GHA/linux: try disabling unity for sanitizers

test more 1 fixups fixups2 fixups3 build Debug try bounce try something try something cont readd integer try bumping to gcc-14 for gcc sanitizier jobs reduce linux.yml sort san options add `leak`
2026-04-15 06:01:42 +03:00 · 2026-03-02 01:46:13 +01:00 · 2026-03-02 01:46:13 +01:00 · e39b490946
commit e39b490946
parent 2e5acc1b15
1 changed files with 24 additions and 7 deletions
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@ -345,18 +345,35 @@ jobs:
            install_packages: clang-20 libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2
            install_steps: pytest randcurl
            CC: clang-20
-            CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g
-            LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer -ldl -lubsan
-            generate: -DENABLE_DEBUG=ON -DCURL_USE_LIBSSH=ON
+            CFLAGS: -fsanitize=address,bounds,integer,leak,signed-integer-overflow,undefined -fno-sanitize-recover=address,bounds,integer,leak,signed-integer-overflow,undefined
+            LDFLAGS: -fsanitize=address,bounds,integer,leak,signed-integer-overflow,undefined -fno-sanitize-recover=address,bounds,integer,leak,signed-integer-overflow,undefined -ldl -lubsan
+            generate: -DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DCURL_USE_LIBSSH=ON -DCMAKE_BUILD_TYPE=Debug
+
+          - name: 'address-sanitizer (gcc CM)'
+            install_packages: gcc-14 libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2
+            install_steps: pytest randcurl
+            CFLAGS: -fsanitize=address,undefined,bounds,signed-integer-overflow -fno-sanitize-recover=address,undefined,bounds,signed-integer-overflow
+            LDFLAGS: -fsanitize=address,undefined,bounds,signed-integer-overflow -fno-sanitize-recover=address,undefined,bounds,signed-integer-overflow -ldl -lubsan
+            CC: gcc-14
+            generate: -DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DCURL_USE_LIBSSH=ON -DCMAKE_BUILD_TYPE=Debug
+
+          - name: 'address-sanitizer (gcc AM)'
+            install_packages: gcc-14 libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2
+            install_steps: pytest randcurl
+            CFLAGS: -fsanitize=address,undefined,bounds,signed-integer-overflow -fno-sanitize-recover=address,undefined,bounds,signed-integer-overflow
+            LDFLAGS: -fsanitize=address,undefined,bounds,signed-integer-overflow -fno-sanitize-recover=address,undefined,bounds,signed-integer-overflow
+            LIBS: -ldl -lubsan
+            CC: gcc-14
+            configure: --enable-debug --with-openssl --with-libssh

          - name: 'address-sanitizer H3 c-ares'
            install_packages: clang-20 libubsan1 libasan8 libtsan2
            install_steps: pytest
            install_steps_brew: openssl libssh2 libngtcp2 libnghttp3 c-ares
            CC: clang-20
-            CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g
-            LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer -ldl -lubsan -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/c-ares/lib
-            PKG_CONFIG_PATH: "\
+            CFLAGS: -fsanitize=address,bounds,integer,leak,signed-integer-overflow,undefined -fno-sanitize-recover=address,bounds,integer,leak,signed-integer-overflow,undefined
+            LDFLAGS: -fsanitize=address,bounds,integer,leak,signed-integer-overflow,undefined -fno-sanitize-recover=address,bounds,integer,leak,signed-integer-overflow,undefined -ldl -lubsan -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/c-ares/lib
+            PKG_CONFIG_PATH: "
              /home/linuxbrew/.linuxbrew/opt/libssh2/lib/pkgconfig:\
              /home/linuxbrew/.linuxbrew/opt/libngtcp2/lib/pkgconfig:\
              /home/linuxbrew/.linuxbrew/opt/libnghttp3/lib/pkgconfig:\
@ -369,7 +386,7 @@ jobs:
            CC: clang-20
            CFLAGS: -fsanitize=thread -g
            LDFLAGS: -fsanitize=thread
-            generate: -DOPENSSL_ROOT_DIR=/home/runner/openssl -DENABLE_DEBUG=ON
+            generate: -DOPENSSL_ROOT_DIR=/home/runner/openssl -DENABLE_DEBUG=ON -DCMAKE_UNITY_BUILD=OFF

          - name: 'memory-sanitizer'
            install_packages: clang-20