arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-18 04:18:10 +00:00
Code Issues Releases Wiki Activity

ci: Use address sanitizer in CI.

Browse Source 
[no changelog]
This commit is contained in:
Andrew Kozlik 2022-01-05 17:11:19 +01:00 committed by matejcik
parent 4a71d15b1d
commit 56126b75a7
6 changed files with 25 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ci/build.yml
View File

@ -217,6 +217,8 @@ crypto build:
stage: build stage: build
<<: *gitlab_caching <<: *gitlab_caching
needs: [] needs: []
variables:
ADDRESS_SANITIZER: "1"
only: only:
changes: changes:
- .gitlab-ci.yml - .gitlab-ci.yml

21
crypto/Makefile
View File

@ -1,11 +1,9 @@
ifeq ($(FUZZER),1) ifeq ($(FUZZER),1)
CC ?= clang CC ?= clang
LD ?= $(CC) LD ?= $(CC)
SANFLAGS += -fsanitize=fuzzer SANFLAGS += -fsanitize=fuzzer
else ifeq ($(ADDRESS_SANITIZER),1)
CFLAGS += $(SANFLAGS) SANFLAGS += -fsanitize=address
LDFLAGS += $(SANFLAGS)
endif endif
CC ?= gcc CC ?= gcc
@ -13,6 +11,7 @@ CC ?= gcc
OPTFLAGS ?= -O3 -g OPTFLAGS ?= -O3 -g
CFLAGS += $(OPTFLAGS) \ CFLAGS += $(OPTFLAGS) \
$(SANFLAGS) \
-std=gnu99 \ -std=gnu99 \
-W \ -W \
-Wall \ -Wall \
@ -118,18 +117,18 @@ all: tools tests
tests: tests/test_check tests/test_openssl tests/test_speed tests/libtrezor-crypto.so tests/aestst tests: tests/test_check tests/test_openssl tests/test_speed tests/libtrezor-crypto.so tests/aestst
tests/aestst: aes/aestst.o aes/aescrypt.o aes/aeskey.o aes/aestab.o tests/aestst: aes/aestst.o aes/aescrypt.o aes/aeskey.o aes/aestab.o
$(CC) $^ -o $@ $(CC) $(CFLAGS) $^ -o $@
tests/test_check.o: tests/test_check_cardano.h tests/test_check_monero.h tests/test_check_cashaddr.h tests/test_check_segwit.h tests/test_check.o: tests/test_check_cardano.h tests/test_check_monero.h tests/test_check_cashaddr.h tests/test_check_segwit.h
tests/test_check: tests/test_check.o $(OBJS) tests/test_check: tests/test_check.o $(OBJS)
$(CC) tests/test_check.o $(OBJS) $(TESTLIBS) -o tests/test_check $(CC) $(CFLAGS) tests/test_check.o $(OBJS) $(TESTLIBS) -o tests/test_check
tests/test_speed: tests/test_speed.o $(OBJS) tests/test_speed: tests/test_speed.o $(OBJS)
$(CC) tests/test_speed.o $(OBJS) -o tests/test_speed $(CC) $(CFLAGS) tests/test_speed.o $(OBJS) -o tests/test_speed
tests/test_openssl: tests/test_openssl.o $(OBJS) tests/test_openssl: tests/test_openssl.o $(OBJS)
$(CC) tests/test_openssl.o $(OBJS) $(TESTSSLLIBS) -o tests/test_openssl $(CC) $(CFLAGS) tests/test_openssl.o $(OBJS) $(TESTSSLLIBS) -o tests/test_openssl
tests/libtrezor-crypto.so: $(SRCS) secp256k1-zkp.o tests/libtrezor-crypto.so: $(SRCS) secp256k1-zkp.o
$(CC) $(CFLAGS) -DAES_128 -DAES_192 -fPIC -shared $(SRCS) secp256k1-zkp.o -o tests/libtrezor-crypto.so $(CC) $(CFLAGS) -DAES_128 -DAES_192 -fPIC -shared $(SRCS) secp256k1-zkp.o -o tests/libtrezor-crypto.so
@ -137,13 +136,13 @@ tests/libtrezor-crypto.so: $(SRCS) secp256k1-zkp.o
tools: tools/xpubaddrgen tools/mktable tools/bip39bruteforce tools: tools/xpubaddrgen tools/mktable tools/bip39bruteforce
tools/xpubaddrgen: tools/xpubaddrgen.o $(OBJS) tools/xpubaddrgen: tools/xpubaddrgen.o $(OBJS)
$(CC) tools/xpubaddrgen.o $(OBJS) -o tools/xpubaddrgen $(CC) $(CFLAGS) tools/xpubaddrgen.o $(OBJS) -o tools/xpubaddrgen
tools/mktable: tools/mktable.o $(OBJS) tools/mktable: tools/mktable.o $(OBJS)
$(CC) tools/mktable.o $(OBJS) -o tools/mktable $(CC) $(CFLAGS) tools/mktable.o $(OBJS) -o tools/mktable
tools/bip39bruteforce: tools/bip39bruteforce.o $(OBJS) tools/bip39bruteforce: tools/bip39bruteforce.o $(OBJS)
$(CC) tools/bip39bruteforce.o $(OBJS) -o tools/bip39bruteforce $(CC) $(CFLAGS) tools/bip39bruteforce.o $(OBJS) -o tools/bip39bruteforce
fuzzer: fuzzer/fuzzer.o $(OBJS) fuzzer: fuzzer/fuzzer.o $(OBJS)
$(CC) $(CFLAGS) fuzzer/fuzzer.o $(OBJS) -o fuzzer/fuzzer $(CC) $(CFLAGS) fuzzer/fuzzer.o $(OBJS) -o fuzzer/fuzzer

2
docs/tests/device-tests.md
View File

@ -85,7 +85,7 @@ make build_unix_debug
``` ```
The final executable is significantly slower due to ASAN(Address Sanitizer) integration. The final executable is significantly slower due to ASAN(Address Sanitizer) integration.
If you wan't to catch some memory errors use this. If you want to catch some memory errors use this.
```sh ```sh
time ASAN_OPTIONS=verbosity=1:detect_invalid_pointer_pairs=1:strict_init_order=true:strict_string_checks=true TREZOR_PROFILE="" poetry run make test_emu time ASAN_OPTIONS=verbosity=1:detect_invalid_pointer_pairs=1:strict_init_order=true:strict_string_checks=true TREZOR_PROFILE="" poetry run make test_emu

5
legacy/Makefile.include
View File

@ -21,6 +21,9 @@ OPTFLAGS ?= -O3
DBGFLAGS ?= -g3 -ggdb3 DBGFLAGS ?= -g3 -ggdb3
CPUFLAGS ?= CPUFLAGS ?=
FPUFLAGS ?= FPUFLAGS ?=
ifeq ($(ADDRESS_SANITIZER),1)
SANFLAGS += -fsanitize=address
endif
else else
PREFIX ?= arm-none-eabi- PREFIX ?= arm-none-eabi-
CC := $(PREFIX)gcc CC := $(PREFIX)gcc
@ -42,6 +45,7 @@ endif
CFLAGS += $(OPTFLAGS) \ CFLAGS += $(OPTFLAGS) \
$(DBGFLAGS) \ $(DBGFLAGS) \
$(SANFLAGS) \
-std=gnu11 \ -std=gnu11 \
-W \ -W \
-Wall \ -Wall \
@ -81,6 +85,7 @@ CFLAGS += $(OPTFLAGS) \
LDFLAGS += -L$(TOP_DIR) \ LDFLAGS += -L$(TOP_DIR) \
$(DBGFLAGS) \ $(DBGFLAGS) \
$(SANFLAGS) \
$(CPUFLAGS) \ $(CPUFLAGS) \
$(FPUFLAGS) $(FPUFLAGS)

6
storage/tests/Makefile
View File

@ -1,9 +1,15 @@
.PHONY: tests .PHONY: tests
export ASAN_OPTIONS=verify_asan_link_order=0
build: build:
$(MAKE) -C c $(MAKE) -C c
$(MAKE) -C c0 $(MAKE) -C c0
clean:
$(MAKE) -C c clean
$(MAKE) -C c0 clean
## tests commands: ## tests commands:
tests: tests:
pytest --junitxml=../../tests/junit.xml -k "not hypothesis" pytest --junitxml=../../tests/junit.xml -k "not hypothesis"

2
storage/tests/c/Makefile
View File

@ -1,5 +1,5 @@
CC = gcc CC = gcc
CFLAGS = -Wall -Wshadow -Wextra -Wpedantic -Werror -Wno-missing-braces -fPIC CFLAGS = -Wall -Wshadow -Wextra -Wpedantic -Werror -Wno-missing-braces -fPIC -fsanitize=address
LIBS = LIBS =
INC = -I ../../../crypto -I ../.. -I . INC = -I ../../../crypto -I ../.. -I .
BASE = ../../../ BASE = ../../../