From 45e250a9e9f3c3e8e8af2983366b170bf54f890e Mon Sep 17 00:00:00 2001 From: Jia Tan Date: Wed, 28 Jun 2023 21:01:22 +0800 Subject: [PATCH] CI: Add test with -fsanitize=address,undefined. ci_build.sh was updated to accept disabling of __attribute__ ifunc and CLMUL. This will allow -fsanitize=address to pass because ifunc is incompatible with -fsanitize=address. The CLMUL implementation has optimizations that potentially read past the buffer and mask out the unwanted bytes. This test will only run on Autotools Linux. --- .github/workflows/ci.yml | 23 +++++++++++++++++++---- build-aux/ci_build.sh | 8 +++++++- 2 files changed, 26 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d00dd0d2..f2e8c70a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -65,10 +65,10 @@ jobs: # -p specifies the phase (build or test) to help narrow down an error # if one occurs. # - # Start with the 32-bit build because the autoconf cache must be reset - # after the build because the 32-bit build sets the CFLAGS env variable. - # By starting with the 32-bit build, we only have to clear the - # cache once. The 32-bit build is only tested on Autotools Linux. + # The first two builds/tests are only run on Autotools Linux and + # affect the CFLAGS. Resetting the CFLAGS requires clearing the + # config cache between runs, so the tests that require CFLAGS are + # done first. - name: Build 32-bit if: ${{ matrix.os == 'ubuntu-latest' && matrix.build_system == 'autotools' }} run: ./build-aux/ci_build.sh -b autotools -p build -f "-m32" @@ -78,6 +78,21 @@ jobs: ./build-aux/ci_build.sh -b autotools -p test -f "-m32" -n 32_bit cd ../xz_build && make distclean + # ifunc and clmul must be disabled for this test because they will + # fail with -fsanitize=address. __attribute__ ifunc is incompatible + # with -fsanitize=address.CLMUL optimizations will read past the + # bounds of small buffers and mask out the unneeded values. This + # triggers -fsanitize=address to report an error even though the + # operation is safe. + - name: Build with -fsanitize=address,undefined + if: ${{ matrix.os == 'ubuntu-latest' && matrix.build_system == 'autotools' }} + run: ./build-aux/ci_build.sh -b autotools -p build -f "-fsanitize=address,undefined" -d ifunc,clmul + - name: Test with -fsanitize=address,undefined + if: ${{ matrix.os == 'ubuntu-latest' && matrix.build_system == 'autotools' }} + run: | + ./build-aux/ci_build.sh -b autotools -p test -f "-fsanitize=address,undefined" -d ifunc,clmul + cd ../xz_build && make distclean + - name: Build with full features run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -p build - name: Test with full features diff --git a/build-aux/ci_build.sh b/build-aux/ci_build.sh index 339938ba..201c1dd5 100755 --- a/build-aux/ci_build.sh +++ b/build-aux/ci_build.sh @@ -19,7 +19,7 @@ set -e USAGE="Usage: $0 -b [autotools|cmake] -c [crc32|crc64|sha256] - -d [encoders|decoders|bcj|delta|threads|shared|nls|small] + -d [encoders|decoders|bcj|delta|threads|shared|nls|small|ifunc|clmul] -f [CFLAGS] -l [destdir] -n [ARTIFACTS_DIR_NAME] @@ -40,6 +40,8 @@ THREADS="y" SHARED="y" NATIVE_LANG_SUPPORT="y" SMALL="n" +IFUNC="y" +CLMUL="y" SRC_DIR="$ABS_DIR/../" DEST_DIR="$SRC_DIR/../xz_build" PHASE="all" @@ -80,6 +82,8 @@ while getopts b:c:d:l:n:s:p:f:h opt; do shared) SHARED="n";; nls) NATIVE_LANG_SUPPORT="n";; small) SMALL="y";; + ifunc) IFUNC="n";; + clmul) CLMUL="n";; *) echo "Invalid disable value: $disable_arg"; exit 1 ;; esac done @@ -197,6 +201,8 @@ then add_extra_option "$SHARED" "" "--disable-shared" add_extra_option "$NATIVE_LANG_SUPPORT" "" "--disable-nls" add_extra_option "$SMALL" "--enable-small" "" + add_extra_option "$IFUNC" "" "--disable-ifunc" + add_extra_option "$CLMUL" "" "--disable-clmul-crc" # Run configure script "$SRC_DIR"/configure --enable-werror --enable-checks="$CHECK_TYPE" $EXTRA_OPTIONS --config-cache