Commit 98830739 authored by Claudio André's avatar Claudio André Committed by Philip Chimento

maint: add ASAN Address Sanitizer

AddressSanitizer (or ASan) is a programming tool that detects memory
corruption bugs such as buffer overflows or use after free. AddressSanitizer
is based on compiler instrumentation.

UndefinedBehaviorSanitizer (or UBSan) is a fast undefined behavior
detector. It modifies the program at compile-time to catch errors
such as using misaligned or null pointer and signed integer overflow.

The states that Sanitizers have found thousands of bugs everywhere.
Sanitizers running during CI can prevent bugs from taking up residence. They
are helper tools to maintain bugs out.
parent 291fa4e6
......@@ -59,9 +59,10 @@ libgjs_la_CPPFLAGS = \
-I$(top_srcdir)/gi \
libgjs_la_LDFLAGS = \
-export-symbols-regex "^[^_]" -version-info 0:0:0 \
-no-undefined \
libgjs_la_LDFLAGS = \
-export-symbols-regex "^[^_]" \
-version-info 0:0:0 \
libgjs_la_LIBADD = \
......@@ -204,6 +204,40 @@ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[
dnl Check for -fsanitize=address and -fsanitize=undefined support
[AS_HELP_STRING([--enable-asan], [Build with address sanitizer support @<:@default: no@:>@])])
AS_IF([test "x$enable_asan" = "xyes"], [
AX_CHECK_COMPILE_FLAG([-fsanitize=address -fno-omit-frame-pointer -g], [
AX_CHECK_LINK_FLAG([-fsanitize=address], [SAN_FLAGS="-fsanitize=address"])
[AS_HELP_STRING([--enable-ubsan], [Build with undefined behavior sanitizer support @<:@default: no@:>@])])
AS_IF([test "x$enable_ubsan" = "xyes"], [
AX_CHECK_COMPILE_FLAG([-fsanitize=undefined -fno-omit-frame-pointer -g], [
[SAN_FLAGS="$SAN_FLAGS -fsanitize=undefined"])
# According to, asan is not
# compatible with -no-undefined.
AS_IF([test -n "${SAN_FLAGS}"], [
GJS_CFLAGS="$GJS_CFLAGS $SAN_FLAGS -fno-omit-frame-pointer -g"
# We have to clobber LDFLAGS here and not use AM_LDFLAGS, or else
# g-ir-scanner will not pick it up.
[Run all tests under an XVFB server @<:@default=no@:>@])])
......@@ -100,6 +100,22 @@ It is a versatile tool that can check non-standard code, including: variable
checking, bounds checking, leaks, etc. It can detect the types of bugs that
the compilers normally fail to detect.
### Sanitizers ###
To add instrumentation code to gjs, put this (both, or any one of them) in
your JHBuild configuration file:
module_autogenargs['gjs'] = '--enable-asan --enable-ubsan'
Sanitizers are based on compile-time instrumentation. They are available
in gcc and clang for a range of supported operating systems and
Please, keep in mind that instrumentation is limited by execution coverage. So,
if your "testing" session never reaches a particular point of execution, then
instrumentation at that point collects no data.
### Test Coverage ###
To generate a test coverage report, put this in your JHBuild
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment