From nobody Tue Apr 30 04:03:16 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zoho.com; dkim=fail spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1496158180176523.0436248825457; Tue, 30 May 2017 08:29:40 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1C14680042; Tue, 30 May 2017 15:29:35 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 99E3C5C542; Tue, 30 May 2017 15:29:33 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0B30D180BAF5; Tue, 30 May 2017 15:29:30 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v4UFTSIC004000 for ; Tue, 30 May 2017 11:29:28 -0400 Received: by smtp.corp.redhat.com (Postfix) id 317FBEFB91; Tue, 30 May 2017 15:29:28 +0000 (UTC) Received: from mx1.redhat.com (ext-mx06.extmail.prod.ext.phx2.redhat.com [10.5.110.30]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2C88BEFB95 for ; Tue, 30 May 2017 15:29:26 +0000 (UTC) Received: from mail-qk0-f181.google.com (mail-qk0-f181.google.com [209.85.220.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DC16C3B71F for ; Tue, 30 May 2017 15:29:21 +0000 (UTC) Received: by mail-qk0-f181.google.com with SMTP id 19so6041366qke.2 for ; Tue, 30 May 2017 08:29:21 -0700 (PDT) Received: from localhost.localdomain ([189.103.224.91]) by smtp.gmail.com with ESMTPSA id d136sm833004qkg.50.2017.05.30.08.29.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 30 May 2017 08:29:20 -0700 (PDT) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 1C14680042 Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 1C14680042 Authentication-Results: mx1.redhat.com; dkim=fail reason="signature verification failed" (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="XeIWvWuc" DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com DC16C3B71F Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=claudioandre.br@gmail.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com DC16C3B71F DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=58WfDtlAvmoVklm0lUZ/1pzS86FGvrwmyNYboN78QI8=; b=XeIWvWuce/EQTUpv5b7CPQdJG1dV/wM9JsjkjIzB694Y+WWpydALr9lsyZIz72EfGT N0nmWimeB1J1be2U4n4GzrhqkObIRhnOaxWbxRmGfiomzNuFqHf1kO5loEpJKsbF1L21 1UIt+A2xwnjCf43ULfl70zP1M+xJnzjbGF2zpXwrLS+H19nI0UR95e7/xvGEZlhevvWl 4u/o4V/78pjC547hFaEo/c51DLPXOSS0ClJfFlixwn0uHaw+3orWorNsYnioHYbFWB7/ coBcHvhCtmKkOg8L9uuIWZSrSdRbQ95DPM8sctfLhk5N7kb4P+bt0/0XgEGObDB966Gr kOKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=58WfDtlAvmoVklm0lUZ/1pzS86FGvrwmyNYboN78QI8=; b=Jvx+PduchALDx0tR7Da8gN8M6Dgvs3d9qdeZ0BLMrmqvdMZk6dqk8GA+iV0A5eB0LM BVzu67/Ir06BnsBminpfIddoBTUtXrl0upmJ5+0ri7qjtVCNEE2NC5pyfjKEotderTKI L3ft6o3uH/KfTdROXBpfmIYVkM5VkCqTixBd6eLmLaDA3dHHRuaX6CgIrtYUHJMgbFNG trqoupxGimqelg0oNGJXSESa8LSJfslM+p6nmkMQHk+/QD4zCiGkzdJCUtWEsxxGTxf/ C0ZNNKTa5Eb9yptSq61+rhLadetoirDQI8bVuXzqg/zld5751CF4novCKcAbUev5q/w0 ZSUg== X-Gm-Message-State: AODbwcCiVdHYfRFuTENwEmB+FPuEppW6MrnmolGnHsglRZ3c28xbqcZk /WqZTY5bv71pNjH0 X-Received: by 10.55.133.4 with SMTP id h4mr24994981qkd.70.1496158160999; Tue, 30 May 2017 08:29:20 -0700 (PDT) From: claudioandre.br@gmail.com To: libvir-list@redhat.com Date: Tue, 30 May 2017 12:28:57 -0300 Message-Id: <20170530152857.8062-1-claudioandre.br@gmail.com> MIME-Version: 1.0 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Tue, 30 May 2017 15:29:22 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Tue, 30 May 2017 15:29:22 +0000 (UTC) for IP:'209.85.220.181' DOMAIN:'mail-qk0-f181.google.com' HELO:'mail-qk0-f181.google.com' FROM:'claudioandre.br@gmail.com' RCPT:'' X-RedHat-Spam-Score: 2.27 ** (BAYES_50, DCC_REPUT_00_12, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, RCVD_IN_SORBS_SPAM, RCVD_IN_SORBS_WEB, SPF_PASS) 209.85.220.181 mail-qk0-f181.google.com 209.85.220.181 mail-qk0-f181.google.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.30 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Cc: =?UTF-8?q?Claudio=20Andr=C3=A9?= Subject: [libvirt] [PATCH] maint: add sanitizers to the build process X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Tue, 30 May 2017 15:29:37 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 From: Claudio Andr=C3=A9 Sanitizers are based on compile-time instrumentation. They are available in= gcc and clang for a range of supported operation systems and platforms. Mo= re info at: https://github.com/google/sanitizers The address sanitizer finds bugs related to addressing memory: use after fr= ee, heap buffer overflow, stack buffer overflow, memory leaks, ... The undefined behavior sanitizer detects situations not prescribed by the l= anguage specification: bound violations, data overflows, ... The llvm.org states that Sanitizers have found thousands of bugs everywhere. Sanitizers running during CI can prevent bugs from taking up residence. A h= elper tool to keep bugs out. --- - I mean CI (in general) not only Travis; - The functionality is not tied to CI; it is useful for local testing; - A way to think about this (including the ongoing GSOC): - Phase 1: test with Sanitizers to achieve basic code sanity; - Phase 2: use fuzzing for stronger security & reliability; - MISSING: should I add the flag to which Makefile.am? Or, what do you guys= think about this? configure.ac | 2 ++ m4/virt-compile-sanitizer.m4 | 51 ++++++++++++++++++++++++++++++++++++++++= ++++ 2 files changed, 53 insertions(+) create mode 100644 m4/virt-compile-sanitizer.m4 diff --git a/configure.ac b/configure.ac index 246f4e0..4334614 100644 --- a/configure.ac +++ b/configure.ac @@ -237,6 +237,7 @@ LIBVIRT_COMPILE_WARNINGS LIBVIRT_COMPILE_PIE LIBVIRT_LINKER_RELRO LIBVIRT_LINKER_NO_INDIRECT +LIBVIRT_COMPILE_SANITIZER =20 LIBVIRT_ARG_APPARMOR LIBVIRT_ARG_ATTR @@ -1011,6 +1012,7 @@ AC_MSG_NOTICE([]) AC_MSG_NOTICE([Miscellaneous]) AC_MSG_NOTICE([]) LIBVIRT_RESULT_DEBUG +LIBVIRT_RESULT_SANITIZER AC_MSG_NOTICE([ Use -Werror: $enable_werror]) AC_MSG_NOTICE([ Warning Flags: $WARN_CFLAGS]) LIBVIRT_RESULT_DTRACE diff --git a/m4/virt-compile-sanitizer.m4 b/m4/virt-compile-sanitizer.m4 new file mode 100644 index 0000000..a7cac31 --- /dev/null +++ b/m4/virt-compile-sanitizer.m4 @@ -0,0 +1,51 @@ +dnl +dnl Check for support for Sanitizers +dnl Check for -fsanitize=3Daddress and -fsanitize=3Dundefined support +dnl +dnl This library is free software; you can redistribute it and/or +dnl modify it under the terms of the GNU Lesser General Public +dnl License as published by the Free Software Foundation; either +dnl version 2.1 of the License, or (at your option) any later version. +dnl +dnl This library is distributed in the hope that it will be useful, +dnl but WITHOUT ANY WARRANTY; without even the implied warranty of +dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +dnl Lesser General Public License for more details. +dnl +dnl You should have received a copy of the GNU Lesser General Public +dnl License along with this library. If not, see +dnl . +dnl + +AC_DEFUN([LIBVIRT_COMPILE_SANITIZER],[ + LIBVIRT_ARG_ENABLE([ASAN], [Build with address sanitizer support], [no= ]) + LIBVIRT_ARG_ENABLE([UBSAN], [Build with undefined behavior sanitizer s= upport], [no]) + + SAN_CFLAGS=3D + SAN_LDFLAGS=3D + + AS_IF([test "x$enable_asan" =3D "xyes"], [ + gl_COMPILER_OPTION_IF([-fsanitize=3Daddress -fno-omit-frame-pointe= r], [ + SAN_CFLAGS=3D"-fsanitize=3Daddress -fno-omit-frame-pointer" + SAN_LDFLAGS=3D"-fsanitize=3Daddress" + ]) + + AC_SUBST([SAN_CFLAGS]) + AC_SUBST([SAN_LDFLAGS]) + ]) + + AS_IF([test "x$enable_ubsan" =3D "xyes"], [ + gl_COMPILER_OPTION_IF([-fsanitize=3Dundefined -fno-omit-frame-poin= ter], [ + SAN_CFLAGS=3D"$SAN_CFLAGS -fsanitize=3Dundefined -fno-omit-fra= me-pointer" + SAN_LDFLAGS=3D"$SAN_LDFLAGS -fsanitize=3Dundefined" + ]) + + AC_SUBST([SAN_CFLAGS]) + AC_SUBST([SAN_LDFLAGS]) + ]) +]) + +AC_DEFUN([LIBVIRT_RESULT_SANITIZER], [ + AC_MSG_NOTICE([ ASan: $enable_asan]) + AC_MSG_NOTICE([ UBSan: $enable_ubsan]) +]) --=20 2.11.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list