From patchwork Mon Jan 30 17:29:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 3026 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp3397586dyk; Mon, 30 Jan 2023 09:30:07 -0800 (PST) X-Google-Smtp-Source: AK7set8Tnit1gheDdktKmC3v4Q0acucEVcHCLGlOdd3LR2xv2gbt+bgBd5CQMApG/+Di3vVlU1XG X-Received: by 2002:a17:902:cf4e:b0:196:726f:526e with SMTP id e14-20020a170902cf4e00b00196726f526emr6751168plg.20.1675099807808; Mon, 30 Jan 2023 09:30:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1675099807; cv=none; d=google.com; s=arc-20160816; b=fF9kiB+6aRVimT1PBuijTRPgY3YqHiEg368L1KP90G2dW+/XtdBn9Ptx+MCy2NAmzx thBMkNjQcmyshqrd5Tnf37zNKvkaTOqF6nPhxcdwCdPLBLxrh2Jsu7ng2eP67sk7WnHs BgIv0xGaTt9Yb77RnNig9AO2xu9mUMpm/CyRmzTYEbHLx0AXN5zvACbQM1yvaDMJBGuh q4uqtT6hK67DCVn6OonX5159qsjdzj58YHlFbBKBPO2caJN/SA+UcOns9nbKs4joEXKK KOyLsXJ2C8RmN54tUxKWjRLVoC3c52nGvBD3z30zFviM+M+lzjRzl/IZ94OTuwEwH7hL 5Nqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=jt8WdgBuikXMy7k2vdFYtkIVnf/vLFr2946e8B4Et3E=; b=qcFDNN+X3BzhQAGZOAxXmUsOpZoGVs3ABEEf8Cd8J5jU+aUEdeOeEDI+yNLjecdX7J ikMPDLIHcSP84ioRwWBU+YqbjW1VybgKIeTnn5BnzsA9c6wRCXWxkm8UGOd9JrsQsXkK ScU0BADxrczS6aTsOVXh4EpjYdUAWQF3HUdl4lzeBqo8JCL9yblqypgnooHNngO2qDTI Y0OezmvXpM9q+FnxIHZ5Lh+gZRmwLOIEqqbe2H3NmezGCUBT9qh5yG6TZWaru3cGc+wP pqqie3g3lyrm6rGofx9kEKY8focYLgDFedbO9bhdW9BE5n+ejc1sQICd4+XmOkR2WA3T TVNQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="fh/BE6Pn"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=nBSz9BXy; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id n12-20020a170902e54c00b001967a3f4b29si6147084plf.606.2023.01.30.09.30.07 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Jan 2023 09:30:07 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="fh/BE6Pn"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=nBSz9BXy; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pMXyW-0007HM-7l; Mon, 30 Jan 2023 17:29:47 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pMXyT-0007HA-PA for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:44 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=pMfnDWJAwDC9xF8LMoVHXaVHxyHr0UP3giIzVfzRsy0=; b=fh/BE6Pn5UNWCUmpiRGNtE/gXn KcMUQMjBQ7B2Hel5nT4zcooQI1evol0soEin5f/811DGNh8ab6DdgthtOupYc0ygnYb1I+a4lDbfy 1BP/nJm6iRhRKPpbQjhvaJw2aQMHns+PArr1Tg3U/IphfmAv+1ThfWPBkZ78jQ+oBTg8=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=pMfnDWJAwDC9xF8LMoVHXaVHxyHr0UP3giIzVfzRsy0=; b=nBSz9BXylU1leadfZWNNMtBwuB axUOo13lZHYh1LUISZZD/we0AO/2UpKHOajCGtceJOTctke7WDuctsfi1qelwaF/9EPgX66Z7f7Ft eWzaF+8OZo2yxJFCOtZXtE3rNTCKVq3Q9EQxANgU7j7nxNfVe4T7IngPRwRUAsr4GmQA=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1pMXyR-0005SY-GQ for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 17:29:44 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1pMXyK-000JyU-UY for openvpn-devel@lists.sourceforge.net; Mon, 30 Jan 2023 18:29:36 +0100 Received: (nullmailer pid 3444899 invoked by uid 10006); Mon, 30 Jan 2023 17:29:36 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Mon, 30 Jan 2023 18:29:36 +0100 Message-Id: <20230130172936.3444840-5-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230130172936.3444840-1-arne@rfc2549.org> References: <20230130172936.3444840-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Score: 0.3 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The -fno-sanitize-recover=all flag ensures that for all errors we actually abort the tests in the automated testing and not just print some errors in red that nobody sess. Also add the undefined tests [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-Headers-End: 1pMXyR-0005SY-GQ Subject: [Openvpn-devel] [PATCH 5/5] Add undefined and abort on error to clang sanaitize builds X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1756469456335504282?= X-GMAIL-MSGID: =?utf-8?q?1756469456335504282?= The -fno-sanitize-recover=all flag ensures that for all errors we actually abort the tests in the automated testing and not just print some errors in red that nobody sess. Also add the undefined tests to catch more bugs. For libreSSL we do not add the udefined behaviour as we have (even with the latest LibreSSL version) an undefined behaviour in LibreSSL itself. Signed-off-by: Arne Schwabe --- .github/workflows/build.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 132624547..e98ed4544 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -254,7 +254,7 @@ jobs: - name: autoconf run: autoreconf -fvi - name: configure - run: CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2" CC=clang ./configure --with-crypto-library=${{matrix.ssllib}} + run: CFLAGS="-fsanitize=address,undefined -fno-sanitize-recover=all -fno-omit-frame-pointer -O2" CC=clang ./configure --with-crypto-library=${{matrix.ssllib}} - name: make all run: make -j3 - name: make check @@ -269,8 +269,8 @@ jobs: os: [macos-11, macos-12] include: - build: asan - cflags: "-fsanitize=address -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1" - ldflags: -fsanitize=address + cflags: "-fsanitize=address,undefined -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1" + ldflags: -fsanitize=address,undefined -fno-sanitize-recover=all # Our build system ignores LDFLAGS for plugins configureflags: --disable-plugin-auth-pam --disable-plugin-down-root - build: normal @@ -390,8 +390,8 @@ jobs: configureflags: ["--with-openssl-engine=no"] include: - build: asan - cflags: "-fsanitize=address -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1" - ldflags: -fsanitize=address + cflags: "-fsanitize=address -fno-sanitize-recover=all -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1" + ldflags: -fsanitize=address -fno-sanitize-recover=all cc: clang - build: normal cflags: "-O2 -g"