Bug #46736 for bind9-public: Add Address Sanitizer (ASAN) and Undefined Behaviour Sanitizer builds in the CI

Report information

The Basics

Id:

46736

Status:

resolved

Priority:

Low/Low

Queue:

bind9-public

People

Owner:

Stephen Morris <stephen@isc.org> (email delivery suspended)

Requestors:

Ondrej Sury <ondrej@isc.org>

Cc:

AdminCc:

BugTracker

Version Fixed:

(no value)

Version Found:

(no value)

Versions Affected:

(no value)

Versions Planned:

(no value)

Priority:

(no value)

Severity:

(no value)

CVSS Score:

(no value)

CVE ID:

(no value)

Component:

(no value)

Area:

feature

Dates

Created:	Thu, 30 Nov 2017 07:28:04 -0500
Updated:	Thu, 26 Apr 2018 11:21:53 -0400
Closed:	Thu, 26 Apr 2018 11:21:53 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History

Thu, 30 Nov 2017 07:28:04 -0500 Ondrej Sury <ondrej@isc.org> - Ticket created

From:	ondrej@isc.org
To:	bind9-public@isc.org
Subject:	Add Address Sanitizer (ASAN) and Undefined Behaviour Sanitizer builds in the CI
Date:	Thu, 30 Nov 2017 12:28:04 +0000

Clang comes with ASAN and UBSAN[2] Sanitizers and we should have a CI testing scenario that compiles BIND 9 with both and runs the full test suite. The minimum would be to install fairly recent Clang[3] or GCC[4] into the CI VM and run something like this: CC=clang CXX=clang CFLAGS="-O2 -g -fsanitize=address -fsanitize=undefined" ./configure <possibly_enable_all_options_that_affect_code_and_testing> make check 1. https://clang.llvm.org/docs/AddressSanitizer.html 2. https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html 3. at least LLVM 3.3 for UBSAN and LLVM 3.1 for ASAN 4. at least 4.9 for UBSAN and 4.8 for ASAN I believe that this should be done before the 9.12 final release (and I am sorry I haven't thought about this sooner).

Thu, 30 Nov 2017 07:28:44 -0500 Ondrej Sury <ondrej@isc.org> - Status changed from 'new' to 'qa'

Thu, 30 Nov 2017 07:28:44 -0500 Ondrej Sury <ondrej@isc.org> - Given to Stephen Morris <stephen@isc.org>

Thu, 30 Nov 2017 08:53:44 -0500 Ondrej Sury <ondrej@isc.org> - Correspondence added

ASAN and UBSAN can't be used together, so at least two run instances needs to be added. Both will need "-fsanitize=<foo>" in LDFLAGS too, so this will be: CFLAGS="-fsanitize=address -O2 -g" LDFLAGS="-fsanitize=address" ./configure and CFLAGS="-fsanitize=undefined -O2 -g" LDFLAGS="-fsanitize=undefined" ./configure

Thu, 26 Apr 2018 11:21:52 -0400 Stephen Morris <stephen@isc.org> - Correspondence added

Just noticed that this ticket has not been closed. Jenkins compiles BIND both -fsanitize=address and -fsanitize=undefined on a regular basis.

Thu, 26 Apr 2018 11:21:53 -0400 Stephen Morris <stephen@isc.org> - Status changed from 'qa' to 'resolved'