker. This is the first, mandatory step needed to make nDPI compliant with "introspector" sanitizer requirements in OSS-Fuzz: see https://github.com/google/oss-fuzz/issues/8939 Gold linker is not supported by Windows and by macOS, so this feature is disabled by default. It has been enable in CI in two linux targets ("latest" gcc and clang). Fix some warnings triggered by LTO. The changes in `src/lib/ndpi_serializer.c` seams reasonable. However, the change in `tests/unit/unit.c` is due to the following warning, which seems to be a false positive. ``` unit.c: In function ‘serializerUnitTest’: ndpi_serializer.c:2258:13: error: ‘MEM[(struct ndpi_private_serializer *)&deserializer].buffer.size’ may be used uninitialized in this function [-Werror=maybe-uninitialized] unit.c:67:31: note: ‘MEM[(struct ndpi_private_serializer *)&deserializer].buffer.size’ was declared here 67 | ndpi_serializer serializer, deserializer; | ^ ndpi_serializer.c:2605:10: error: ‘MEM[(struct ndpi_private_serializer *)&deserializer].status.buffer.size_used’ may be used uninitialized in this function [-Werror=maybe-uninitialized] unit.c:67:31: note: ‘MEM[(struct ndpi_private_serializer *)&deserializer].status.buffer.size_used’ was declared here 67 | ndpi_serializer serializer, deserializer; ``` Since this warning is triggered only with an old version of gcc and `tests/unit/unit.c` is used only during the tests, the easiest fix has been applied. Some (unknown to me) combinations of OS and compiler trigger the following warnings at linker time (with sanitizer and gold linker) ``` /usr/bin/ld.gold: warning: Cannot export local symbol '__asan_report_load1_asm' /usr/bin/ld.gold: warning: Cannot export local symbol '__asan_report_load2_asm' /usr/bin/ld.gold: warning: Cannot export local symbol '__asan_report_load4_asm' /usr/bin/ld.gold: warning: Cannot export local symbol '__asan_report_load8_asm' /usr/bin/ld.gold: warning: Cannot export local symbol '__asan_report_load16_asm' /usr/bin/ld.gold: warning: Cannot export local symbol '__asan_report_store1_asm' /usr/bin/ld.gold: warning: Cannot export local symbol '__asan_report_store2_asm' /usr/bin/ld.gold: warning: Cannot export local symbol '__asan_report_store4_asm' [..] ``` I have not found any references to this kind of message, with the only exception of https://sourceware.org/bugzilla/show_bug.cgi?id=25975 which seems to suggest that these messages can be safely ignored. In any case, the compilation results are sound. Fix `clean` target in the Makefile in the `example` directory. In OSS-Fuzz enviroments, `fuzz_ndpi_reader` reports a strange link error (as always, when the gold linker is involved...). It's come out that the culprit was the `tempnam` function: the code has been changed to use `tmpfile` instead. No sure why... :( Fuzzing target `fuzz_ndpi_reader.c` doesn't use `libndpiReader.a` anymore: this way we can use `--with-only-libndpi` flag on Oss-Fuzz builds as workaround for the "missing dependencies errors" described in https://github.com/google/oss-fuzz/issues/8939
2026-04-30 16:09:43 +00:00 · 2022-12-05 10:21:42 +01:00 · 2022-12-05 10:21:42 +01:00 · 3e4ab39b52
commit 3e4ab39b52
parent b9f63458e6
7 changed files with 53 additions and 51 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -171,7 +171,7 @@ jobs:
          git diff-index --quiet HEAD -- || true

  test:
-    name: ${{ matrix.os }} ${{ matrix.arch }} ${{ matrix.gcrypt }} ${{ matrix.compiler }} ${{ matrix.pcre }} ${{ matrix.maxminddb }} ${{ matrix.msan }} ${{ matrix.nBPF }}
+    name: ${{ matrix.os }} ${{ matrix.arch }} ${{ matrix.gcrypt }} ${{ matrix.compiler }} ${{ matrix.pcre }} ${{ matrix.maxminddb }} ${{ matrix.msan }} ${{ matrix.nBPF }} ${{matrix.lto_gold_linker}}
    runs-on: ${{ matrix.os }}
    env:
      CC: ${{ matrix.compiler }}
@ -183,10 +183,13 @@ jobs:
        arch: ["x86_64"]
        gcrypt: ["--with-local-libgcrypt", ""]
        compiler: ["cc"]
+        ar: ["ar"]
+        ranlib: ["ranlib"]
        pcre: [""]
        maxminddb: [""]
        msan: [""]
        nBPF: [""]
+        lto_gold_linker: [""]
        include:
          - compiler: "gcc-7" # "Oldest" gcc easily available
            os: ubuntu-20.04
@ -204,6 +207,7 @@ jobs:
            maxminddb: "--with-maxminddb"
            msan: "--with-sanitizer"
            nBPF: ""
+            lto_gold_linker: "--with-lto-and-gold-linker"
          - compiler: "clang-7" # "Oldest" clang easily available
            os: ubuntu-20.04
            arch: "x86_64"
@ -213,6 +217,8 @@ jobs:
            msan: "--with-sanitizer"
            nBPF: ""
          - compiler: "clang-14" # "Newest" clang easily available
+            ar: "llvm-ar-14"
+            ranlib: "llvm-ranlib-14"
            os: ubuntu-22.04
            arch: "x86_64"
            gcrypt: ""
@ -220,6 +226,7 @@ jobs:
            maxminddb: "--with-maxminddb"
            msan: "--with-sanitizer"
            nBPF: ""
+            lto_gold_linker: "--with-lto-and-gold-linker"
          - compiler: "cc"
            os: ubuntu-latest
            arch: "x86_64"
@ -336,12 +343,8 @@ jobs:
          ./configure
          make
          cd -
-      - name: Setup Ubuntu specified compiler (gcc)
-        if: startsWith(matrix.os, 'ubuntu') && startsWith(matrix.arch, 'x86_64') && startsWith(matrix.compiler, 'gcc')
-        run: |
-          sudo apt-get install ${{ matrix.compiler }}
-      - name: Setup Ubuntu specified compiler (clang)
-        if: startsWith(matrix.os, 'ubuntu') && startsWith(matrix.arch, 'x86_64') && startsWith(matrix.compiler, 'clang')
+      - name: Setup Ubuntu specified compiler
+        if: startsWith(matrix.os, 'ubuntu') && startsWith(matrix.arch, 'x86_64') && ! startsWith(matrix.compiler, 'cc')
        run: |
          sudo apt-get install ${{ matrix.compiler }}
      - name: Install Windows msys2 prerequisites
@ -390,9 +393,9 @@ jobs:
        run: |
          brew install libmaxminddb
      - name: Configure nDPI on Ubuntu
-        if: startsWith(matrix.os, 'ubuntu') && startsWith(matrix.arch, 'x86_64') && startsWith(matrix.compiler, 'cc')
+        if: startsWith(matrix.os, 'ubuntu') && startsWith(matrix.arch, 'x86_64')
        run: |
-          ./autogen.sh --enable-option-checking=fatal --enable-debug-messages ${{ matrix.gcrypt }} ${{ matrix.msan }} ${{ matrix.pcre }} ${{ matrix.maxminddb }} --enable-tls-sigs
+          AR=${{ matrix.ar }} RANLIB=${{ matrix.ranlib }} ./autogen.sh --enable-option-checking=fatal --enable-debug-messages ${{ matrix.gcrypt }} ${{ matrix.msan }} ${{ matrix.pcre }} ${{ matrix.maxminddb }} --enable-tls-sigs ${{matrix.lto_gold_linker}}
      - name: Configure nDPI on MacOS
        if: startsWith(matrix.os, 'macOS') && startsWith(matrix.arch, 'x86_64') && startsWith(matrix.compiler, 'cc')
        run: |
@ -406,14 +409,6 @@ jobs:
        run: |
          msys2 -c 'make all'
          msys2 -c 'ldd ./example/ndpiReader.exe'
-      - name: Configure nDPI with specified GCC version on Ubuntu
-        if: startsWith(matrix.os, 'ubuntu') && startsWith(matrix.arch, 'x86_64') && startsWith(matrix.compiler, 'gcc')
-        run: |
-          ./autogen.sh --enable-option-checking=fatal --enable-debug-messages ${{ matrix.gcrypt }} ${{ matrix.msan }} ${{ matrix.pcre }} ${{ matrix.maxminddb }} --enable-tls-sigs
-      - name: Configure nDPI with specified CLANG on Ubuntu
-        if: startsWith(matrix.os, 'ubuntu') && startsWith(matrix.arch, 'x86_64') && startsWith(matrix.compiler, 'clang')
-        run: |
-          ./autogen.sh --enable-option-checking=fatal --enable-debug-messages ${{ matrix.gcrypt }} ${{ matrix.msan }} ${{ matrix.pcre }} ${{ matrix.maxminddb }} --enable-tls-sigs
      - name: Build nDPI
        if: startsWith(matrix.arch, 'x86_64') && !startsWith(matrix.os, 'windows')
        run: |