From: Kirill Isakov Date: Thu, 19 Aug 2021 08:36:02 +0000 (+0600) Subject: CI: improve sanitizer runs; minor cleanups. X-Git-Url: https://git.tinc-vpn.org/git/browse?a=commitdiff_plain;h=53b239863ea0a44270d877945fa2014ec626ad01;p=tinc CI: improve sanitizer runs; minor cleanups. - sanitizers now do the full test run, as in every other job. - run all test flavors even if one of them fails. - change big-endian cross build to little-endian MIPS. --- diff --git a/.ci/conf.sh b/.ci/conf.sh index ab50277e..d075aba5 100644 --- a/.ci/conf.sh +++ b/.ci/conf.sh @@ -32,7 +32,7 @@ conf_linux() { if [ -n "${HOST:-}" ]; then case "$HOST" in armhf) triplet=arm-linux-gnueabihf ;; - mips) triplet=mips-linux-gnu ;; + mipsel) triplet=mipsel-linux-gnu ;; *) exit 1 ;; esac diff --git a/.ci/sanitizers/build.sh b/.ci/sanitizers/build.sh deleted file mode 100755 index 9276f123..00000000 --- a/.ci/sanitizers/build.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -set -euo pipefail - -dir=$(realpath "$(dirname "$0")") - -case "$SANITIZER" in -undefined) - flags='-fsanitize=integer -fsanitize=nullability' - ;; - -address) - flags='-fsanitize-address-use-after-scope -fsanitize=pointer-compare -fsanitize=pointer-subtract' - ;; - -*) - flags='' - ;; -esac - -export CPPFLAGS='-DDEBUG' -export CFLAGS="-O0 -g -fsanitize=$SANITIZER -fno-omit-frame-pointer -fno-common -fsanitize-blacklist=$dir/ignore.txt $flags" - -autoreconf -fsi -# shellcheck disable=SC2046 -./configure $(sh .ci/conf.sh) -make -j2 all extra diff --git a/.ci/sanitizers/run.sh b/.ci/sanitizers/run.sh index c2d9dad8..b615d9db 100755 --- a/.ci/sanitizers/run.sh +++ b/.ci/sanitizers/run.sh @@ -2,30 +2,37 @@ set -euo pipefail +dir=$(realpath "$(dirname "$0")") + logs="$GITHUB_WORKSPACE/sanitizer" -mkdir -p "$logs" case "$SANITIZER" in +undefined) + flags='-fsanitize=integer -fsanitize=nullability' + export UBSAN_OPTIONS="log_path=$logs/ubsan:print_stacktrace=1" + ;; + address) + flags='-fsanitize-address-use-after-scope -fsanitize=pointer-compare -fsanitize=pointer-subtract' export ASAN_OPTIONS="log_path=$logs/asan:detect_invalid_pointer_pairs=2:strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1" ;; thread) + flags='' export TSAN_OPTIONS="log_path=$logs/tsan" ;; -undefined) - export UBSAN_OPTIONS="log_path=$logs/ubsan:print_stacktrace=1" - ;; - *) echo >&2 "unknown sanitizer $SANITIZER" exit 1 ;; esac -sudo --preserve-env=ASAN_OPTIONS,TSAN_OPTIONS,UBSAN_OPTIONS \ - make check VERBOSE=1 +export CC='clang-12' +export CPPFLAGS='-DDEBUG' +export CFLAGS="-O0 -g -fsanitize=$SANITIZER -fno-omit-frame-pointer -fno-common -fsanitize-blacklist=$dir/ignore.txt $flags" + +bash .ci/test/run.sh "$@" # Check that the sanitizer has not created any log files. # If it has, fail the job to notify the developer. diff --git a/.ci/test/run.sh b/.ci/test/run.sh index 3e177882..b17d2de7 100644 --- a/.ci/test/run.sh +++ b/.ci/test/run.sh @@ -27,6 +27,8 @@ run_tests() { sudo git clean -dfx sudo chown -R "${USER:-$(whoami)}" . + mkdir -p sanitizer /tmp/logs + header "Running test flavor $flavor" autoreconf -fsi @@ -37,21 +39,16 @@ run_tests() { code=0 make check -j2 VERBOSE=1 || code=$? - mkdir -p /tmp/logs - sudo tar -c -z -f "/tmp/logs/tests.$flavor.tar.gz" test/ + sudo tar -c -z -f "/tmp/logs/tests.$flavor.tar.gz" test/ sanitizer/ return $code } -echo "system name $(uname -s)" -echo "full $(uname -a)" -echo "o $(uname -o)" - case "$(uname -s)" in Linux) if [ -n "${HOST:-}" ]; then # Needed for cross-compilation for 32-bit targets. - export CPPFLAGS='-D_FILE_OFFSET_BITS=64' + export CPPFLAGS="${CPPFLAGS:-} -D_FILE_OFFSET_BITS=64" fi ;; @@ -64,7 +61,7 @@ Darwin) nproc() { sysctl -n hw.ncpu; } gcrypt=$(brew --prefix libgcrypt) openssl=$(brew --prefix openssl) - export CPPFLAGS="-I/usr/local/include -I$gcrypt/include -I$openssl/include -I$gcrypt/include" + export CPPFLAGS="${CPPFLAGS:-} -I/usr/local/include -I$gcrypt/include -I$openssl/include -I$gcrypt/include" ;; esac diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 39c7dc75..3961cae2 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -16,10 +16,10 @@ jobs: matrix: arch: - armhf - - mips + - mipsel container: - image: debian:buster + image: debian:bullseye options: --privileged steps: @@ -32,6 +32,7 @@ jobs: - name: Prepare the system run: | sh .ci/test/prepare.sh + update-binfmts --enable rm -f /dev/net/tun - name: Run tests with default settings @@ -39,6 +40,7 @@ jobs: - name: Run tests without legacy protocol run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh nolegacy + if: always() - name: Run tests with libgcrypt run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh gcrypt @@ -46,7 +48,7 @@ jobs: - name: Upload test results uses: actions/upload-artifact@v2 with: - name: tests_cross_${{ env.ARTIFACT }} + name: tests_cross_${{ matrix.arch }} path: /tmp/logs/tests.*.tar.gz if: always() @@ -131,24 +133,18 @@ jobs: - name: Install deps run: sudo sh .ci/deps.sh - - name: Configure and compile - shell: bash - run: bash .ci/sanitizers/build.sh - env: - CC: clang-12 + - name: Sanitize tests with default settings + run: bash .ci/sanitizers/run.sh default - - name: Run tests - run: bash .ci/sanitizers/run.sh - - - name: Archive test results - run: sudo tar -c -z -f test-results.tar.gz test/ sanitizer/ + - name: Sanitize tests without legacy protocol + run: bash .ci/sanitizers/run.sh nolegacy if: always() - name: Upload test results uses: actions/upload-artifact@v2 with: - name: tests_sanitizer_${{ matrix.sanitizer }} - path: test-results.tar.gz + name: tests_${{ env.ARTIFACT }} + path: /tmp/logs/tests.*.tar.gz if: always() linux: @@ -190,6 +186,7 @@ jobs: - name: Run tests without legacy protocol run: sudo -u build CI=1 sh .ci/test/run.sh nolegacy + if: always() - name: Run tests with libgcrypt run: sudo -u build CI=1 sh .ci/test/run.sh gcrypt @@ -269,6 +266,7 @@ jobs: - name: Run tests without legacy protocol run: sh .ci/test/run.sh nolegacy + if: always() - name: Run tests with libgcrypt run: sh .ci/test/run.sh gcrypt @@ -326,6 +324,7 @@ jobs: - name: Run tests without legacy protocol shell: msys2 {0} run: sh .ci/test/run.sh nolegacy + if: always() - name: Run tests with libgcrypt shell: msys2 {0}