|
|
a3e2b5 |
From d84b1c62b9739e9c043a717aecec2da181eb9df7 Mon Sep 17 00:00:00 2001
|
|
|
a3e2b5 |
From: Frantisek Sumsal <fsumsal@redhat.com>
|
|
|
a3e2b5 |
Date: Sat, 23 Feb 2019 17:10:55 +0100
|
|
|
a3e2b5 |
Subject: [PATCH] travis: enable ASan and UBSan on RHEL8
|
|
|
a3e2b5 |
|
|
|
a3e2b5 |
Resolves: #1683319
|
|
|
a3e2b5 |
rhel-only
|
|
|
a3e2b5 |
---
|
|
|
a3e2b5 |
.travis.yml | 23 ++++++-
|
|
|
a3e2b5 |
ci/travis-centos-rhel8.sh | 138 +++++++++++++++++++++++---------------
|
|
|
a3e2b5 |
2 files changed, 105 insertions(+), 56 deletions(-)
|
|
|
a3e2b5 |
|
|
|
a3e2b5 |
diff --git a/.travis.yml b/.travis.yml
|
|
|
a3e2b5 |
index c5c9c345a9..67677bdf06 100644
|
|
|
a3e2b5 |
--- a/.travis.yml
|
|
|
a3e2b5 |
+++ b/.travis.yml
|
|
|
a3e2b5 |
@@ -8,8 +8,7 @@ env:
|
|
|
a3e2b5 |
|
|
|
a3e2b5 |
jobs:
|
|
|
a3e2b5 |
include:
|
|
|
a3e2b5 |
- - stage: Build & test
|
|
|
a3e2b5 |
- name: CentOS 7
|
|
|
a3e2b5 |
+ - name: CentOS 7
|
|
|
a3e2b5 |
language: bash
|
|
|
a3e2b5 |
env:
|
|
|
a3e2b5 |
- CENTOS_RELEASE="centos7"
|
|
|
a3e2b5 |
@@ -28,3 +27,23 @@ jobs:
|
|
|
a3e2b5 |
- set +e
|
|
|
a3e2b5 |
after_script:
|
|
|
a3e2b5 |
- $CI_ROOT/travis-centos-${RHEL_VERSION}.sh CLEANUP
|
|
|
a3e2b5 |
+
|
|
|
a3e2b5 |
+ - name: CentOS 7 (ASan+UBSan)
|
|
|
a3e2b5 |
+ language: bash
|
|
|
a3e2b5 |
+ env:
|
|
|
a3e2b5 |
+ - CENTOS_RELEASE="centos7"
|
|
|
a3e2b5 |
+ - CONT_NAME="systemd-centos-$CENTOS_RELEASE"
|
|
|
a3e2b5 |
+ - DOCKER_EXEC="docker exec -ti $CONT_NAME"
|
|
|
a3e2b5 |
+ before_install:
|
|
|
a3e2b5 |
+ - sudo apt-get -y -o Dpkg::Options::="--force-confnew" install docker-ce
|
|
|
a3e2b5 |
+ - docker --version
|
|
|
a3e2b5 |
+ install:
|
|
|
a3e2b5 |
+ - if [ -f meson.build ]; then RHEL_VERSION=rhel8; else RHEL_VERSION=rhel7; fi
|
|
|
a3e2b5 |
+ - $CI_ROOT/travis-centos-${RHEL_VERSION}.sh SETUP
|
|
|
a3e2b5 |
+ script:
|
|
|
a3e2b5 |
+ - set -e
|
|
|
a3e2b5 |
+ # Build systemd
|
|
|
a3e2b5 |
+ - $CI_ROOT/travis-centos-${RHEL_VERSION}.sh RUN_ASAN
|
|
|
a3e2b5 |
+ - set +e
|
|
|
a3e2b5 |
+ after_script:
|
|
|
a3e2b5 |
+ - $CI_ROOT/travis-centos-${RHEL_VERSION}.sh CLEANUP
|
|
|
a3e2b5 |
diff --git a/ci/travis-centos-rhel8.sh b/ci/travis-centos-rhel8.sh
|
|
|
a3e2b5 |
index 1f72d984e0..c3d1018682 100755
|
|
|
a3e2b5 |
--- a/ci/travis-centos-rhel8.sh
|
|
|
a3e2b5 |
+++ b/ci/travis-centos-rhel8.sh
|
|
|
a3e2b5 |
@@ -19,6 +19,60 @@ ADDITIONAL_DEPS=(systemd-ci-environment libidn2-devel python-lxml python36 ninja
|
|
|
a3e2b5 |
# Repo with additional depencencies to compile newer systemd on CentOS 7
|
|
|
a3e2b5 |
COPR_REPO="https://copr.fedorainfracloud.org/coprs/mrc0mmand/systemd-centos-ci/repo/epel-7/mrc0mmand-systemd-centos-ci-epel-7.repo"
|
|
|
a3e2b5 |
COPR_REPO_PATH="/etc/yum.repos.d/${COPR_REPO##*/}"
|
|
|
a3e2b5 |
+# RHEL8 options
|
|
|
a3e2b5 |
+CONFIGURE_OPTS=(
|
|
|
a3e2b5 |
+ -Dsysvinit-path=/etc/rc.d/init.d
|
|
|
a3e2b5 |
+ -Drc-local=/etc/rc.d/rc.local
|
|
|
a3e2b5 |
+ -Ddns-servers=''
|
|
|
a3e2b5 |
+ -Ddev-kvm-mode=0666
|
|
|
a3e2b5 |
+ -Dkmod=true
|
|
|
a3e2b5 |
+ -Dxkbcommon=true
|
|
|
a3e2b5 |
+ -Dblkid=true
|
|
|
a3e2b5 |
+ -Dseccomp=true
|
|
|
a3e2b5 |
+ -Dima=true
|
|
|
a3e2b5 |
+ -Dselinux=true
|
|
|
a3e2b5 |
+ -Dapparmor=false
|
|
|
a3e2b5 |
+ -Dpolkit=true
|
|
|
a3e2b5 |
+ -Dxz=true
|
|
|
a3e2b5 |
+ -Dzlib=true
|
|
|
a3e2b5 |
+ -Dbzip2=true
|
|
|
a3e2b5 |
+ -Dlz4=true
|
|
|
a3e2b5 |
+ -Dpam=true
|
|
|
a3e2b5 |
+ -Dacl=true
|
|
|
a3e2b5 |
+ -Dsmack=true
|
|
|
a3e2b5 |
+ -Dgcrypt=true
|
|
|
a3e2b5 |
+ -Daudit=true
|
|
|
a3e2b5 |
+ -Delfutils=true
|
|
|
a3e2b5 |
+ -Dlibcryptsetup=true
|
|
|
a3e2b5 |
+ -Delfutils=true
|
|
|
a3e2b5 |
+ -Dqrencode=false
|
|
|
a3e2b5 |
+ -Dgnutls=true
|
|
|
a3e2b5 |
+ -Dmicrohttpd=true
|
|
|
a3e2b5 |
+ -Dlibidn2=true
|
|
|
a3e2b5 |
+ -Dlibiptc=true
|
|
|
a3e2b5 |
+ -Dlibcurl=true
|
|
|
a3e2b5 |
+ -Defi=true
|
|
|
a3e2b5 |
+ -Dtpm=true
|
|
|
a3e2b5 |
+ -Dhwdb=true
|
|
|
a3e2b5 |
+ -Dsysusers=true
|
|
|
a3e2b5 |
+ -Ddefault-kill-user-processes=false
|
|
|
a3e2b5 |
+ -Dtests=unsafe
|
|
|
a3e2b5 |
+ -Dinstall-tests=true
|
|
|
a3e2b5 |
+ -Dtty-gid=5
|
|
|
a3e2b5 |
+ -Dusers-gid=100
|
|
|
a3e2b5 |
+ -Dnobody-user=nobody
|
|
|
a3e2b5 |
+ -Dnobody-group=nobody
|
|
|
a3e2b5 |
+ -Dsplit-usr=false
|
|
|
a3e2b5 |
+ -Dsplit-bin=true
|
|
|
a3e2b5 |
+ -Db_lto=false
|
|
|
a3e2b5 |
+ -Dnetworkd=false
|
|
|
a3e2b5 |
+ -Dtimesyncd=false
|
|
|
a3e2b5 |
+ -Ddefault-hierarchy=legacy
|
|
|
a3e2b5 |
+ # Custom options
|
|
|
a3e2b5 |
+ -Dslow-tests=true
|
|
|
a3e2b5 |
+ -Dtests=unsafe
|
|
|
a3e2b5 |
+ -Dinstall-tests=true
|
|
|
a3e2b5 |
+)
|
|
|
a3e2b5 |
|
|
|
a3e2b5 |
function info() {
|
|
|
a3e2b5 |
echo -e "\033[33;1m$1\033[0m"
|
|
|
a3e2b5 |
@@ -57,60 +111,6 @@ for phase in "${PHASES[@]}"; do
|
|
|
a3e2b5 |
RUN)
|
|
|
a3e2b5 |
info "Run phase"
|
|
|
a3e2b5 |
# Build systemd
|
|
|
a3e2b5 |
- CONFIGURE_OPTS=(
|
|
|
a3e2b5 |
- # RHEL8 options
|
|
|
a3e2b5 |
- -Dsysvinit-path=/etc/rc.d/init.d
|
|
|
a3e2b5 |
- -Drc-local=/etc/rc.d/rc.local
|
|
|
a3e2b5 |
- -Ddns-servers=''
|
|
|
a3e2b5 |
- -Ddev-kvm-mode=0666
|
|
|
a3e2b5 |
- -Dkmod=true
|
|
|
a3e2b5 |
- -Dxkbcommon=true
|
|
|
a3e2b5 |
- -Dblkid=true
|
|
|
a3e2b5 |
- -Dseccomp=true
|
|
|
a3e2b5 |
- -Dima=true
|
|
|
a3e2b5 |
- -Dselinux=true
|
|
|
a3e2b5 |
- -Dapparmor=false
|
|
|
a3e2b5 |
- -Dpolkit=true
|
|
|
a3e2b5 |
- -Dxz=true
|
|
|
a3e2b5 |
- -Dzlib=true
|
|
|
a3e2b5 |
- -Dbzip2=true
|
|
|
a3e2b5 |
- -Dlz4=true
|
|
|
a3e2b5 |
- -Dpam=true
|
|
|
a3e2b5 |
- -Dacl=true
|
|
|
a3e2b5 |
- -Dsmack=true
|
|
|
a3e2b5 |
- -Dgcrypt=true
|
|
|
a3e2b5 |
- -Daudit=true
|
|
|
a3e2b5 |
- -Delfutils=true
|
|
|
a3e2b5 |
- -Dlibcryptsetup=true
|
|
|
a3e2b5 |
- -Delfutils=true
|
|
|
a3e2b5 |
- -Dqrencode=false
|
|
|
a3e2b5 |
- -Dgnutls=true
|
|
|
a3e2b5 |
- -Dmicrohttpd=true
|
|
|
a3e2b5 |
- -Dlibidn2=true
|
|
|
a3e2b5 |
- -Dlibiptc=true
|
|
|
a3e2b5 |
- -Dlibcurl=true
|
|
|
a3e2b5 |
- -Defi=true
|
|
|
a3e2b5 |
- -Dtpm=true
|
|
|
a3e2b5 |
- -Dhwdb=true
|
|
|
a3e2b5 |
- -Dsysusers=true
|
|
|
a3e2b5 |
- -Ddefault-kill-user-processes=false
|
|
|
a3e2b5 |
- -Dtests=unsafe
|
|
|
a3e2b5 |
- -Dinstall-tests=true
|
|
|
a3e2b5 |
- -Dtty-gid=5
|
|
|
a3e2b5 |
- -Dusers-gid=100
|
|
|
a3e2b5 |
- -Dnobody-user=nobody
|
|
|
a3e2b5 |
- -Dnobody-group=nobody
|
|
|
a3e2b5 |
- -Dsplit-usr=false
|
|
|
a3e2b5 |
- -Dsplit-bin=true
|
|
|
a3e2b5 |
- -Db_lto=false
|
|
|
a3e2b5 |
- -Dnetworkd=false
|
|
|
a3e2b5 |
- -Dtimesyncd=false
|
|
|
a3e2b5 |
- -Ddefault-hierarchy=legacy
|
|
|
a3e2b5 |
- # Custom options
|
|
|
a3e2b5 |
- -Dslow-tests=true
|
|
|
a3e2b5 |
- -Dtests=unsafe
|
|
|
a3e2b5 |
- -Dinstall-tests=true
|
|
|
a3e2b5 |
- )
|
|
|
a3e2b5 |
docker exec -it -e CFLAGS='-g -O0 -ftrapv' $CONT_NAME meson build "${CONFIGURE_OPTS[@]}"
|
|
|
a3e2b5 |
$DOCKER_EXEC ninja -v -C build
|
|
|
a3e2b5 |
# Let's install the new systemd and "reboot" the container to avoid
|
|
|
a3e2b5 |
@@ -122,6 +122,36 @@ for phase in "${PHASES[@]}"; do
|
|
|
a3e2b5 |
echo -ne "#!/usr/bin/perl\nexit(0);\n" > "test/udev-test.pl"
|
|
|
a3e2b5 |
$DOCKER_EXEC ninja -C build test
|
|
|
a3e2b5 |
;;
|
|
|
a3e2b5 |
+ RUN_ASAN|RUN_CLANG_ASAN)
|
|
|
a3e2b5 |
+ # Let's install newer gcc for proper ASan/UBSan support
|
|
|
a3e2b5 |
+ $DOCKER_EXEC yum -y install centos-release-scl
|
|
|
a3e2b5 |
+ $DOCKER_EXEC yum -y install devtoolset-8 devtoolset-8-libasan-devel libasan5 devtoolset-8-libubsan-devel libubsan1
|
|
|
a3e2b5 |
+ $DOCKER_EXEC bash -c "echo 'source scl_source enable devtoolset-8' >> /root/.bashrc"
|
|
|
a3e2b5 |
+ # Note to my future frustrated self: docker exec runs the given command
|
|
|
a3e2b5 |
+ # as sh -c 'command' - which means both .bash_profile and .bashrc will
|
|
|
a3e2b5 |
+ # be ignored. That's because .bash_profile is sourced for LOGIN shells (i.e.
|
|
|
a3e2b5 |
+ # sh -l), whereas .bashrc is sourced for NON-LOGIN INTERACTIVE shells
|
|
|
a3e2b5 |
+ # (i.e. sh -i).
|
|
|
a3e2b5 |
+ # As the default docker exec command lacks either of those options,
|
|
|
a3e2b5 |
+ # we need to use a wrapper command which runs the wanted command
|
|
|
a3e2b5 |
+ # under an explicit bash -i, so the SCL source above works properly.
|
|
|
a3e2b5 |
+ docker exec -it $CONT_NAME bash -ic 'gcc --version'
|
|
|
a3e2b5 |
+
|
|
|
a3e2b5 |
+ if [[ "$phase" = "RUN_CLANG_ASAN" ]]; then
|
|
|
a3e2b5 |
+ ENV_VARS="-e CC=clang -e CXX=clang++"
|
|
|
a3e2b5 |
+ MESON_ARGS="-Db_lundef=false" # See https://github.com/mesonbuild/meson/issues/764
|
|
|
a3e2b5 |
+ fi
|
|
|
a3e2b5 |
+ docker exec $ENV_VARS -it $CONT_NAME bash -ic "meson build --werror -Dtests=unsafe -Db_sanitize=address,undefined $MESON_ARGS ${CONFIGURE_OPTS[@]}"
|
|
|
a3e2b5 |
+ docker exec -it $CONT_NAME bash -ic 'ninja -v -C build'
|
|
|
a3e2b5 |
+
|
|
|
a3e2b5 |
+ # Never remove halt_on_error from UBSAN_OPTIONS. See https://github.com/systemd/systemd/commit/2614d83aa06592aedb.
|
|
|
a3e2b5 |
+ travis_wait docker exec --interactive=false \
|
|
|
a3e2b5 |
+ -e UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 \
|
|
|
a3e2b5 |
+ -e ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1 \
|
|
|
a3e2b5 |
+ -e "TRAVIS=$TRAVIS" \
|
|
|
a3e2b5 |
+ -t $CONT_NAME \
|
|
|
a3e2b5 |
+ bash -ic 'meson test --timeout-multiplier=3 -C ./build/ --print-errorlogs'
|
|
|
a3e2b5 |
+ ;;
|
|
|
a3e2b5 |
CLEANUP)
|
|
|
a3e2b5 |
info "Cleanup phase"
|
|
|
a3e2b5 |
docker stop $CONT_NAME
|