mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-17 21:22:10 +00:00
ci(core): run nightly device tests with AddressSanitizer
[no changelog]
This commit is contained in:
parent
56126b75a7
commit
e3541997f0
35
ci/build.yml
35
ci/build.yml
@ -140,6 +140,25 @@ core unix frozen btconly debug build:
|
||||
- core/build/unix/trezor-emu-core-bitcoinonly
|
||||
expire_in: 1 week
|
||||
|
||||
core unix frozen btconly debug asan build:
|
||||
stage: build
|
||||
<<: *gitlab_caching
|
||||
needs: []
|
||||
only:
|
||||
- schedules # nightly build
|
||||
variables:
|
||||
PYOPT: "0"
|
||||
BITCOIN_ONLY: "1"
|
||||
ADDRESS_SANITIZER: "1"
|
||||
script:
|
||||
- nix-shell --run "poetry run make -C core build_unix_frozen"
|
||||
- mv core/build/unix/trezor-emu-core core/build/unix/trezor-emu-core-bitcoinonly
|
||||
artifacts:
|
||||
name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
|
||||
paths:
|
||||
- core/build/unix/trezor-emu-core-bitcoinonly
|
||||
expire_in: 1 week
|
||||
|
||||
core unix frozen debug build:
|
||||
stage: build
|
||||
<<: *gitlab_caching
|
||||
@ -153,6 +172,22 @@ core unix frozen debug build:
|
||||
untracked: true
|
||||
expire_in: 1 week
|
||||
|
||||
core unix frozen debug asan build:
|
||||
stage: build
|
||||
<<: *gitlab_caching
|
||||
needs: []
|
||||
only:
|
||||
- schedules # nightly build
|
||||
variables:
|
||||
PYOPT: "0"
|
||||
ADDRESS_SANITIZER: "1"
|
||||
script:
|
||||
- nix-shell --run "poetry run make -C core build_unix_frozen"
|
||||
artifacts:
|
||||
name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
|
||||
untracked: true
|
||||
expire_in: 1 week
|
||||
|
||||
core unix frozen debug build arm:
|
||||
image: vdovhanych/nixos
|
||||
stage: build
|
||||
|
70
ci/test.yml
70
ci/test.yml
@ -75,6 +75,22 @@ core device test:
|
||||
reports:
|
||||
junit: tests/junit.xml
|
||||
|
||||
core device asan test:
|
||||
stage: test
|
||||
<<: *gitlab_caching
|
||||
needs:
|
||||
- core unix frozen debug asan build
|
||||
only:
|
||||
- schedules # nightly build
|
||||
script:
|
||||
- nix-shell --run "poetry run make -C core test_emu | ts -s"
|
||||
artifacts:
|
||||
name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
|
||||
paths:
|
||||
- tests/trezor.log
|
||||
expire_in: 1 week
|
||||
when: always
|
||||
|
||||
core btconly device test:
|
||||
stage: test
|
||||
<<: *gitlab_caching
|
||||
@ -95,6 +111,25 @@ core btconly device test:
|
||||
reports:
|
||||
junit: tests/junit.xml
|
||||
|
||||
core btconly device asan test:
|
||||
stage: test
|
||||
<<: *gitlab_caching
|
||||
needs:
|
||||
- core unix frozen btconly debug asan build
|
||||
only:
|
||||
- schedules # nightly build
|
||||
variables:
|
||||
MICROPYTHON: "build/unix/trezor-emu-core-bitcoinonly"
|
||||
TREZOR_PYTEST_SKIP_ALTCOINS: 1
|
||||
script:
|
||||
- nix-shell --run "poetry run make -C core test_emu | ts -s"
|
||||
artifacts:
|
||||
name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
|
||||
paths:
|
||||
- tests/trezor.log
|
||||
expire_in: 1 week
|
||||
when: always
|
||||
|
||||
core monero test:
|
||||
stage: test
|
||||
<<: *gitlab_caching
|
||||
@ -133,6 +168,23 @@ core u2f test:
|
||||
expire_in: 1 week
|
||||
when: always
|
||||
|
||||
core u2f asan test:
|
||||
stage: test
|
||||
<<: *gitlab_caching
|
||||
needs:
|
||||
- core unix frozen debug asan build
|
||||
only:
|
||||
- schedules # nightly build
|
||||
script:
|
||||
- nix-shell --run "poetry run make -C tests/fido_tests/u2f-tests-hid | ts -s"
|
||||
- nix-shell --run "poetry run make -C core test_emu_u2f | ts -s"
|
||||
artifacts:
|
||||
name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
|
||||
paths:
|
||||
- tests/trezor.log
|
||||
expire_in: 1 week
|
||||
when: always
|
||||
|
||||
core fido2 test:
|
||||
stage: test
|
||||
<<: *gitlab_caching
|
||||
@ -156,6 +208,24 @@ core fido2 test:
|
||||
junit: tests/junit.xml
|
||||
when: always
|
||||
|
||||
core fido2 asan test:
|
||||
stage: test
|
||||
<<: *gitlab_caching
|
||||
needs:
|
||||
- core unix frozen debug asan build
|
||||
only:
|
||||
- schedules # nightly build
|
||||
script:
|
||||
- pgrep trezor-emu-core || true
|
||||
- nix-shell --run "poetry run make -C core test_emu_fido2 | ts -s"
|
||||
- pgrep trezor-emu-core || true
|
||||
artifacts:
|
||||
name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
|
||||
paths:
|
||||
- tests/trezor.log
|
||||
expire_in: 1 week
|
||||
when: always
|
||||
|
||||
core click test:
|
||||
stage: test
|
||||
<<: *gitlab_caching
|
||||
|
@ -23,6 +23,7 @@ PYOPT ?= 1
|
||||
BITCOIN_ONLY ?= 0
|
||||
TREZOR_MODEL ?= T
|
||||
TREZOR_MEMPERF ?= 0
|
||||
ADDRESS_SANITIZER ?= 0
|
||||
|
||||
OPENOCD_INTERFACE ?= stlink # -or- ftdi/olimex-arm-usb-tiny-h
|
||||
OPENOCD_TRANSPORT ?= hla_swd # -or- jtag
|
||||
@ -152,13 +153,13 @@ build_firmware: templates build_cross ## build firmware with frozen modules
|
||||
$(SCONS) CFLAGS="$(CFLAGS)" PRODUCTION="$(PRODUCTION)" TREZOR_MODEL="$(TREZOR_MODEL)" PYOPT="$(PYOPT)" BITCOIN_ONLY="$(BITCOIN_ONLY)" $(FIRMWARE_BUILD_DIR)/firmware.bin
|
||||
|
||||
build_unix: templates ## build unix port
|
||||
$(SCONS) CFLAGS="$(CFLAGS)" $(UNIX_BUILD_DIR)/trezor-emu-core $(UNIX_PORT_OPTS) TREZOR_MODEL="$(TREZOR_MODEL)" BITCOIN_ONLY="$(BITCOIN_ONLY)"
|
||||
$(SCONS) CFLAGS="$(CFLAGS)" $(UNIX_BUILD_DIR)/trezor-emu-core $(UNIX_PORT_OPTS) TREZOR_MODEL="$(TREZOR_MODEL)" BITCOIN_ONLY="$(BITCOIN_ONLY)" TREZOR_EMULATOR_ASAN="$(ADDRESS_SANITIZER)"
|
||||
|
||||
build_unix_frozen: templates build_cross ## build unix port with frozen modules
|
||||
$(SCONS) CFLAGS="$(CFLAGS)" $(UNIX_BUILD_DIR)/trezor-emu-core $(UNIX_PORT_OPTS) TREZOR_MODEL="$(TREZOR_MODEL)" PYOPT="$(PYOPT)" BITCOIN_ONLY="$(BITCOIN_ONLY)" TREZOR_MEMPERF=$(TREZOR_MEMPERF) TREZOR_EMULATOR_FROZEN=1
|
||||
$(SCONS) CFLAGS="$(CFLAGS)" $(UNIX_BUILD_DIR)/trezor-emu-core $(UNIX_PORT_OPTS) TREZOR_MODEL="$(TREZOR_MODEL)" PYOPT="$(PYOPT)" BITCOIN_ONLY="$(BITCOIN_ONLY)" TREZOR_EMULATOR_ASAN="$(ADDRESS_SANITIZER)" TREZOR_MEMPERF="$(TREZOR_MEMPERF)" TREZOR_EMULATOR_FROZEN=1
|
||||
|
||||
build_unix_debug: templates ## build unix port
|
||||
$(SCONS) --max-drift=1 CFLAGS="$(CFLAGS)" $(UNIX_BUILD_DIR)/trezor-emu-core $(UNIX_PORT_OPTS) TREZOR_MODEL="$(TREZOR_MODEL)" TREZOR_EMULATOR_ASAN=1 TREZOR_EMULATOR_DEBUGGABLE=1
|
||||
$(SCONS) --max-drift=1 CFLAGS="$(CFLAGS)" $(UNIX_BUILD_DIR)/trezor-emu-core $(UNIX_PORT_OPTS) TREZOR_MODEL="$(TREZOR_MODEL)" BITCOIN_ONLY="$(BITCOIN_ONLY)" TREZOR_EMULATOR_ASAN=1 TREZOR_EMULATOR_DEBUGGABLE=1
|
||||
|
||||
build_cross: ## build mpy-cross port
|
||||
$(MAKE) -C vendor/micropython/mpy-cross $(CROSS_PORT_OPTS)
|
||||
|
@ -368,20 +368,29 @@ env.Replace(
|
||||
OBJCOPY='objcopy',
|
||||
COPT=os.getenv('OPTIMIZE', '-Os'), )
|
||||
|
||||
if ARGUMENTS.get('TREZOR_EMULATOR_ASAN', 0):
|
||||
asan_flags=(
|
||||
' -fsanitize=address'+
|
||||
' -fsanitize-blacklist=asan_blacklist.txt'+
|
||||
' -fno-omit-frame-pointer'+
|
||||
' -fno-optimize-sibling-calls'
|
||||
)
|
||||
if ARGUMENTS.get('TREZOR_EMULATOR_CLANG', '0') == '1':
|
||||
env.Replace(
|
||||
CC=os.getenv('CC') or 'clang',
|
||||
LINK=os.getenv('LINK') or 'clang',
|
||||
CFLAGS=asan_flags,
|
||||
LINKFLAGS=' -Wl,-no_pie' + asan_flags, )
|
||||
CC='clang',
|
||||
LINK='clang', )
|
||||
|
||||
if ARGUMENTS.get('TREZOR_EMULATOR_DEBUGGABLE', 0):
|
||||
if ARGUMENTS.get('TREZOR_EMULATOR_ASAN', '0') == '1':
|
||||
asan_flags=(
|
||||
' -fsanitize=address,undefined'+
|
||||
' -fno-omit-frame-pointer'+
|
||||
' -fno-optimize-sibling-calls'
|
||||
)
|
||||
env.Append(
|
||||
CFLAGS=asan_flags,
|
||||
LINKFLAGS=asan_flags,
|
||||
LDFLAGS=asan_flags,
|
||||
ENV={
|
||||
# workaround for sanitizers being nightly-only
|
||||
# remove after stabilized https://github.com/rust-lang/rust/issues/39699
|
||||
'RUSTC_BOOTSTRAP': '1',
|
||||
'RUSTFLAGS': '-Z sanitizer=address',
|
||||
}, )
|
||||
|
||||
if ARGUMENTS.get('TREZOR_EMULATOR_DEBUGGABLE', '0') == '1':
|
||||
env.Replace(
|
||||
COPT=' -Og -ggdb',
|
||||
STRIP='true', )
|
||||
@ -642,17 +651,12 @@ protobuf_blobs = env.Command(
|
||||
)
|
||||
env.Depends(protobuf_blobs, qstr_generated)
|
||||
|
||||
RUST_PROFILE = 'release'
|
||||
RUST_PROFILE = 'dev' if ARGUMENTS.get('TREZOR_EMULATOR_DEBUGGABLE', 0) == '1' else 'release'
|
||||
RUST_LIB = 'trezor_lib'
|
||||
RUST_LIBDIR = f'build/unix/rust/{RUST_PROFILE}'
|
||||
RUST_LIBPATH = f'{RUST_LIBDIR}/lib{RUST_LIB}.a'
|
||||
|
||||
def cargo_build():
|
||||
# Determine the profile build flags.
|
||||
if RUST_PROFILE == 'release':
|
||||
profile = '--release'
|
||||
else:
|
||||
profile = ''
|
||||
if TREZOR_MODEL == "1":
|
||||
features = ["model_t1"]
|
||||
else:
|
||||
@ -665,7 +669,7 @@ def cargo_build():
|
||||
elif NEW_UI:
|
||||
features.append("ui")
|
||||
|
||||
return f'cd embed/rust; cargo build {profile} --target-dir=../../build/unix/rust --no-default-features --features "{" ".join(features)}"'
|
||||
return f'cd embed/rust; cargo build --profile {RUST_PROFILE} --target-dir=../../build/unix/rust --no-default-features --features "{" ".join(features)}"'
|
||||
|
||||
rust = env.Command(
|
||||
target=RUST_LIBPATH,
|
||||
|
Loading…
Reference in New Issue
Block a user