diff options
-rw-r--r-- | .appveyor.yml | 4 | ||||
-rw-r--r-- | .travis.yml | 13 | ||||
-rw-r--r-- | changes/ticket32143 | 4 | ||||
-rw-r--r-- | configure.ac | 7 | ||||
-rw-r--r-- | src/feature/dircache/conscache.c | 15 | ||||
-rw-r--r-- | src/test/test_circuitbuild.c | 4 | ||||
-rw-r--r-- | src/test/test_dir.c | 6 | ||||
-rw-r--r-- | src/test/test_hs_intropoint.c | 3 | ||||
-rw-r--r-- | src/test/test_protover.c | 6 |
9 files changed, 52 insertions, 10 deletions
diff --git a/.appveyor.yml b/.appveyor.yml index 7e08602fe3..a74c1861c5 100644 --- a/.appveyor.yml +++ b/.appveyor.yml @@ -18,7 +18,7 @@ environment: - target: i686-w64-mingw32 compiler_path: mingw32 mingw_prefix: mingw-w64-i686 - hardening: + hardening: --enable-all-bugs-are-fatal - target: x86_64-w64-mingw32 compiler_path: mingw64 mingw_prefix: mingw-w64-x86_64 @@ -36,7 +36,7 @@ matrix: target: i686-w64-mingw32 compiler_path: mingw32 mingw_prefix: mingw-w64-i686 - hardening: + hardening: --enable-all-bugs-are-fatal - image: Visual Studio 2015 target: x86_64-w64-mingw32 compiler_path: mingw64 diff --git a/.travis.yml b/.travis.yml index 16d2e432df..01343e65d9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -26,7 +26,7 @@ env: - MAKEFLAGS="-k -j 2" ## We turn on hardening by default ## Also known as --enable-fragile-hardening in 0.3.0.3-alpha and later - - HARDENING_OPTIONS="--enable-expensive-hardening" + - HARDENING_OPTIONS="--enable-all-bugs-are-fatal --enable-expensive-hardening" ## We turn off asciidoc by default, because it's slow - ASCIIDOC_OPTIONS="--disable-asciidoc" ## Our default rust version is the minimum supported version @@ -52,7 +52,8 @@ matrix: - compiler: clang os: osx ## Turn off some newer features, turn on clang's -Wtypedef-redefinition - env: C_DIALECT_OPTIONS="-std=gnu99" + ## Also, disable ALL_BUGS_ARE_FATAL macro. + env: C_DIALECT_OPTIONS="-std=gnu99" HARDENING_OPTIONS="--enable-expensive-hardening" ## We run chutney on Linux, because it's faster than chutney on macOS ## Chutney is a fast job, clang is slower on Linux, so we do Chutney clang @@ -63,9 +64,9 @@ matrix: - env: DISTCHECK="yes" ASCIIDOC_OPTIONS="" SKIP_MAKE_CHECK="yes" ## We check disable module relay - - env: MODULES_OPTIONS="--disable-module-relay" + - env: MODULES_OPTIONS="--disable-module-relay" HARDENING_OPTIONS="--enable-expensive-hardening" ## We check disable module dirauth - - env: MODULES_OPTIONS="--disable-module-dirauth" + - env: MODULES_OPTIONS="--disable-module-dirauth" HARDENING_OPTIONS="--enable-expensive-hardening" ## We run rust on Linux, because it's faster than rust on macOS ## We check rust offline @@ -74,7 +75,7 @@ matrix: ## We check NSS ## Use -std=gnu99 to turn off some newer features, and maybe turn on some ## extra gcc warnings? - - env: NSS_OPTIONS="--enable-nss" C_DIALECT_OPTIONS="-std=gnu99" + - env: NSS_OPTIONS="--enable-nss" C_DIALECT_OPTIONS="-std=gnu99" HARDENING_OPTIONS="--enable-expensive-hardening" ## We include a single coverage build with the best options for coverage - env: COVERAGE_OPTIONS="--enable-coverage" HARDENING_OPTIONS="" TOR_TEST_RNG_SEED="636f766572616765" @@ -241,7 +242,7 @@ script: - ./autogen.sh - CONFIGURE_FLAGS="$ASCIIDOC_OPTIONS $COVERAGE_OPTIONS $HARDENING_OPTIONS $MODULES_OPTIONS $NSS_OPTIONS $OPENSSL_OPTIONS $RUST_OPTIONS --enable-fatal-warnings --disable-silent-rules" - echo "Configure flags are $CONFIGURE_FLAGS CC=\"$CC $C_DIALECT_OPTIONS\"" - - ./configure $CONFIGURE_FLAGS CC="$CC $C_DIALECT_OPTIONS" + - ./configure $CONFIGURE_FLAGS CC="$CC $C_DIALECT_OPTIONS"; ## We run `make check` because that's what https://jenkins.torproject.org does. - if [[ "$SKIP_MAKE_CHECK" == "" ]]; then make check; fi - if [[ "$DISTCHECK" != "" ]]; then make distcheck DISTCHECK_CONFIGURE_FLAGS="$CONFIGURE_FLAGS"; fi diff --git a/changes/ticket32143 b/changes/ticket32143 new file mode 100644 index 0000000000..7f8a809ba5 --- /dev/null +++ b/changes/ticket32143 @@ -0,0 +1,4 @@ + o Minor features (continuous integration): + - Run unit-test and integration test (Stem, Chutney) jobs with + ALL_BUGS_ARE_FATAL macro being enabled on Travis and Appveyor. + Resolves ticket 32143. diff --git a/configure.ac b/configure.ac index 9ded3a0ac5..87e7ea0cad 100644 --- a/configure.ac +++ b/configure.ac @@ -228,6 +228,13 @@ if test "x$enable_expensive_hardening" = "xyes" || test "x$enable_fragile_harden AC_DEFINE(DEBUG_SMARTLIST, 1, [Enable smartlist debugging]) fi +AC_ARG_ENABLE(all-bugs-are-fatal, + AS_HELP_STRING(--enable-all-bugs-are-fatal, [force all soft asserts in Tor codebase (tor_assert_nonfatal(), BUG(), etc.) to act as hard asserts (tor_assert() and equivalents); makes Tor fragile; only recommended for dev builds])) + +if test "x$enable_all_bugs_are_fatal" = "xyes"; then + AC_DEFINE(ALL_BUGS_ARE_FATAL, 1, [All assert failures are fatal]) +fi + dnl Linker hardening options dnl Currently these options are ELF specific - you can't use this with MacOSX AC_ARG_ENABLE(linker-hardening, diff --git a/src/feature/dircache/conscache.c b/src/feature/dircache/conscache.c index ceba410a5f..d9aaccddc1 100644 --- a/src/feature/dircache/conscache.c +++ b/src/feature/dircache/conscache.c @@ -132,6 +132,15 @@ consensus_cache_may_overallocate(consensus_cache_t *cache) #endif } +// HACK: GCC on Appveyor hates that we may assert before returning. Work around +// the error. +#ifdef _WIN32 +#ifndef COCCI +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wsuggest-attribute=noreturn" +#endif +#endif + /** * Tell the sandbox (if any) configured by <b>cfg</b> to allow the * operations that <b>cache</b> will need. @@ -156,6 +165,12 @@ consensus_cache_register_with_sandbox(consensus_cache_t *cache, return storage_dir_register_with_sandbox(cache->dir, cfg); } +#ifdef _WIN32 +#ifndef COCCI +#pragma GCC diagnostic pop +#endif +#endif + /** * Helper: clear all entries from <b>cache</b> (but do not delete * any that aren't marked for removal diff --git a/src/test/test_circuitbuild.c b/src/test/test_circuitbuild.c index 70920c0c52..8b506011b0 100644 --- a/src/test/test_circuitbuild.c +++ b/src/test/test_circuitbuild.c @@ -114,6 +114,10 @@ test_new_route_len_unhandled_exit(void *arg) int r; (void)arg; +#ifdef ALL_BUGS_ARE_FATAL + tt_skip(); +#endif + MOCK(count_acceptable_nodes, mock_count_acceptable_nodes); tor_capture_bugs_(1); diff --git a/src/test/test_dir.c b/src/test/test_dir.c index b66938d7c0..e6f87dbd32 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -3005,6 +3005,7 @@ test_dir_param_voting_lookup(void *arg) tt_int_op(99, OP_EQ, dirvote_get_intermediate_param_value(lst, "abcd", 1000)); +#ifndef ALL_BUGS_ARE_FATAL /* moomin appears twice. That's a bug. */ tor_capture_bugs_(1); tt_int_op(-100, OP_EQ, @@ -3040,6 +3041,7 @@ test_dir_param_voting_lookup(void *arg) tt_str_op(smartlist_get(tor_get_captured_bug_log_(), 0), OP_EQ, "!(!ok)"); tor_end_capture_bugs_(); +#endif done: SMARTLIST_FOREACH(lst, char *, cp, tor_free(cp)); @@ -4989,6 +4991,10 @@ test_dir_purpose_needs_anonymity_returns_true_by_default(void *arg) { (void)arg; +#ifdef ALL_BUGS_ARE_FATAL + tt_skip(); +#endif + tor_capture_bugs_(1); setup_full_capture_of_logs(LOG_WARN); tt_int_op(1, OP_EQ, purpose_needs_anonymity(0, 0, NULL)); diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c index 5337188427..3b6e3fd213 100644 --- a/src/test/test_hs_intropoint.c +++ b/src/test/test_hs_intropoint.c @@ -757,12 +757,15 @@ test_introduce1_validation(void *arg) cell = helper_create_introduce1_cell(); tt_assert(cell); +#ifndef ALL_BUGS_ARE_FATAL /* It should NOT be a legacy cell which will trigger a BUG(). */ memset(cell->legacy_key_id, 'a', sizeof(cell->legacy_key_id)); tor_capture_bugs_(1); ret = validate_introduce1_parsed_cell(cell); tor_end_capture_bugs_(); tt_int_op(ret, OP_EQ, -1); +#endif + /* Reset legacy ID and make sure it's correct. */ memset(cell->legacy_key_id, 0, sizeof(cell->legacy_key_id)); ret = validate_introduce1_parsed_cell(cell); diff --git a/src/test/test_protover.c b/src/test/test_protover.c index 7d08911021..c33fbcae2c 100644 --- a/src/test/test_protover.c +++ b/src/test/test_protover.c @@ -317,6 +317,7 @@ test_protover_all_supported(void *arg) tt_assert(protover_all_supported("Fribble=", &msg)); tt_ptr_op(msg, OP_EQ, NULL); +#ifndef ALL_BUGS_ARE_FATAL /* If we get a completely unparseable list, protover_all_supported should * hit a fatal assertion for BUG(entries == NULL). */ tor_capture_bugs_(1); @@ -328,9 +329,10 @@ test_protover_all_supported(void *arg) tor_capture_bugs_(1); tt_assert(protover_all_supported("Sleen=1-4294967295", &msg)); tor_end_capture_bugs_(); +#endif /* !defined(ALL_BUGS_ARE_FATAL) */ /* Protocol name too long */ -#ifndef HAVE_RUST // XXXXXX ????? +#if !defined(HAVE_RUST) && !defined(ALL_BUGS_ARE_FATAL) tor_capture_bugs_(1); tt_assert(protover_all_supported( "DoSaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" @@ -338,7 +340,7 @@ test_protover_all_supported(void *arg) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" "aaaaaaaaaaaa=1-65536", &msg)); tor_end_capture_bugs_(); -#endif /* !defined(HAVE_RUST) */ +#endif /* !defined(HAVE_RUST) && !defined(ALL_BUGS_ARE_FATAL) */ done: tor_end_capture_bugs_(); |