From d84b1c62b9739e9c043a717aecec2da181eb9df7 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Sat, 23 Feb 2019 17:10:55 +0100 Subject: [PATCH] travis: enable ASan and UBSan on RHEL8 Resolves: #1683319 rhel-only --- .travis.yml | 23 ++++++- ci/travis-centos-rhel8.sh | 138 +++++++++++++++++++++++--------------- 2 files changed, 105 insertions(+), 56 deletions(-) diff --git a/.travis.yml b/.travis.yml index c5c9c345a9..67677bdf06 100644 --- a/.travis.yml +++ b/.travis.yml @@ -8,8 +8,7 @@ env: jobs: include: - - stage: Build & test - name: CentOS 7 + - name: CentOS 7 language: bash env: - CENTOS_RELEASE="centos7" @@ -28,3 +27,23 @@ jobs: - set +e after_script: - $CI_ROOT/travis-centos-${RHEL_VERSION}.sh CLEANUP + + - name: CentOS 7 (ASan+UBSan) + language: bash + env: + - CENTOS_RELEASE="centos7" + - CONT_NAME="systemd-centos-$CENTOS_RELEASE" + - DOCKER_EXEC="docker exec -ti $CONT_NAME" + before_install: + - sudo apt-get -y -o Dpkg::Options::="--force-confnew" install docker-ce + - docker --version + install: + - if [ -f meson.build ]; then RHEL_VERSION=rhel8; else RHEL_VERSION=rhel7; fi + - $CI_ROOT/travis-centos-${RHEL_VERSION}.sh SETUP + script: + - set -e + # Build systemd + - $CI_ROOT/travis-centos-${RHEL_VERSION}.sh RUN_ASAN + - set +e + after_script: + - $CI_ROOT/travis-centos-${RHEL_VERSION}.sh CLEANUP diff --git a/ci/travis-centos-rhel8.sh b/ci/travis-centos-rhel8.sh index 1f72d984e0..c3d1018682 100755 --- a/ci/travis-centos-rhel8.sh +++ b/ci/travis-centos-rhel8.sh @@ -19,6 +19,60 @@ ADDITIONAL_DEPS=(systemd-ci-environment libidn2-devel python-lxml python36 ninja # Repo with additional depencencies to compile newer systemd on CentOS 7 COPR_REPO="https://copr.fedorainfracloud.org/coprs/mrc0mmand/systemd-centos-ci/repo/epel-7/mrc0mmand-systemd-centos-ci-epel-7.repo" COPR_REPO_PATH="/etc/yum.repos.d/${COPR_REPO##*/}" +# RHEL8 options +CONFIGURE_OPTS=( + -Dsysvinit-path=/etc/rc.d/init.d + -Drc-local=/etc/rc.d/rc.local + -Ddns-servers='' + -Ddev-kvm-mode=0666 + -Dkmod=true + -Dxkbcommon=true + -Dblkid=true + -Dseccomp=true + -Dima=true + -Dselinux=true + -Dapparmor=false + -Dpolkit=true + -Dxz=true + -Dzlib=true + -Dbzip2=true + -Dlz4=true + -Dpam=true + -Dacl=true + -Dsmack=true + -Dgcrypt=true + -Daudit=true + -Delfutils=true + -Dlibcryptsetup=true + -Delfutils=true + -Dqrencode=false + -Dgnutls=true + -Dmicrohttpd=true + -Dlibidn2=true + -Dlibiptc=true + -Dlibcurl=true + -Defi=true + -Dtpm=true + -Dhwdb=true + -Dsysusers=true + -Ddefault-kill-user-processes=false + -Dtests=unsafe + -Dinstall-tests=true + -Dtty-gid=5 + -Dusers-gid=100 + -Dnobody-user=nobody + -Dnobody-group=nobody + -Dsplit-usr=false + -Dsplit-bin=true + -Db_lto=false + -Dnetworkd=false + -Dtimesyncd=false + -Ddefault-hierarchy=legacy + # Custom options + -Dslow-tests=true + -Dtests=unsafe + -Dinstall-tests=true +) function info() { echo -e "\033[33;1m$1\033[0m" @@ -57,60 +111,6 @@ for phase in "${PHASES[@]}"; do RUN) info "Run phase" # Build systemd - CONFIGURE_OPTS=( - # RHEL8 options - -Dsysvinit-path=/etc/rc.d/init.d - -Drc-local=/etc/rc.d/rc.local - -Ddns-servers='' - -Ddev-kvm-mode=0666 - -Dkmod=true - -Dxkbcommon=true - -Dblkid=true - -Dseccomp=true - -Dima=true - -Dselinux=true - -Dapparmor=false - -Dpolkit=true - -Dxz=true - -Dzlib=true - -Dbzip2=true - -Dlz4=true - -Dpam=true - -Dacl=true - -Dsmack=true - -Dgcrypt=true - -Daudit=true - -Delfutils=true - -Dlibcryptsetup=true - -Delfutils=true - -Dqrencode=false - -Dgnutls=true - -Dmicrohttpd=true - -Dlibidn2=true - -Dlibiptc=true - -Dlibcurl=true - -Defi=true - -Dtpm=true - -Dhwdb=true - -Dsysusers=true - -Ddefault-kill-user-processes=false - -Dtests=unsafe - -Dinstall-tests=true - -Dtty-gid=5 - -Dusers-gid=100 - -Dnobody-user=nobody - -Dnobody-group=nobody - -Dsplit-usr=false - -Dsplit-bin=true - -Db_lto=false - -Dnetworkd=false - -Dtimesyncd=false - -Ddefault-hierarchy=legacy - # Custom options - -Dslow-tests=true - -Dtests=unsafe - -Dinstall-tests=true - ) docker exec -it -e CFLAGS='-g -O0 -ftrapv' $CONT_NAME meson build "${CONFIGURE_OPTS[@]}" $DOCKER_EXEC ninja -v -C build # Let's install the new systemd and "reboot" the container to avoid @@ -122,6 +122,36 @@ for phase in "${PHASES[@]}"; do echo -ne "#!/usr/bin/perl\nexit(0);\n" > "test/udev-test.pl" $DOCKER_EXEC ninja -C build test ;; + RUN_ASAN|RUN_CLANG_ASAN) + # Let's install newer gcc for proper ASan/UBSan support + $DOCKER_EXEC yum -y install centos-release-scl + $DOCKER_EXEC yum -y install devtoolset-8 devtoolset-8-libasan-devel libasan5 devtoolset-8-libubsan-devel libubsan1 + $DOCKER_EXEC bash -c "echo 'source scl_source enable devtoolset-8' >> /root/.bashrc" + # Note to my future frustrated self: docker exec runs the given command + # as sh -c 'command' - which means both .bash_profile and .bashrc will + # be ignored. That's because .bash_profile is sourced for LOGIN shells (i.e. + # sh -l), whereas .bashrc is sourced for NON-LOGIN INTERACTIVE shells + # (i.e. sh -i). + # As the default docker exec command lacks either of those options, + # we need to use a wrapper command which runs the wanted command + # under an explicit bash -i, so the SCL source above works properly. + docker exec -it $CONT_NAME bash -ic 'gcc --version' + + if [[ "$phase" = "RUN_CLANG_ASAN" ]]; then + ENV_VARS="-e CC=clang -e CXX=clang++" + MESON_ARGS="-Db_lundef=false" # See https://github.com/mesonbuild/meson/issues/764 + fi + docker exec $ENV_VARS -it $CONT_NAME bash -ic "meson build --werror -Dtests=unsafe -Db_sanitize=address,undefined $MESON_ARGS ${CONFIGURE_OPTS[@]}" + docker exec -it $CONT_NAME bash -ic 'ninja -v -C build' + + # Never remove halt_on_error from UBSAN_OPTIONS. See https://github.com/systemd/systemd/commit/2614d83aa06592aedb. + travis_wait docker exec --interactive=false \ + -e UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 \ + -e ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1 \ + -e "TRAVIS=$TRAVIS" \ + -t $CONT_NAME \ + bash -ic 'meson test --timeout-multiplier=3 -C ./build/ --print-errorlogs' + ;; CLEANUP) info "Cleanup phase" docker stop $CONT_NAME