Skip to content

Linker error 'invalid r_symbolnum' with -fsanitize=fuzzer,undefined on macOS arm64 #139684

New issue
New issue
Open
Open
Linker error 'invalid r_symbolnum' with -fsanitize=fuzzer,undefined on macOS arm64#139684
Labels
build-problemcompiler-rt:fuzzerplatform:macos
@dloidolt

Description

@dloidolt
dloidolt
opened on May 13, 2025

Compile the following fuzz target with UBSan I get a linker error on macOS (arm64).

// fuzz_target.c
#include <stdint.h>
#include <stddef.h>

int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  if (size > 0 && data[0] == 'H')
    if (size > 1 && data[1] == 'I')
       if (size > 2 && data[2] == '!')
          __builtin_trap();
  return 0;
}
clang -fsanitize=fuzzer,undefined fuzz_target.c
ld: invalid r_symbolnum=1 in '/var/folders/xh/x0n5fxc94w7gdgsj9m6xkptc0000gn/T/fuzz_target-da2c8d.o'
clang: error: linker command failed with exit code 1 (use -v to see invocation)

Output with -v option

clang -fsanitize=fuzzer,undefined fuzz_target.c -v 
Homebrew clang version 20.1.4
Target: arm64-apple-darwin24.4.0
Thread model: posix
InstalledDir: /opt/homebrew/Cellar/llvm/20.1.4_1/bin
Configuration file: /opt/homebrew/etc/clang/arm64-apple-darwin24.cfg
System configuration file directory: /opt/homebrew/etc/clang
User configuration file directory: /Users/dominik/.config/clang
 "/opt/homebrew/Cellar/llvm/20.1.4_1/bin/clang-20" -cc1 -triple arm64-apple-macosx15.0.0 -Wundef-prefix=TARGET_OS_ -Werror=undef-prefix -Wdeprecated-objc-isa-usage -Werror=deprecated-objc-isa-usage -emit-obj -dumpdir a- -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name fuzz_target.c -mrelocation-model pic -pic-level 2 -mframe-pointer=non-leaf -ffp-contract=on -fno-rounding-math -funwind-tables=1 -target-sdk-version=15.4 -fcompatibility-qualified-id-block-type-checking -fvisibility-inlines-hidden-static-local-var -fdefine-target-os-macros -fno-modulemap-allow-subdirectory-search -target-cpu apple-m1 -target-feature +zcm -target-feature +zcz -target-feature +v8.4a -target-feature +aes -target-feature +altnzcv -target-feature +ccdp -target-feature +ccpp -target-feature +complxnum -target-feature +crc -target-feature +dotprod -target-feature +flagm -target-feature +fp-armv8 -target-feature +fp16fml -target-feature +fptoint -target-feature +fullfp16 -target-feature +jsconv -target-feature +lse -target-feature +neon -target-feature +pauth -target-feature +perfmon -target-feature +predres -target-feature +ras -target-feature +rcpc -target-feature +rdm -target-feature +sb -target-feature +sha2 -target-feature +sha3 -target-feature +specrestrict -target-feature +ssbs -target-abi darwinpcs -debugger-tuning=lldb -fdebug-compilation-dir=/Users/dominik/work/git/airs-compression/build -target-linker-version 1167.4.1 -v -fcoverage-compilation-dir=/Users/dominik/work/git/airs-compression/build -resource-dir /opt/homebrew/Cellar/llvm/20.1.4_1/lib/clang/20 -isysroot /Library/Developer/CommandLineTools/SDKs/MacOSX.sdk -internal-isystem /Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/local/include -internal-isystem /opt/homebrew/Cellar/llvm/20.1.4_1/lib/clang/20/include -internal-externc-isystem /Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/include -ferror-limit 19 -stack-protector 1 -fblocks -fencode-extended-block-signature -fregister-global-dtors-with-atexit -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -fmax-type-align=16 -fcolor-diagnostics -fsanitize-coverage-type=3 -fsanitize-coverage-indirect-calls -fsanitize-coverage-trace-cmp -fsanitize-coverage-inline-8bit-counters -fsanitize-coverage-pc-table -fsanitize=fuzzer,fuzzer-no-link,alignment,array-bounds,bool,builtin,enum,float-cast-overflow,function,integer-divide-by-zero,nonnull-attribute,null,pointer-overflow,return,returns-nonnull-attribute,shift-base,shift-exponent,signed-integer-overflow,unreachable,vla-bound,vptr -fsanitize-recover=alignment,array-bounds,bool,builtin,enum,float-cast-overflow,function,integer-divide-by-zero,nonnull-attribute,null,pointer-overflow,returns-nonnull-attribute,shift-base,shift-exponent,signed-integer-overflow,vla-bound,vptr -fsanitize-merge=alignment,array-bounds,bool,builtin,enum,float-cast-overflow,function,integer-divide-by-zero,nonnull-attribute,null,pointer-overflow,return,returns-nonnull-attribute,shift-base,shift-exponent,signed-integer-overflow,unreachable,vla-bound,vptr -fno-sanitize-memory-param-retval -fno-sanitize-address-use-odr-indicator -fno-builtin-bcmp -fno-builtin-memcmp -fno-builtin-strncmp -fno-builtin-strcmp -fno-builtin-strncasecmp -fno-builtin-strcasecmp -fno-builtin-strstr -fno-builtin-strcasestr -fno-builtin-memmem -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /var/folders/xh/x0n5fxc94w7gdgsj9m6xkptc0000gn/T/fuzz_target-7a68d8.o -x c fuzz_target.c
clang -cc1 version 20.1.4 based upon LLVM 20.1.4 default target arm64-apple-darwin24.4.0
ignoring nonexistent directory "/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/local/include"
ignoring nonexistent directory "/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/System/Library/SubFrameworks"
ignoring nonexistent directory "/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/Library/Frameworks"
#include "..." search starts here:
#include <...> search starts here:
 /opt/homebrew/Cellar/llvm/20.1.4_1/lib/clang/20/include
 /Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/include
 /Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/System/Library/Frameworks (framework directory)
End of search list.
 "/usr/bin/ld" -demangle -lto_library /opt/homebrew/Cellar/llvm/20.1.4_1/lib/libLTO.dylib -no_deduplicate -dynamic -arch arm64 -platform_version macos 15.0.0 15.4 -syslibroot /Library/Developer/CommandLineTools/SDKs/MacOSX15.sdk -mllvm -enable-linkonceodr-outlining -o a.out /var/folders/xh/x0n5fxc94w7gdgsj9m6xkptc0000gn/T/fuzz_target-7a68d8.o /opt/homebrew/Cellar/llvm/20.1.4_1/lib/clang/20/lib/darwin/libclang_rt.ubsan_osx_dynamic.dylib -rpath @executable_path -rpath /opt/homebrew/Cellar/llvm/20.1.4_1/lib/clang/20/lib/darwin /opt/homebrew/Cellar/llvm/20.1.4_1/lib/clang/20/lib/darwin/libclang_rt.fuzzer_osx.a -lc++ -lSystem /opt/homebrew/Cellar/llvm/20.1.4_1/lib/clang/20/lib/darwin/libclang_rt.osx.a
ld: invalid r_symbolnum=1 in '/var/folders/xh/x0n5fxc94w7gdgsj9m6xkptc0000gn/T/fuzz_target-7a68d8.o'
clang: error: linker command failed with exit code 1 (use -v to see invocation)

Linker Version

/usr/bin/ld -v 
@(#)PROGRAM:ld PROJECT:ld-1167.4.1
BUILD 20:00:10 Mar 12 2025
configured to support archs: armv6 armv7 armv7s arm64 arm64e arm64_32 i386 x86_64 x86_64h armv6m armv7k armv7m armv7em
will use ld-classic for: armv6 armv7 armv7s i386 armv6m armv7k armv7m armv7em
LTO support using: LLVM version 17.0.0 (static support for 29, runtime is 29)
TAPI support using: Apple TAPI version 17.0.0 (tapi-1700.0.3.4)

Metadata

Metadata

Assignees

No one assigned

    Labels

    build-problemcompiler-rt:fuzzerplatform:macos

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions