From c26f8c98ad83fa982b43a29dec891ee35013d7ca Mon Sep 17 00:00:00 2001 From: Henson Choi Date: Fri, 12 Jun 2026 09:38:05 +0900 Subject: [PATCH v2 3/3] Filter sanitizer flags from the LLVM JIT bitcode in the autoconf build Sanitizer instrumentation in the JIT bitcode corrupts the JIT code generator: any JIT-compiled query crashes the backend with SIGILL. The autoconf build rebuilds BITCODE_CFLAGS from a whitelist and does not normally let sanitizer flags in, but filter them out of BITCODE_CFLAGS/BITCODE_CXXFLAGS explicitly to also cover flags supplied through those variables, and warn when any are stripped. Also add -g to the bitcode flags under --enable-debug so the JIT bitcode carries debug info; sanitizer flags stay excluded, so this is safe. Author: Henson Choi --- configure | 26 ++++++++++++++++++++++++++ configure.ac | 26 ++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) diff --git a/configure b/configure index 5f77f3cac29..a5301192625 100755 --- a/configure +++ b/configure @@ -7620,10 +7620,12 @@ fi # supply -g if --enable-debug if test "$enable_debug" = yes && test "$ac_cv_prog_cc_g" = yes; then CFLAGS="$CFLAGS -g" + BITCODE_CFLAGS="$BITCODE_CFLAGS -g" fi if test "$enable_debug" = yes && test "$ac_cv_prog_cxx_g" = yes; then CXXFLAGS="$CXXFLAGS -g" + BITCODE_CXXFLAGS="$BITCODE_CXXFLAGS -g" fi # enable code coverage if --enable-coverage @@ -7668,6 +7670,30 @@ CXXFLAGS="$CXXFLAGS $user_CXXFLAGS" BITCODE_CFLAGS="$BITCODE_CFLAGS $user_BITCODE_CFLAGS" BITCODE_CXXFLAGS="$BITCODE_CXXFLAGS $user_BITCODE_CXXFLAGS" +# Sanitizer instrumentation must never reach the JIT bitcode: it corrupts the +# JIT code generator (JIT-compiled queries crash with SIGILL). Filter it out, +# mirroring the meson build, and warn when we do. +pgac_tmp="" +pgac_san_stripped=no +for pgac_flag in $BITCODE_CFLAGS; do + case $pgac_flag in + *sanitize*) pgac_san_stripped=yes ;; + *) pgac_tmp="$pgac_tmp $pgac_flag" ;; + esac +done +BITCODE_CFLAGS=$pgac_tmp +pgac_tmp="" +for pgac_flag in $BITCODE_CXXFLAGS; do + case $pgac_flag in + *sanitize*) pgac_san_stripped=yes ;; + *) pgac_tmp="$pgac_tmp $pgac_flag" ;; + esac +done +BITCODE_CXXFLAGS=$pgac_tmp +if test "$pgac_san_stripped" = yes; then + $as_echo "$as_me: WARNING: stripping sanitizer flags from JIT bitcode; JIT-compiled code will not be instrumented" >&2 +fi + diff --git a/configure.ac b/configure.ac index 61cee42daa7..e5e6abf6a95 100644 --- a/configure.ac +++ b/configure.ac @@ -725,10 +725,12 @@ fi # supply -g if --enable-debug if test "$enable_debug" = yes && test "$ac_cv_prog_cc_g" = yes; then CFLAGS="$CFLAGS -g" + BITCODE_CFLAGS="$BITCODE_CFLAGS -g" fi if test "$enable_debug" = yes && test "$ac_cv_prog_cxx_g" = yes; then CXXFLAGS="$CXXFLAGS -g" + BITCODE_CXXFLAGS="$BITCODE_CXXFLAGS -g" fi # enable code coverage if --enable-coverage @@ -772,6 +774,30 @@ CXXFLAGS="$CXXFLAGS $user_CXXFLAGS" BITCODE_CFLAGS="$BITCODE_CFLAGS $user_BITCODE_CFLAGS" BITCODE_CXXFLAGS="$BITCODE_CXXFLAGS $user_BITCODE_CXXFLAGS" +# Sanitizer instrumentation must never reach the JIT bitcode: it corrupts the +# JIT code generator (JIT-compiled queries crash with SIGILL). Filter it out, +# mirroring the meson build, and warn when we do. +pgac_tmp="" +pgac_san_stripped=no +for pgac_flag in $BITCODE_CFLAGS; do + case $pgac_flag in + *sanitize*) pgac_san_stripped=yes ;; + *) pgac_tmp="$pgac_tmp $pgac_flag" ;; + esac +done +BITCODE_CFLAGS=$pgac_tmp +pgac_tmp="" +for pgac_flag in $BITCODE_CXXFLAGS; do + case $pgac_flag in + *sanitize*) pgac_san_stripped=yes ;; + *) pgac_tmp="$pgac_tmp $pgac_flag" ;; + esac +done +BITCODE_CXXFLAGS=$pgac_tmp +if test "$pgac_san_stripped" = yes; then + AC_MSG_WARN([stripping sanitizer flags from JIT bitcode; JIT-compiled code will not be instrumented]) +fi + AC_SUBST(BITCODE_CFLAGS) AC_SUBST(BITCODE_CXXFLAGS) -- 2.47.3