Commit Graph

115 Commits

Author SHA1 Message Date
Johannes Altmanninger
8ada027f05 Run asan and macOS CI in release mode too
I don't know why we're inconsistent about this, and at least asan fails
frequently due to timeouts.
2024-04-02 14:35:16 +02:00
Fabian Boehm
46cde6cc55 Github Actions: Remove CXXFLAGS for ASAN
The only C++ we have left is fish_test_helper
2024-03-19 16:54:33 +01:00
Fabian Boehm
f62f1aaf99 Remove remaining mentions of curses 2024-02-23 16:36:10 +01:00
Fabian Boehm
bcebcdc0ad CI: Run macOS tests as debug
These are dog-slow at building, and the tests themselves are barely
sped up running as release.

Given that we have ~10 minute build and ~3 minute test time on Github
Actions on macOS, let's see if this speeds it up

(we can also do it for the others, but the most important is the
slowest test because that's what stops the checkmark appearing)
2024-02-02 16:16:08 +01:00
David Adam
9ac5e79e46 CI: use make VERBOSE=1 everywhere
Having visible build commands helps reproducibility.
2024-01-26 07:33:24 +08:00
David Adam
d418cce493 correct workflow name for static PCRE2 2024-01-13 21:23:37 +08:00
Johannes Altmanninger
67de32fe2d Enable pexpect tests in ASAN CI again 2024-01-13 03:07:29 +01:00
Johannes Altmanninger
6ab74c6b09 Human-readable ASAN stack traces CI
Show file names, line numbers and function names in ASAN stack traces
(instead of object file + raw memory address).
2024-01-13 03:07:29 +01:00
Johannes Altmanninger
537e3cb9e1 CI: remove UBSAN_OPTIONS
Rust does not support  UBSan today.
2024-01-13 03:07:29 +01:00
Fabian Boehm
244d882984 Fix ASAN workflow 2024-01-07 15:39:48 +01:00
Fabian Boehm
e62f32c16b CI: Remove --deny=warnings from clippy test
This was pretty annoying on rust release day, because it introduced
new warnings.

Specifically 1.73 introduced a spurious one about PartialOrd and Ord
disagreeing when both were in fact #derive-d.
2023-10-07 19:48:54 +02:00
Fabian Boehm
5e775d1607 Upgrade actions/checkout to v4
Otherwise it's gonna start throwing node warnings soon.

Isn't software great?
2023-09-06 10:13:04 +02:00
Henrik Hørlück Berg
5734630966 Replace ATiltedTree/setup-rust with rust-toolchain
- https://github.com/ATiltedTree/setup-rust has not been committed to since May
  2022, I am uncertain about how widely used it is.
- It appears to have a bug with restoring its internal cache whenever there
  comes a new stable version (immediate guess would be the cache-key does not
  resolve `stable` to a specific version, which somehow breaks rustup, but I have not investigated)
- https://github.com/dtolnay/rust-toolchain is a more sensible take of https://github.com/actions-rs/toolchain,
  where the original repo appears to be unmaintained.
  It is implemented in one file of yaml/bash
  https://github.com/dtolnay/rust-toolchain/blob/master/action.yml, we could
  easily fork it if it becomes unmainted, unlike the other actions which uses
  unnecessary javascript
2023-08-28 23:15:25 +08:00
Henrik Hørlück Berg
824e76ebe4 Make CI use the workspace, so we format/check all 2023-08-19 15:18:38 +02:00
Fabian Boehm
2a16e3513e Issue template: Unset XDG_CONFIG_HOME
Fixes #9898
2023-07-17 18:55:06 +02:00
Fabian Boehm
54fa1ad6ec Revert "Try to move rust CI back to 1.70"
Should *hopefully* be fixed by deleting the cache at https://github.com/fish-shell/fish-shell/actions/caches.

This reverts commit 5c29ff52fb.
2023-07-14 21:36:43 +02:00
Fabian Boehm
5c29ff52fb Try to move rust CI back to 1.70
1.71 seems to have weird issues on Github Actions and that makes the
tests fail for no good reason

(gosh dangit YAML)
2023-07-14 21:11:15 +02:00
Fabian Boehm
055e40467f github actions: Disable pexpect for ASAN for now
This fails basically every commit, just by blowing the time budget.
2023-05-08 19:05:44 +02:00
Mahmoud Al-Qudsi
7b0cc33f2e Add LSAN suppressions file
Suppress TLS variable leaks caused by outstanding background threads by
suppressing the ASAN interposer functions. This is possible because because
we're now using use_tls=1.

-----------------------

Direct leak of 64 byte(s) in 2 object(s) allocated from:
    #0 0x5627a1f0cc86 in __interceptor_realloc (/home/runner/work/fish-shell/fish-shell/build/fish_tests+0xb9fc86) (BuildId: da87d16730727369ad5fa46052d10337d6941fa9)
    #1 0x7f04d8800f79 in pthread_getattr_np (/lib/x86_64-linux-gnu/libc.so.6+0x95f79) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)
    #2 0x5627a1f2f664 in __sanitizer::GetThreadStackTopAndBottom(bool, unsigned long*, unsigned long*) (/home/runner/work/fish-shell/fish-shell/build/fish_tests+0xbc2664) (BuildId: da87d16730727369ad5fa46052d10337d6941fa9)
    #3 0x5627a1f2fb83 in __sanitizer::GetThreadStackAndTls(bool, unsigned long*, unsigned long*, unsigned long*, unsigned long*) (/home/runner/work/fish-shell/fish-shell/build/fish_tests+0xbc2b83) (BuildId: da87d16730727369ad5fa46052d10337d6941fa9)
    #4 0x5627a1f19a0d in __asan::AsanThread::SetThreadStackAndTls(__asan::AsanThread::InitOptions const*) (/home/runner/work/fish-shell/fish-shell/build/fish_tests+0xbaca0d) (BuildId: da87d16730727369ad5fa46052d10337d6941fa9)
    #5 0x5627a1f19615 in __asan::AsanThread::Init(__asan::AsanThread::InitOptions const*) (/home/runner/work/fish-shell/fish-shell/build/fish_tests+0xbac615) (BuildId: da87d16730727369ad5fa46052d10337d6941fa9)
    #6 0x5627a1f19b01 in __asan::AsanThread::ThreadStart(unsigned long long) (/home/runner/work/fish-shell/fish-shell/build/fish_tests+0xbacb01) (BuildId: da87d16730727369ad5fa46052d10337d6941fa9)
    #7 0x7f04d87ffb42  (/lib/x86_64-linux-gnu/libc.so.6+0x94b42) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)
    #8 0x7f04d88919ff  (/lib/x86_64-linux-gnu/libc.so.6+0x1269ff) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)
2023-05-02 11:52:42 -05:00
Mahmoud Al-Qudsi
905430629d Use ASAN_OPTIONS fast_unwind_on_malloc=0
This is much slower but gives proper stack traces for calls emanating from code
that wasn't compiled with -fno-omit-frame-pointer.
2023-05-02 11:52:42 -05:00
Mahmoud Al-Qudsi
c43e040c7c Fix spurious ASAN __cxa_thread_atexit_impl() leaks
Set use_tls back to its default of 1.

This is required to work around an ASAN/LSAN virtualization bug but seems to be
behind the random __cxa_thread_atexit_impl() leaks?
2023-05-02 11:52:41 -05:00
Mahmoud Al-Qudsi
544bd183da Add and use ASAN blacklist
Blacklist an apparently false positive in the underlying runtime.
2023-04-29 11:02:59 -05:00
ridiculousfish
2d6f752f6e Revert "Add link-asan to RUSTFLAGS in CI"
This reverts commit 8bb1bb8ae1.
2023-04-06 14:29:18 -07:00
ridiculousfish
8bb1bb8ae1 Add link-asan to RUSTFLAGS in CI
This fixes our CI for the new crates we're about to add.
2023-03-26 11:07:15 -07:00
Mahmoud Al-Qudsi
1bdb7dffaf Use cargo build -Z build-std for ASAN
This is recommended and increases coverage.
2023-03-08 11:27:15 -06:00
Mahmoud Al-Qudsi
ce5686edc7 Have ASAN CI use debug build
This catches things that might be optimized away by the compiler.
2023-03-07 13:04:28 -06:00
Mahmoud Al-Qudsi
91cf526d23
Enable rust address sanitizer for asan ci job (#9643)
Rust has multiple sanitizers available (with llvm integration).
-Zsanitizer=address catches the most likely culprits but we may want to set up a
separate job w/ -Zsanitizer=memory to catch uninitialized reads.

It might be necessary to execute `cargo build` as `cargo build -Zbuild-std` to
get full coverage.

When we're linking against the hybrid C++ codebase, the sanitizer library is
injected into the binary by also include `-fsanitize=address` in CXXFLAGS - we
do *not* want to manually opt-into `-lasan`. We also need to manually specify
the desired target triple as a CMake variable and then explicitly pass it to all
`cargo` invocations if building with ASAN.

Corrosion has been patched to make sure it follows these rules.

The `cargo-test` target is failing to link under ASAN. For some reason it has
autocxx/ffi dependencies even though only rust-native, ffi-free code should be
tested (and one would think the situation wouldn't change depending on the
presence of the sanitizer flag). It's been disabled under ASAN for now.
2023-03-06 18:15:36 -06:00
Xiretza
dff7db2f16
Run rustfmt and clippy in CI (#9616)
* Add machine-readable MSRV to Cargo.toml
* Fix clippy warnings
* CI: add rustfmt and clippy checks
2023-02-26 13:20:20 -06:00
Fabian Boehm
ad22bf9387 GH Actions: Use our MSRV as the rust-version
Currently we're at 1.67, I don't want to accidentally introduce 1.68
features once that's released
2023-02-20 19:40:47 +01:00
Mahmoud Al-Qudsi
4f6fe0999e Disable TSAN in CI for now
See issues encountered in #9586 due to TSAN not recognizing valid/safe rust
patterns.
2023-02-19 15:42:07 -06:00
ridiculousfish
d843b67d2d Initial Rust commit 2023-02-02 19:34:47 -07:00
LingMan
0af2a7a9b7 Upgrade GitHub action dessant/lock-threads to v4
In v3 several input parameters where renamed and since v4 it requires Node.js 16.

This resolves warnings about Node.js 12 and `set-output` being deprecated and
slated for removal in the `Lock threads` workflow.
2023-02-01 10:40:46 +08:00
Mahmoud Al-Qudsi
31f63b2f87 Upgrade GitHub CI actions/checkout to v3
This addresses the node v12 deprecation warning in the GitHub CI, caused by the
dependency on actions/checkout@v2.

While actions/checkout@v3 introduces some new features and changes some
defaults, the subset of features that we use should not be affected by this
migration.

The "breaking change" from v2 to v3 can be seen at [0]. Since we are tracking
only v2 without a dot release specified, we are already opting into any breakage
across minor versions, so really the only change of note is the node version
upgrade.

[0]: https://github.com/actions/checkout/compare/v2.4.2...v3.0.0
2023-01-31 11:50:57 -06:00
ridiculousfish
5f23da9939 Add a TSAN workaround and re-enable the test
This reverts commit 865602e8d1.
2022-12-19 15:54:23 -08:00
Fabian Boehm
865602e8d1 Github Actions: Disable tsan once more 2022-12-19 19:55:36 +01:00
ridiculousfish
4159b2a33b Disable shebangless script tests in CI with sanitizers
Sanitizers inject a busted posix_spawn interceptor which mishandles
shebangless scripts. Disable this test under sanitizers.
2022-12-02 17:32:52 -08:00
ridiculousfish
c844eea661 Restore lockthreads.yml
This file should be modified through pull requests.

This reverts commit bc71f0937b.
This reverts commit 99cac0b1b9.
This reverts commit 0f0da3c3d8.
2022-11-12 10:09:17 -08:00
Aaron Gyes
bc71f0937b Revert "Set issue lock timeout back"
This reverts commit 99cac0b1b9.
2022-11-12 05:04:14 -08:00
Fabian Boehm
99cac0b1b9 Set issue lock timeout back
It is 1 whole year, for an already closed issue.

Any "engagement" that happens at that point is irrelevant to the
original issue at hand, and a new issue should be opened instead.
Increasing the grace period even further is even less likely to be helpful.
2022-11-12 12:29:22 +01:00
Aaron Gyes
0f0da3c3d8 lockthreads.yml: decrease PR threshold, increase issue threshold
In my experience we rarely see a PR that may have activity after
365 days; issue reports are a very different story.

Goal: engagement
2022-11-12 03:16:48 -08:00
Mahmoud Al-Qudsi
44c9c51841 Disable leak detection in test_autosuggest_suggest_special() under CI
This is a false positive as a result of disabling TLS support in LSAN due to an
incompatibility with newer versions of glibc.

Also remove the older workaround (because it didn't work).
2022-10-24 19:02:49 -05:00
Mahmoud Al-Qudsi
bfa172852f Add a workaround for intermittent LSAN crash under CI
LSAN seems to have an issue with glibc's TLS functionality that causes it to
intermittently crash with SIGSEGV when run virtualized, as it is in our CI.

Relevant GitHub issues:
* https://github.com/google/sanitizers/issues/1342
* https://github.com/google/sanitizers/issues/1409
2022-10-24 18:56:55 -05:00
Mahmoud Al-Qudsi
4f8a7c4779 Drop LSAN CI options that break tests
LSAN with verbosity=1 or log_threads=1 adds output to stderr, breaking
littlecheck tests.
2022-10-24 18:56:55 -05:00
Mahmoud Al-Qudsi
de62091b03 Correctly set ASAN/UBSAN/LSAN options for CI
These are NOT build-time defines but rather run-time environment variables! They
have never had any effect and we have effectively never used them to affect
sanitizer behavior under CI with ASAN/UBSAN/LSAN enabled.

(I caught this because the tests don't pass with either of LSAN_OPTIONS
`verbosity=1` or `log_threads=1` because they inject text into the stderr
output, ensuring they never pass littlecheck.)
2022-10-24 18:56:55 -05:00
Mahmoud Al-Qudsi
63a2fdd773 Re-enable tests under ASAN/LSAN/UBSAN in GitHub CI
With the previous workaround skipping `test_autosuggest_suggest_special()` when
LSAN is enabled, the sanitizer seems to run to completion just fine.
2022-10-24 18:56:55 -05:00
ridiculousfish
6c81eb14d7 CI: ubuntu-32bit-vendored-pcre2 -> ubuntu-32bit-fetched-pcre2
We no longer vendor PCRE2 sources, instead we fetch them from the
official repo.
2022-07-02 19:00:08 -07:00
naveen
1331b65023 chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-06-07 14:34:59 +02:00
Fabian Homborg
648fdc18f8 Remove CodeQL
I don't think we've had a lot of actionable errors or warnings from it, and it takes 30 minutes per push to master.
2022-06-02 16:45:05 +02:00
Fabian Homborg
7dce2c0607 Disable ASAN test
The current Github Actions ubuntu-latest image crashes in the
autosuggest_suggest_special test with ASAN.

We have not been able to reproduce this locally, and this is getting
in the way.

I have no idea how to disable this test on ASAN specifically, all my
attempts have failed. So the only recourse I know is to disable the
ASAN tests on GA entirely.
2022-04-18 10:06:25 +02:00
Fabian Homborg
e3c4cde042 Enable LSAN_OPTIONS
Whyyyyy does this not tell me what's broken by *default*?
2022-04-17 13:57:52 +02:00