Re: Compiling with AddressSanitizer
On Thu, 2019-07-18 at 10:25 +0200, Florian Weimer wrote: > * Nathanael Noblet: > > >I have been using a library for awhile now and have been > > thinking > >of submitting it to Fedora. Part of what I have been doing with > > it > >was compiling it using -fsanitize=address and leak etc. I’m > > kinda > >wondering about how that is handled with Fedora packages. Are we > >able to / should we provide library package versions that are > >compiled against these kinds of sanitizers? > > Address Sanitizer does not provide ABI stability itself, and also > removes ABI stability for glibc functions. In general, you cannot > use it for distribution builds. Right, I think I didn't communicate it clearly. What I meant was having like libfoo and libfoo-sanitized or something like that that conflict with each other so you could install libfoo-sanitized for debug purposes. It seems that the answer is likely no need to do it. > > >Or if someone wants to do that they should recompile the RPM > > with > >those flags and use it locally? > > Yes, rebuilding the RPM or the upstream sources is currently the only > way. > > Thanks, > Florian ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: Compiling with AddressSanitizer
Hi Nathanael, Nathanael Noblet writes: > Hello, > >I have been using a library for awhile now and have been thinking of > submitting it to Fedora. Part of what I have been doing with it was compiling > it using -fsanitize=address and leak etc. I’m kinda wondering about how that > is handled with Fedora packages. Are we able to / should we provide library > package versions that are compiled against these kinds of sanitizers? Or if > someone wants to do that they should recompile the RPM with those flags and > use it locally? > Address sanitizer is a debugging tool and beside the issues that Florian mentioned, there are also security issues involved with running ASAN applications in production: https://www.openwall.com/lists/oss-security/2016/02/17/9 (not sure if this is still relevant though). I'd certainly suggest to build applications with ASAN, UBSAN,and MSAN, but only do that for testing. If you want to integrate this in the rpmbuild process, you could rebuild your application in %check with ASAN enabled and run its test suite. Cheers, Dan signature.asc Description: PGP signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: Compiling with AddressSanitizer
Hi Nathanael, Nathanael Noblet writes: > Hello, > >I have been using a library for awhile now and have been thinking of > submitting it to Fedora. Part of what I have been doing with it was compiling > it using -fsanitize=address and leak etc. I’m kinda wondering about how that > is handled with Fedora packages. Are we able to / should we provide library > package versions that are compiled against these kinds of sanitizers? Or if > someone wants to do that they should recompile the RPM with those flags and > use it locally? > Address sanitizer is a debugging tool and beside the issues that Florian mentioned, there are also security issues involved with running ASAN applications in production: https://www.openwall.com/lists/oss-security/2016/02/17/9 (not sure if this is still relevant though). I'd certainly suggest to build applications with ASAN, UBSAN,and MSAN, but only do that for testing. If you want to integrate this in the rpmbuild process, you could rebuild your application in %check with ASAN enabled and run its test suite. Cheers, Dan signature.asc Description: PGP signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Re: Compiling with AddressSanitizer
* Nathanael Noblet: >I have been using a library for awhile now and have been thinking >of submitting it to Fedora. Part of what I have been doing with it >was compiling it using -fsanitize=address and leak etc. I’m kinda >wondering about how that is handled with Fedora packages. Are we >able to / should we provide library package versions that are >compiled against these kinds of sanitizers? Address Sanitizer does not provide ABI stability itself, and also removes ABI stability for glibc functions. In general, you cannot use it for distribution builds. >Or if someone wants to do that they should recompile the RPM with >those flags and use it locally? Yes, rebuilding the RPM or the upstream sources is currently the only way. Thanks, Florian ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Compiling with AddressSanitizer
Hello, I have been using a library for awhile now and have been thinking of submitting it to Fedora. Part of what I have been doing with it was compiling it using -fsanitize=address and leak etc. I’m kinda wondering about how that is handled with Fedora packages. Are we able to / should we provide library package versions that are compiled against these kinds of sanitizers? Or if someone wants to do that they should recompile the RPM with those flags and use it locally? Sincerely, — Nathanael ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org