mirror of
https://github.com/aljazceru/lightning.git
synced 2025-12-18 22:54:25 +01:00
configure: support sanitizers properly.
For example, if we use -fsanitize=undefined, we can't do unaligned integer access, but since we didn't test with the sanitizer flags, we didn't know this, and set `HAVE_UNALIGNED_ACCESS=1`. Also, add -fno-sanitize-recover= in developer mode, so we actually fail binaries if something is detected. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This commit is contained in:
Rusty Russell
19
Makefile
19
Makefile
@@ -43,20 +43,6 @@ VG=VALGRIND=1 valgrind -q --error-exitcode=7
|
||||
VG_TEST_ARGS = --track-origins=yes --leak-check=full --show-reachable=yes --errors-for-leak-kinds=all
|
||||
endif
|
||||
|
||||
SANITIZER_FLAGS :=
|
||||
|
||||
ifneq ($(ASAN),0)
|
||||
SANITIZER_FLAGS += -fsanitize=address
|
||||
endif
|
||||
|
||||
ifneq ($(UBSAN),0)
|
||||
SANITIZER_FLAGS += -fsanitize=undefined
|
||||
endif
|
||||
|
||||
ifneq ($(FUZZING), 0)
|
||||
SANITIZER_FLAGS += -fsanitize=fuzzer-no-link
|
||||
endif
|
||||
|
||||
ifeq ($(DEVELOPER),1)
|
||||
DEV_CFLAGS=-DCCAN_TAKE_DEBUG=1 -DCCAN_TAL_DEBUG=1 -DCCAN_JSON_OUT_DEBUG=1
|
||||
else
|
||||
@@ -256,7 +242,7 @@ LIBRARY_PATH := /usr/local/lib
|
||||
endif
|
||||
|
||||
CPPFLAGS += -DBINTOPKGLIBEXECDIR="\"$(shell sh tools/rel.sh $(bindir) $(pkglibexecdir))\""
|
||||
CFLAGS = $(CPPFLAGS) $(CWARNFLAGS) $(CDEBUGFLAGS) $(COPTFLAGS) -I $(CCANDIR) $(EXTERNAL_INCLUDE_FLAGS) -I . -I$(CPATH) $(SQLITE3_CFLAGS) $(POSTGRES_INCLUDE) $(FEATURES) $(COVFLAGS) $(DEV_CFLAGS) -DSHACHAIN_BITS=48 -DJSMN_PARENT_LINKS $(PIE_CFLAGS) $(COMPAT_CFLAGS) -DBUILD_ELEMENTS=1
|
||||
CFLAGS = $(CPPFLAGS) $(CWARNFLAGS) $(CDEBUGFLAGS) $(COPTFLAGS) -I $(CCANDIR) $(EXTERNAL_INCLUDE_FLAGS) -I . -I$(CPATH) $(SQLITE3_CFLAGS) $(POSTGRES_INCLUDE) $(FEATURES) $(COVFLAGS) $(DEV_CFLAGS) -DSHACHAIN_BITS=48 -DJSMN_PARENT_LINKS $(PIE_CFLAGS) $(COMPAT_CFLAGS) $(CSANFLAGS) -DBUILD_ELEMENTS=1
|
||||
|
||||
# If CFLAGS is already set in the environment of make (to whatever value, it
|
||||
# does not matter) then it would export it to subprocesses with the above value
|
||||
@@ -268,8 +254,7 @@ unexport CFLAGS
|
||||
# We can get configurator to run a different compile cmd to cross-configure.
|
||||
CONFIGURATOR_CC := $(CC)
|
||||
|
||||
LDFLAGS += $(PIE_LDFLAGS) $(SANITIZER_FLAGS) $(COPTFLAGS)
|
||||
CFLAGS += $(SANITIZER_FLAGS)
|
||||
LDFLAGS += $(PIE_LDFLAGS) $(CSANFLAGS) $(COPTFLAGS)
|
||||
|
||||
ifeq ($(STATIC),1)
|
||||
# For MacOS, Jacob Rapoport <jacob@rumblemonkey.com> changed this to:
|
||||
|
||||
22
configure
vendored
22
configure
vendored
@@ -147,12 +147,29 @@ set_defaults()
|
||||
STATIC=${STATIC:-0}
|
||||
ASAN=${ASAN:-0}
|
||||
UBSAN=${UBSAN:-0}
|
||||
FUZZING=${FUZZING:-0}
|
||||
CSANFLAGS=""
|
||||
if [ "$ASAN" != 0 ]; then
|
||||
CSANFLAGS="$CSANFLAGS -fsanitize=address"
|
||||
if [ "$DEVELOPER" != 0 ]; then
|
||||
CSANFLAGS="$CSANFLAGS -fno-sanitize-recover=address"
|
||||
fi
|
||||
fi
|
||||
if [ "$UBSAN" != 0 ]; then
|
||||
CSANFLAGS="$CSANFLAGS -fsanitize=undefined"
|
||||
if [ "$DEVELOPER" != 0 ]; then
|
||||
CSANFLAGS="$CSANFLAGS -fno-sanitize-recover=undefined"
|
||||
fi
|
||||
fi
|
||||
if [ "$FUZZING" != 0 ]; then
|
||||
CSANFLAGS="$CSANFLAGS -fsanitize=fuzzer-no-link"
|
||||
fi
|
||||
echo CSANFLAGS = $CSANFLAGS
|
||||
PYTEST=${PYTEST-$(default_pytest)}
|
||||
COPTFLAGS=${COPTFLAGS-$(default_coptflags "$DEVELOPER")}
|
||||
CONFIGURATOR_CC=${CONFIGURATOR_CC-$CC}
|
||||
VALGRIND=${VALGRIND:-$(default_valgrind_setting)}
|
||||
TEST_NETWORK=${TEST_NETWORK:-regtest}
|
||||
FUZZING=${FUZZING:-0}
|
||||
RUST=${RUST:-$(default_rust_setting)}
|
||||
}
|
||||
|
||||
@@ -309,7 +326,7 @@ fi
|
||||
# Clean up on exit.
|
||||
trap "rm -f $CONFIG_VAR_FILE.$$" 0
|
||||
|
||||
$CONFIGURATOR --extra-tests --autotools-style --var-file=$CONFIG_VAR_FILE.$$ --header-file=$CONFIG_HEADER.$$ --configurator-cc="$CONFIGURATOR_CC" --wrapper="$CONFIGURATOR_WRAPPER" "$CC" ${CWARNFLAGS-$BASE_WARNFLAGS} $CDEBUGFLAGS $COPTFLAGS -I$CPATH -L$LIBRARY_PATH $SQLITE3_CFLAGS $POSTGRES_INCLUDE <<EOF
|
||||
$CONFIGURATOR --extra-tests --autotools-style --var-file=$CONFIG_VAR_FILE.$$ --header-file=$CONFIG_HEADER.$$ --configurator-cc="$CONFIGURATOR_CC" --wrapper="$CONFIGURATOR_WRAPPER" "$CC" ${CWARNFLAGS-$BASE_WARNFLAGS} $CDEBUGFLAGS $COPTFLAGS $CSANFLAGS -I$CPATH -L$LIBRARY_PATH $SQLITE3_CFLAGS $POSTGRES_INCLUDE <<EOF
|
||||
|
||||
var=HAVE_GOOD_LIBSODIUM
|
||||
desc=libsodium with IETF chacha20 variants
|
||||
@@ -455,6 +472,7 @@ add_var CONFIGURATOR_CC "$CONFIGURATOR_CC"
|
||||
add_var CWARNFLAGS "$CWARNFLAGS"
|
||||
add_var CDEBUGFLAGS "$CDEBUGFLAGS"
|
||||
add_var COPTFLAGS "$COPTFLAGS"
|
||||
add_var CSANFLAGS "$CSANFLAGS"
|
||||
add_var SQLITE3_CFLAGS "$SQLITE3_CFLAGS"
|
||||
add_var SQLITE3_LDLIBS "$SQLITE3_LDLIBS"
|
||||
add_var POSTGRES_INCLUDE "$POSTGRES_INCLUDE"
|
||||
|
||||
@@ -24,7 +24,7 @@ a few sanitizers for bug detections as well as experimental features for an exte
|
||||
coverage (not required though).
|
||||
|
||||
```
|
||||
DEVELOPER=1 EXPERIMENTAL_FEATURES=1 ASAN=1 UBSAN=1 VALGRIND=0 FUZZING=1 CC=clang ./configure && make
|
||||
./configure --enable-developer --enable-experimental-features --enable-address-sanitizer --enable-ub-sanitizer --enable-fuzzing --disable-valgrind CC=clang && make
|
||||
```
|
||||
|
||||
The targets will be built in `tests/fuzz/` as `fuzz-` binaries.
|
||||
|
||||
Reference in New Issue
Block a user