First of all, thank you very much for this useful list and explanations; it really helps extracting maximum power out of compilers and sanitizers.
I have a few questions about some options.
I have a Fedora 34 with Clang 12 installed, according to clang -v
:
clang version 12.0.1 (Fedora 12.0.1-1.fc34)
Target: x86_64-unknown-linux-gnu
I tried compiling a simple program using the options in the "Clang TL;DR" list, while also using the options for "AddressSanitizer + UndefinedBehaviorSanitizer", that is:
clang err.c -O2 -Walloca -Wcast-qual -Wconversion -Wformat=2 -Wformat-security -Wnull-dereference \
-Wstack-protector -Wstrict-overflow=3 -Wvla -Warray-bounds -Warray-bounds-pointer-arithmetic \
-Wassign-enum -Wbad-function-cast -Wconditional-uninitialized -Wconversion -Wfloat-equal \
-Wformat-type-confusion -Widiomatic-parentheses -Wimplicit-fallthrough -Wloop-analysis -Wpointer-arith \
-Wshift-sign-overflow -Wshorten-64-to-32 -Wswitch-enum -Wtautological-constant-in-range-compare \
-Wunreachable-code-aggressive -D_FORTIFY_SOURCE=2 -fstack-protector-strong -fsanitize=safe-stack \
-fPIE -fstack-clash-protection -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -Wl,-z,separate-code -fsanitize=address \
-fsanitize=leak -fno-omit-frame-pointer -fsanitize=undefined -fsanitize=bounds-strict \
-fsanitize=float-divide-by-zero -fsanitize=float-cast-overflow -fsanitize=integer -fsanitize-no-recover
I got the following error message:
clang-12: error: unknown argument: '-fsanitize-no-recover'
clang-12: error: unsupported argument 'bounds-strict' to option 'fsanitize='
clang-12: error: invalid argument '-fsanitize=safe-stack' not allowed with '-fsanitize=leak'
Indeed, there is a mention elsewhere in the page of option -fno-sanitize-recover
, so it seems that -fsanitize-no-recover
might be a typo. Could you please confirm it? Or is it a different option?
About -fsanitize=bounds-strict
, I found references to it on Google but only for GCC, not for Clang/LLVM. But I couldn't find a definitive list of options concerning all sanitizers, so maybe my Clang is missing them? Could you please confirm, or offer more details about the version of Clang you are using where this option works?
About the incompatibility between SafeStack and Leak, I couldn't find any mentions in their documentation, but they don't typically list all incompatibilities (which would be hard to do and keep up-to-date), so I wonder if I took a bit too literally the comment "Run debug/test builds with sanitizers (in addition to the flags above)", by combining all flags. Or is there a way to run them together? I'd appreciate if you could clarify it (or just confirm that, indeed, mixing both does not work).
Finally, after removing -fsanitize=leak
, I still got an error: clang-12: error: invalid argument '-fsanitize=safe-stack' not allowed with '-fsanitize=address'
. So, I ended up removing -fsanitize=safe-stack
and putting back -fsanitize=leak
, and this time I had no more errors. Once again, I wonder if this is specific to my configuration.