Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Enable ubsan on bootstrap nodes. #2472

Merged
merged 1 commit into from
Dec 18, 2023
Merged

feat: Enable ubsan on bootstrap nodes. #2472

merged 1 commit into from
Dec 18, 2023

Conversation

iphydf
Copy link
Member

@iphydf iphydf commented Dec 16, 2023
edited
Loading

Not all sanitizers are enabled, but the cheap ones are, making the bootstrap node quite a bit more secure at a small runtime cost.

This change is Reviewable

@iphydf
feat: Enable ubsan on bootstrap nodes.
90f7496 
Not all sanitizers are enabled, but the cheap ones are, making the
bootstrap node quite a bit more secure at a small runtime cost.
@iphydf iphydf added this to the v0.2.19 milestone Dec 16, 2023
@iphydf iphydf marked this pull request as ready for review December 16, 2023 10:47
@codecov Codecov
Copy link

codecov bot commented Dec 16, 2023

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (89b6450) 71.74% compared to head (90f7496) 71.55%.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #2472      +/-   ##
==========================================
- Coverage   71.74%   71.55%   -0.19%     
==========================================
  Files          75       75              
  Lines       25200    25200              
==========================================
- Hits        18079    18033      -46     
- Misses       7121     7167      +46

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Green-Sky
Green-Sky approved these changes Dec 16, 2023
View reviewed changes
Copy link
Member

@Green-Sky Green-Sky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cool. when the new gcc is more popular, we should look at `-fhardened' too.

nurupo
nurupo reviewed Dec 16, 2023
View reviewed changes
Copy link
Member

@nurupo nurupo left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Commit message says "enable ubsan" (Undefined Behavior Sanitizer), yet there is no -fsanitize=undefined. Seems misleading.

@iphydf
Copy link
Member Author

iphydf commented Dec 18, 2023

Commit message says "enable ubsan" (Undefined Behavior Sanitizer), yet there is no -fsanitize=undefined. Seems misleading.

https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#available-checks

All checks I've enabled are part of ubsan, and most are part of -fsanitize=undefined, which is simply a short-hand for enabling a whole bunch of them at the same time.

@iphydf iphydf merged commit 90f7496 into TokTok:master Dec 18, 2023
52 checks passed
@iphydf iphydf deleted the ubsan-bootstrap branch December 18, 2023 10:55
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nurupo nurupo nurupo left review comments

@Green-Sky Green-Sky Green-Sky approved these changes

Assignees

@iphydf iphydf

Labels
None yet
Projects
None yet
Milestone
v0.2.19
Development

Successfully merging this pull request may close these issues.
3 participants
@iphydf @nurupo @Green-Sky