CLANG-LOCAL(1) General Commands Manual CLANG-LOCAL(1)

clang-localOpenBSD-specific behavior of LLVM/clang

On OpenBSD, the LLVM/clang compiler exhibits the following characteristics:

  • clang does not search under /usr/local for include files or libraries: as a system compiler, it only searches the system paths by default.
  • clang comes with stack protection enabled by default, equivalent to the -fstack-protector-strong option on other systems. The system will report any violation of the stack protector cookie along with the function name via syslog(3) at LOG_CRIT priority.
  • clang will generate PIE code by default, allowing the system to load the resulting binary at a random location. This behavior can be turned off by passing -fno-pie to the compiler and -nopie to the linker. It is also turned off when the -pg flag is used.
  • The -fstrict-aliasing option is turned off by default unless -Ofast has been selected.
  • clang does not store its version string in objects. There is no option to control this.
  • The -p flag is an alias of -pg.
  • clang does not warn for passing pointer arguments or assignment with different signedness outside of -pedantic. This can be re-enabled with the -Wpointer-sign flag.
  • The warning option -Waddress-of-packed-member is disabled by default.
  • Color diagnostic messages are disabled by default and can be re-enabled with -fdiagnostics-color.
  • The -fwrapv option to treat signed integer overflows as defined is enabled by default to prevent dangerous optimizations which could remove security critical overflow checks.
  • The base system includes the ubsan_minimal sanitizer runtime but not the fully-featured ubsan runtime. See the documentation for the -fsanitize-minimal-runtime flag.
  • The malloc(3), calloc(3), realloc(3), strdup(3), strndup(3), valloc(3) and free(3) builtins are disabled to prevent undesirable optimizations of calls to these functions.
  • clang includes a security pass that exchanges some ROP-friendly instructions with safer alternatives on i386 and amd64. This can be disabled with the -fno-fixup-gadgets option.
  • clang includes a security pass that can clear the return address on the stack upon return from calling a function, on i386 and amd64. This can be enabled with the -fret-clean option.
  • clang includes the retguard security feature on amd64, arm64, mips64, powerpc and powerpc64. This feature can be disabled with the -fno-ret-protector or -fno-stack-protector options.
  • clang has -mretpoline enabled by default on amd64 to protect against branch target injection attacks. It can be disabled with -mno-retpoline.
  • A new warning for %n format specifier usage in printf(3) family functions has been added.

clang(1)

June 2, 2024 OpenBSD 7.6