From e39b490946398c09d64aecbf830faa32d80f5dbd Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 2 Mar 2026 01:46:13 +0100 Subject: [PATCH] GHA/linux: try disabling unity for sanitizers test more 1 fixups fixups2 fixups3 build Debug try bounce try something try something cont readd integer try bumping to gcc-14 for gcc sanitizier jobs reduce linux.yml sort san options add `leak` --- .github/workflows/linux.yml | 31 ++++++++++++++++++++++++------- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 44a52dca6a..cdaefb3bb7 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -345,18 +345,35 @@ jobs: install_packages: clang-20 libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2 install_steps: pytest randcurl CC: clang-20 - CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g - LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer -ldl -lubsan - generate: -DENABLE_DEBUG=ON -DCURL_USE_LIBSSH=ON + CFLAGS: -fsanitize=address,bounds,integer,leak,signed-integer-overflow,undefined -fno-sanitize-recover=address,bounds,integer,leak,signed-integer-overflow,undefined + LDFLAGS: -fsanitize=address,bounds,integer,leak,signed-integer-overflow,undefined -fno-sanitize-recover=address,bounds,integer,leak,signed-integer-overflow,undefined -ldl -lubsan + generate: -DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DCURL_USE_LIBSSH=ON -DCMAKE_BUILD_TYPE=Debug + + - name: 'address-sanitizer (gcc CM)' + install_packages: gcc-14 libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2 + install_steps: pytest randcurl + CFLAGS: -fsanitize=address,undefined,bounds,signed-integer-overflow -fno-sanitize-recover=address,undefined,bounds,signed-integer-overflow + LDFLAGS: -fsanitize=address,undefined,bounds,signed-integer-overflow -fno-sanitize-recover=address,undefined,bounds,signed-integer-overflow -ldl -lubsan + CC: gcc-14 + generate: -DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DCURL_USE_LIBSSH=ON -DCMAKE_BUILD_TYPE=Debug + + - name: 'address-sanitizer (gcc AM)' + install_packages: gcc-14 libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2 + install_steps: pytest randcurl + CFLAGS: -fsanitize=address,undefined,bounds,signed-integer-overflow -fno-sanitize-recover=address,undefined,bounds,signed-integer-overflow + LDFLAGS: -fsanitize=address,undefined,bounds,signed-integer-overflow -fno-sanitize-recover=address,undefined,bounds,signed-integer-overflow + LIBS: -ldl -lubsan + CC: gcc-14 + configure: --enable-debug --with-openssl --with-libssh - name: 'address-sanitizer H3 c-ares' install_packages: clang-20 libubsan1 libasan8 libtsan2 install_steps: pytest install_steps_brew: openssl libssh2 libngtcp2 libnghttp3 c-ares CC: clang-20 - CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g - LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer -ldl -lubsan -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/c-ares/lib - PKG_CONFIG_PATH: "\ + CFLAGS: -fsanitize=address,bounds,integer,leak,signed-integer-overflow,undefined -fno-sanitize-recover=address,bounds,integer,leak,signed-integer-overflow,undefined + LDFLAGS: -fsanitize=address,bounds,integer,leak,signed-integer-overflow,undefined -fno-sanitize-recover=address,bounds,integer,leak,signed-integer-overflow,undefined -ldl -lubsan -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/c-ares/lib + PKG_CONFIG_PATH: " /home/linuxbrew/.linuxbrew/opt/libssh2/lib/pkgconfig:\ /home/linuxbrew/.linuxbrew/opt/libngtcp2/lib/pkgconfig:\ /home/linuxbrew/.linuxbrew/opt/libnghttp3/lib/pkgconfig:\ @@ -369,7 +386,7 @@ jobs: CC: clang-20 CFLAGS: -fsanitize=thread -g LDFLAGS: -fsanitize=thread - generate: -DOPENSSL_ROOT_DIR=/home/runner/openssl -DENABLE_DEBUG=ON + generate: -DOPENSSL_ROOT_DIR=/home/runner/openssl -DENABLE_DEBUG=ON -DCMAKE_UNITY_BUILD=OFF - name: 'memory-sanitizer' install_packages: clang-20