[gjs] maint: add ASAN Address Sanitizer

[Philip Chimento <pchimento src gnome org>]

commit 98830739c83e8807ee2e499f095e26f8a069309f
Author: Claudio André <claudioandre br gmail com>
Date:   Mon Aug 14 22:37:33 2017 -0300

    maint: add ASAN Address Sanitizer
    
    AddressSanitizer (or ASan) is a programming tool that detects memory
    corruption bugs such as buffer overflows or use after free. AddressSanitizer
    is based on compiler instrumentation.
    
    UndefinedBehaviorSanitizer (or UBSan) is a fast undefined behavior
    detector. It modifies the program at compile-time to catch errors
    such as using misaligned or null pointer and signed integer overflow.
    
    The llvm.org states that Sanitizers have found thousands of bugs everywhere.
    Sanitizers running during CI can prevent bugs from taking up residence. They
    are helper tools to maintain bugs out.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=783220

 Makefile.am    |    7 ++++---
 configure.ac   |   34 ++++++++++++++++++++++++++++++++++
 doc/Hacking.md |   16 ++++++++++++++++
 3 files changed, 54 insertions(+), 3 deletions(-)
---
diff --git a/Makefile.am b/Makefile.am
index 38d0406..ef4daeb 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -59,9 +59,10 @@ libgjs_la_CPPFLAGS =         \
        $(gjs_directory_defines)\
        -I$(top_srcdir)/gi      \
        -DGJS_COMPILATION
-libgjs_la_LDFLAGS =            \
-       -export-symbols-regex "^[^_]" -version-info 0:0:0       \
-       -no-undefined \
+libgjs_la_LDFLAGS =                    \
+       -export-symbols-regex "^[^_]"   \
+       -version-info 0:0:0             \
+       $(NO_UNDEFINED_FLAG)            \
        $(NULL)
 libgjs_la_LIBADD =             \
        $(GJS_LIBS)
diff --git a/configure.ac b/configure.ac
index 4e8428d..c99bb7e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -204,6 +204,40 @@ AC_COMPILE_IFELSE([AC_LANG_SOURCE([[
 ])
 CPPFLAGS="$CPPFLAGS_save"
 
+dnl
+dnl Check for -fsanitize=address and -fsanitize=undefined support
+dnl
+AC_ARG_ENABLE([asan],
+  [AS_HELP_STRING([--enable-asan], [Build with address sanitizer support @<:@default: no@:>@])])
+
+AS_IF([test "x$enable_asan" = "xyes"], [
+  AX_CHECK_COMPILE_FLAG([-fsanitize=address -fno-omit-frame-pointer -g], [
+    AX_CHECK_LINK_FLAG([-fsanitize=address], [SAN_FLAGS="-fsanitize=address"])
+  ])
+])
+
+AC_ARG_ENABLE([ubsan],
+  [AS_HELP_STRING([--enable-ubsan], [Build with undefined behavior sanitizer support @<:@default: no@:>@])])
+
+AS_IF([test "x$enable_ubsan" = "xyes"], [
+  AX_CHECK_COMPILE_FLAG([-fsanitize=undefined -fno-omit-frame-pointer -g], [
+    AX_CHECK_LINK_FLAG([-fsanitize=undefined],
+      [SAN_FLAGS="$SAN_FLAGS -fsanitize=undefined"])
+  ])
+])
+
+# According to https://github.com/google/sanitizers/issues/380, asan is not
+# compatible with -no-undefined.
+NO_UNDEFINED_FLAG=-no-undefined
+AS_IF([test -n "${SAN_FLAGS}"], [
+    GJS_CFLAGS="$GJS_CFLAGS $SAN_FLAGS -fno-omit-frame-pointer -g"
+    # We have to clobber LDFLAGS here and not use AM_LDFLAGS, or else
+    # g-ir-scanner will not pick it up.
+    LDFLAGS="$LDFLAGS $SAN_FLAGS"
+    NO_UNDEFINED_FLAG=
+])
+AC_SUBST([NO_UNDEFINED_FLAG])
+
 AC_ARG_WITH([xvfb-tests],
   [AS_HELP_STRING([--with-xvfb-tests],
     [Run all tests under an XVFB server @<:@default=no@:>@])])
diff --git a/doc/Hacking.md b/doc/Hacking.md
index 0da343e..fd8a555 100644
--- a/doc/Hacking.md
+++ b/doc/Hacking.md
@@ -100,6 +100,22 @@ It is a versatile tool that can check non-standard code, including: variable
 checking, bounds checking, leaks, etc. It can detect the types of bugs that
 the compilers normally fail to detect.
 
+### Sanitizers ###
+
+To add instrumentation code to gjs, put this (both, or any one of them) in
+your JHBuild configuration file:
+```python
+module_autogenargs['gjs'] = '--enable-asan --enable-ubsan'
+```
+
+Sanitizers are based on compile-time instrumentation. They are available
+in gcc and clang for a range of supported operating systems and
+platforms.
+
+Please, keep in mind that instrumentation is limited by execution coverage. So,
+if your "testing" session never reaches a particular point of execution, then
+instrumentation at that point collects no data.
+
 ### Test Coverage ###
 
 To generate a test coverage report, put this in your JHBuild