From f144df31352a3912693c47995faea3c50af569db Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Sat, 5 Dec 2020 17:31:43 -0800 Subject: [PATCH 1/2] doc: mention static and dynamic checking * doc/gnulib-readme.texi (High Quality): Add a bit of advice for static and dynamic checking. --- ChangeLog | 4 ++++ doc/gnulib-readme.texi | 22 ++++++++++++++++++++++ 2 files changed, 26 insertions(+) diff --git a/ChangeLog b/ChangeLog index 72895ac78..d07d96878 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ 2020-12-05 Paul Eggert + doc: mention static and dynamic checking + * doc/gnulib-readme.texi (High Quality): Add a bit of advice + for static and dynamic checking. + intprops: Add INT_ADD_OK etc. * doc/intprops.texi (Checking Integer Overflow): New section. * lib/intprops.h: From a suggestion by Bruno Haible in: diff --git a/doc/gnulib-readme.texi b/doc/gnulib-readme.texi index 4775fa89a..a2a59628b 100644 --- a/doc/gnulib-readme.texi +++ b/doc/gnulib-readme.texi @@ -529,3 +529,25 @@ break. This means that before any change can be committed to the repository, a test suite program must be produced that exposes the bug for regression testing. All experimental work should be done on branches to help promote this. + +When compiling and testing Gnulib and Gnulib-using programs, certain +compiler options can help improve reliability. The +@code{manywarnings} module enables several forms of static checking in +GCC and related compilers (@pxref{manywarnings}). For dynamic checking, +you can run @code{configure} with @code{CFLAGS} options appropriate +for your compiler. For example: + +@example +./configure \ + CFLAGS='-g3 -O2'\ +' -D_FORTIFY_SOURCE=2'\ +' -fsanitize=undefined'\ +' -fsanitize-undefined-trap-on-error' +@end example + +@noindent +Here, @code{-D_FORTIFY_SOURCE=2} enables extra security hardening +checks in the GNU C library, @code{-fsanitize=undefined} enables GCC's +undefined behavior sanitizer (@code{ubsan}), and +@code{-fsanitize-undefined-trap-on-error} prevents @code{ubsan}'s +linking to unnecessary libraries like @code{libstdc++}. -- 2.27.0