Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add sanitizer build option when building a file #27

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

gabor-mezei-arm
Copy link
Contributor

@gabor-mezei-arm gabor-mezei-arm commented Jun 12, 2024

Add the -fsanitize build option for C file building in the scripts.

When MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN is set, the check_config.h have a check for the memory sanitizer is enabled in the compiler. This can cause build error when reading the configuration from the scripts.

Sanitizer presence can be checked in the library and can cause build error
if missing.

Signed-off-by: Gabor Mezei <[email protected]>
@gabor-mezei-arm gabor-mezei-arm added bug Something isn't working needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review size-s Estimated task size: small (~2d) priority-high High priority - will be reviewed soon labels Jun 12, 2024
@gabor-mezei-arm gabor-mezei-arm self-assigned this Jun 12, 2024
@gilles-peskine-arm gilles-peskine-arm self-requested a review June 14, 2024 12:30
Copy link
Contributor

@gilles-peskine-arm gilles-peskine-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Originally c_build_helper was only used as part of make generated_files, in scripts that expect the original configuration but also work if a different set of options are commented out. I wonder if we should focus on that objective or instead make the code more general. This pull request makes the code more general, but I wonder if this is the right direction.

One thing that's been bothering me (and some users) is that this script assumes a native C compiler, but honors CC and now CFLAGS. It was a deliberate choice not to honor CFLAGS to make it work at least in some cases of cross compilation (if your CC is a multi-architecture compiler like clang, and it's CFLAGS that causes the compilation to be cross-compilation).

Maybe instead of fiddling with CFLAGS, we should instead act on the configuration, and try to ensure that the compilation runs in a “good” configuration?

How did this problem come up anyway? Trying to run make generated_files with a modified configuration? (That doesn't always work, which is why I almost always do my non-default-configuration builds by setting MBEDTLS_CONFIG_FILE or using an extra include directory containing mbedtls/mbedtls_config.h, instead of editing include/mbedtls/mbedtls_config.h.)

# When using cmake the sanitizer usage can be read from the cache file.
if os.path.isfile(CMAKE_CACHE_FILE):
with open(CMAKE_CACHE_FILE, 'r', encoding='utf-8') as file:
m = re.findall(CMAKE_SANITIZER_REGEXP, file.read(), re.DOTALL)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why re.findall and not re.search since we only use the first hit?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working needs-design-approval needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review priority-high High priority - will be reviewed soon size-s Estimated task size: small (~2d)
Projects
Development

Successfully merging this pull request may close these issues.

2 participants