On 07/15/2015 06:19 PM, Richard Hipp wrote: > On 7/15/15, T?r?k Edwin <edwin+sqlite3 at etorok.net> wrote: >> On 07/15/2015 12:05 AM, Richard Hipp wrote: >> >> I've run the address and undefined behaviour sanitizer (+ usual hardening >> and bug finding flags from Debian) from GCC 4.9.2 on Debian Jessie on this >> fossil checkout: a73d7128fbca8dde5e90bd46ee915e39ae07dd1f 2015-07-14 >> 22:43:37 UTC >> (the snapshots tarballs don't seem to include the tests). >> >> I found some issues, but they look more like bugs in the sanitizer or the >> test runner than bugs in sqlite, but I'm posting it here just to >> double-check: >> >> $ ./configure CFLAGS="-g -O2 -Werror=array-bounds -Werror=clobbered >> -Werror=volatile-register-var -Werror=implicit-function-declaration -fPIE >> -fstack-protector-strong -Wformat -Werror=format-security -fsanitize=address >> -fsanitize=undefined -fno-omit-frame-pointer" CPPFLAGS="-D_FORTIFY_SOURCE=2" >> LDFLAGS="-fPIE -pie -Wl,-z,relro -Wl,-z,now -fsanitize=address >> -fsanitize=undefined -pthread" --enable-debug --enable-threadsafe > > I guess you need GCC 4.9.x for this, because when I try the above > using Ubuntu 14.04LTS (Gcc 4.8.4) I get: > > checking whether the C compiler works... no >
Probably due to -fstack-protector-strong (which is not relevant for this bug), try this simplified cmdline instead: $ ./configure CFLAGS="-g -O2 -fsanitize=address -fsanitize=undefined -fno-omit-frame-pointer" CPPFLAGS="-D_FORTIFY_SOURCE=2" LDFLAGS="-fsanitize=address -fsanitize=undefined -pthread" --enable-debug --enable-threadsafe $ make fuzzcheck $ ./fuzzcheck test/fuzzdata3.db Should work with clang too (if you set CC=clang).
