diff --git a/ci/gha/tests/default.nix b/ci/gha/tests/default.nix index 74d0b8c7e..b89d51c76 100644 --- a/ci/gha/tests/default.nix +++ b/ci/gha/tests/default.nix @@ -24,16 +24,7 @@ let enableSanitizersLayer = finalAttrs: prevAttrs: { mesonFlags = (prevAttrs.mesonFlags or [ ]) - ++ [ - # Run all tests with UBSAN enabled. Running both with ubsan and - # without doesn't seem to have much immediate benefit for doubling - # the GHA CI workaround. - # - # TODO: Work toward enabling "address,undefined" if it seems feasible. - # This would maybe require dropping Boost coroutines and ignoring intentional - # memory leaks with detect_leaks=0. - (lib.mesonOption "b_sanitize" "undefined") - ] + ++ [ (lib.mesonOption "b_sanitize" "address,undefined") ] ++ (lib.optionals stdenv.cc.isClang [ # https://www.github.com/mesonbuild/meson/issues/764 (lib.mesonBool "b_lundef" false) @@ -71,8 +62,12 @@ rec { nixComponentsInstrumented = nixComponents.overrideScope ( final: prev: { nix-store-tests = prev.nix-store-tests.override { withBenchmarks = true; }; + # Boehm is incompatible with ASAN. + nix-expr = prev.nix-expr.override { enableGC = !withSanitizers; }; mesonComponentOverrides = lib.composeManyExtensions componentOverrides; + # Unclear how to make Perl bindings work with a dynamically linked ASAN. + nix-perl-bindings = if withSanitizers then null else prev.nix-perl-bindings; } ); diff --git a/doc/manual/meson.build b/doc/manual/meson.build index 2e372dedd..a5672f0ad 100644 --- a/doc/manual/meson.build +++ b/doc/manual/meson.build @@ -15,6 +15,7 @@ pymod = import('python') python = pymod.find_installation('python3') nix_env_for_docs = { + 'ASAN_OPTIONS' : 'abort_on_error=1:print_summary=1:detect_leaks=0', 'HOME' : '/dummy', 'NIX_CONF_DIR' : '/dummy', 'NIX_SSL_CERT_FILE' : '/dummy/no-ca-bundle.crt', diff --git a/doc/manual/source/command-ref/meson.build b/doc/manual/source/command-ref/meson.build index 92998dec1..06aed261a 100644 --- a/doc/manual/source/command-ref/meson.build +++ b/doc/manual/source/command-ref/meson.build @@ -2,6 +2,7 @@ xp_features_json = custom_target( command : [ nix, '__dump-xp-features' ], capture : true, output : 'xp-features.json', + env : nix_env_for_docs, ) experimental_features_shortlist_md = custom_target( diff --git a/doc/manual/source/development/meson.build b/doc/manual/source/development/meson.build index 4831cf8f0..b3fb11023 100644 --- a/doc/manual/source/development/meson.build +++ b/doc/manual/source/development/meson.build @@ -7,5 +7,6 @@ experimental_feature_descriptions_md = custom_target( xp_features_json, ], capture : true, + env : nix_env_for_docs, output : 'experimental-feature-descriptions.md', ) diff --git a/meson.build b/meson.build index 5dcf98717..736756157 100644 --- a/meson.build +++ b/meson.build @@ -41,8 +41,10 @@ subproject('libexpr-c') subproject('libflake-c') subproject('libmain-c') +asan_enabled = 'address' in get_option('b_sanitize') + # Language Bindings -if get_option('bindings') and not meson.is_cross_build() +if get_option('bindings') and not meson.is_cross_build() and not asan_enabled subproject('perl') endif diff --git a/nix-meson-build-support/asan-options/meson.build b/nix-meson-build-support/asan-options/meson.build new file mode 100644 index 000000000..17880b0ed --- /dev/null +++ b/nix-meson-build-support/asan-options/meson.build @@ -0,0 +1,12 @@ +asan_test_options_env = { + 'ASAN_OPTIONS' : 'abort_on_error=1:print_summary=1:detect_leaks=0', +} + +# Clang gets grumpy about missing libasan symbols if -shared-libasan is not +# passed when building shared libs, at least on Linux +if cxx.get_id() == 'clang' and ('address' in get_option('b_sanitize') or 'undefined' in get_option( + 'b_sanitize', +)) + add_project_link_arguments('-shared-libasan', language : 'cpp') +endif + diff --git a/nix-meson-build-support/common/meson.build b/nix-meson-build-support/common/meson.build index a46715193..bc98abfd5 100644 --- a/nix-meson-build-support/common/meson.build +++ b/nix-meson-build-support/common/meson.build @@ -33,13 +33,5 @@ if cxx.get_id() == 'clang' add_project_arguments('-fpch-instantiate-templates', language : 'cpp') endif -# Clang gets grumpy about missing libasan symbols if -shared-libasan is not -# passed when building shared libs, at least on Linux -if cxx.get_id() == 'clang' and ('address' in get_option('b_sanitize') or 'undefined' in get_option( - 'b_sanitize', -)) - add_project_link_arguments('-shared-libasan', language : 'cpp') -endif - # Darwin ld doesn't like "X.Y.Zpre" nix_soversion = meson.project_version().replace('pre', '') diff --git a/src/libcmd/meson.build b/src/libcmd/meson.build index f553afa0b..3833d7e0a 100644 --- a/src/libcmd/meson.build +++ b/src/libcmd/meson.build @@ -67,6 +67,7 @@ config_priv_h = configure_file( ) subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'built-path.cc', diff --git a/src/libexpr-c/meson.build b/src/libexpr-c/meson.build index c47704ce4..03cee41a0 100644 --- a/src/libexpr-c/meson.build +++ b/src/libexpr-c/meson.build @@ -28,6 +28,7 @@ deps_public_maybe_subproject = [ subdir('nix-meson-build-support/subprojects') subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'nix_api_expr.cc', diff --git a/src/libexpr-test-support/meson.build b/src/libexpr-test-support/meson.build index df28661b7..01a3f3bcb 100644 --- a/src/libexpr-test-support/meson.build +++ b/src/libexpr-test-support/meson.build @@ -31,6 +31,7 @@ rapidcheck = dependency('rapidcheck') deps_public += rapidcheck subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'tests/value/context.cc', diff --git a/src/libexpr-tests/meson.build b/src/libexpr-tests/meson.build index c5dafe0de..7f7c08955 100644 --- a/src/libexpr-tests/meson.build +++ b/src/libexpr-tests/meson.build @@ -45,6 +45,7 @@ config_priv_h = configure_file( ) subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'derived-path.cc', @@ -82,7 +83,7 @@ this_exe = executable( test( meson.project_name(), this_exe, - env : { + env : asan_test_options_env + { '_NIX_TEST_UNIT_DATA' : meson.current_source_dir() / 'data', }, protocol : 'gtest', diff --git a/src/libexpr-tests/package.nix b/src/libexpr-tests/package.nix index 51d52e935..c36aa2dc7 100644 --- a/src/libexpr-tests/package.nix +++ b/src/libexpr-tests/package.nix @@ -62,6 +62,7 @@ mkMesonExecutable (finalAttrs: { mkdir -p "$HOME" '' + '' + export ASAN_OPTIONS=abort_on_error=1:print_summary=1:detect_leaks=0 export _NIX_TEST_UNIT_DATA=${resolvePath ./data} ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} touch $out diff --git a/src/libexpr/meson.build b/src/libexpr/meson.build index 55a36c1bd..32a4d511b 100644 --- a/src/libexpr/meson.build +++ b/src/libexpr/meson.build @@ -53,7 +53,12 @@ deps_other += boost nlohmann_json = dependency('nlohmann_json', version : '>= 3.9') deps_public += nlohmann_json -bdw_gc = dependency('bdw-gc', required : get_option('gc')) +bdw_gc_required = get_option('gc').disable_if( + 'address' in get_option('b_sanitize'), + error_message : 'Building with Boehm GC and ASAN is not supported', +) + +bdw_gc = dependency('bdw-gc', required : bdw_gc_required) if bdw_gc.found() deps_public += bdw_gc foreach funcspec : [ @@ -88,6 +93,7 @@ config_priv_h = configure_file( ) subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') parser_tab = custom_target( input : 'parser.y', diff --git a/src/libfetchers-c/meson.build b/src/libfetchers-c/meson.build index db415d917..3761b0df2 100644 --- a/src/libfetchers-c/meson.build +++ b/src/libfetchers-c/meson.build @@ -32,6 +32,7 @@ add_project_arguments( ) subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'nix_api_fetchers.cc', diff --git a/src/libfetchers-tests/meson.build b/src/libfetchers-tests/meson.build index a18f64d79..858d7f3af 100644 --- a/src/libfetchers-tests/meson.build +++ b/src/libfetchers-tests/meson.build @@ -37,6 +37,7 @@ libgit2 = dependency('libgit2') deps_private += libgit2 subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'access-tokens.cc', @@ -63,7 +64,7 @@ this_exe = executable( test( meson.project_name(), this_exe, - env : { + env : asan_test_options_env + { '_NIX_TEST_UNIT_DATA' : meson.current_source_dir() / 'data', }, protocol : 'gtest', diff --git a/src/libfetchers-tests/package.nix b/src/libfetchers-tests/package.nix index 780618725..8e82430d7 100644 --- a/src/libfetchers-tests/package.nix +++ b/src/libfetchers-tests/package.nix @@ -61,6 +61,7 @@ mkMesonExecutable (finalAttrs: { buildInputs = [ writableTmpDirAsHomeHook ]; } '' + export ASAN_OPTIONS=abort_on_error=1:print_summary=1:detect_leaks=0 export _NIX_TEST_UNIT_DATA=${resolvePath ./data} ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} touch $out diff --git a/src/libfetchers/meson.build b/src/libfetchers/meson.build index 792a0fdbf..070c82b8c 100644 --- a/src/libfetchers/meson.build +++ b/src/libfetchers/meson.build @@ -32,6 +32,7 @@ libgit2 = dependency('libgit2', version : '>= 1.9') deps_private += libgit2 subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'attrs.cc', diff --git a/src/libflake-c/meson.build b/src/libflake-c/meson.build index fddb39bdf..d0d45cfa8 100644 --- a/src/libflake-c/meson.build +++ b/src/libflake-c/meson.build @@ -32,6 +32,7 @@ deps_public_maybe_subproject = [ subdir('nix-meson-build-support/subprojects') subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'nix_api_flake.cc', diff --git a/src/libflake-tests/meson.build b/src/libflake-tests/meson.build index 59094abe8..41ae6cf3d 100644 --- a/src/libflake-tests/meson.build +++ b/src/libflake-tests/meson.build @@ -34,6 +34,7 @@ gtest = dependency('gtest', main : true) deps_private += gtest subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'flakeref.cc', @@ -58,7 +59,7 @@ this_exe = executable( test( meson.project_name(), this_exe, - env : { + env : asan_test_options_env + { '_NIX_TEST_UNIT_DATA' : meson.current_source_dir() / 'data', 'NIX_CONFIG' : 'extra-experimental-features = flakes', 'HOME' : meson.current_build_dir() / 'test-home', diff --git a/src/libflake-tests/package.nix b/src/libflake-tests/package.nix index 397ef4192..09812a57b 100644 --- a/src/libflake-tests/package.nix +++ b/src/libflake-tests/package.nix @@ -59,6 +59,7 @@ mkMesonExecutable (finalAttrs: { buildInputs = [ writableTmpDirAsHomeHook ]; } ('' + export ASAN_OPTIONS=abort_on_error=1:print_summary=1:detect_leaks=0 export _NIX_TEST_UNIT_DATA=${resolvePath ./data} export NIX_CONFIG="extra-experimental-features = flakes" ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} diff --git a/src/libflake/meson.build b/src/libflake/meson.build index 58916ecd9..3bd04fcf4 100644 --- a/src/libflake/meson.build +++ b/src/libflake/meson.build @@ -29,6 +29,7 @@ nlohmann_json = dependency('nlohmann_json', version : '>= 3.9') deps_public += nlohmann_json subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') subdir('nix-meson-build-support/generate-header') diff --git a/src/libmain-c/meson.build b/src/libmain-c/meson.build index 36332fdb7..2ac2b799b 100644 --- a/src/libmain-c/meson.build +++ b/src/libmain-c/meson.build @@ -28,6 +28,7 @@ deps_public_maybe_subproject = [ subdir('nix-meson-build-support/subprojects') subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'nix_api_main.cc', diff --git a/src/libmain/meson.build b/src/libmain/meson.build index 2ac59924e..21bfbea3e 100644 --- a/src/libmain/meson.build +++ b/src/libmain/meson.build @@ -53,6 +53,7 @@ config_priv_h = configure_file( ) subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'common-args.cc', diff --git a/src/libstore-c/meson.build b/src/libstore-c/meson.build index c6b6174c7..a92771efc 100644 --- a/src/libstore-c/meson.build +++ b/src/libstore-c/meson.build @@ -26,6 +26,7 @@ deps_public_maybe_subproject = [ subdir('nix-meson-build-support/subprojects') subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'nix_api_store.cc', diff --git a/src/libstore-test-support/meson.build b/src/libstore-test-support/meson.build index 8617225d7..e929ae2b4 100644 --- a/src/libstore-test-support/meson.build +++ b/src/libstore-test-support/meson.build @@ -29,6 +29,7 @@ rapidcheck = dependency('rapidcheck') deps_public += rapidcheck subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'derived-path.cc', diff --git a/src/libstore-tests/meson.build b/src/libstore-tests/meson.build index c494e6a35..e3984d62f 100644 --- a/src/libstore-tests/meson.build +++ b/src/libstore-tests/meson.build @@ -52,6 +52,7 @@ gtest = dependency('gmock') deps_private += gtest subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'common-protocol.cc', @@ -102,7 +103,7 @@ this_exe = executable( test( meson.project_name(), this_exe, - env : { + env : asan_test_options_env + { '_NIX_TEST_UNIT_DATA' : meson.current_source_dir() / 'data', 'HOME' : meson.current_build_dir() / 'test-home', 'NIX_REMOTE' : meson.current_build_dir() / 'test-home' / 'store', @@ -136,7 +137,7 @@ if get_option('benchmarks') benchmark( 'nix-store-benchmarks', benchmark_exe, - env : { + env : asan_test_options_env + { '_NIX_TEST_UNIT_DATA' : meson.current_source_dir() / 'data', }, ) diff --git a/src/libstore-tests/package.nix b/src/libstore-tests/package.nix index 90e6af519..d5255f4f9 100644 --- a/src/libstore-tests/package.nix +++ b/src/libstore-tests/package.nix @@ -83,6 +83,7 @@ mkMesonExecutable (finalAttrs: { } ( '' + export ASAN_OPTIONS=abort_on_error=1:print_summary=1:detect_leaks=0 export _NIX_TEST_UNIT_DATA=${data + "/src/libstore-tests/data"} export NIX_REMOTE=$HOME/store ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} diff --git a/src/libstore/meson.build b/src/libstore/meson.build index 556616181..e3004ebf5 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -265,6 +265,7 @@ config_priv_h = configure_file( ) subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'binary-cache-store.cc', diff --git a/src/libutil-c/meson.build b/src/libutil-c/meson.build index 1806dbb6f..54fd53c74 100644 --- a/src/libutil-c/meson.build +++ b/src/libutil-c/meson.build @@ -32,6 +32,7 @@ config_priv_h = configure_file( ) subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'nix_api_util.cc', diff --git a/src/libutil-test-support/meson.build b/src/libutil-test-support/meson.build index 64231107e..1ca251ce8 100644 --- a/src/libutil-test-support/meson.build +++ b/src/libutil-test-support/meson.build @@ -27,6 +27,7 @@ rapidcheck = dependency('rapidcheck') deps_public += rapidcheck subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'hash.cc', diff --git a/src/libutil-tests/meson.build b/src/libutil-tests/meson.build index ff71d2215..2d28c8bb1 100644 --- a/src/libutil-tests/meson.build +++ b/src/libutil-tests/meson.build @@ -42,6 +42,7 @@ config_priv_h = configure_file( ) subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = files( 'args.cc', @@ -96,7 +97,7 @@ this_exe = executable( test( meson.project_name(), this_exe, - env : { + env : asan_test_options_env + { '_NIX_TEST_UNIT_DATA' : meson.current_source_dir() / 'data', }, protocol : 'gtest', diff --git a/src/libutil-tests/package.nix b/src/libutil-tests/package.nix index c06de6894..077d36a4d 100644 --- a/src/libutil-tests/package.nix +++ b/src/libutil-tests/package.nix @@ -61,6 +61,7 @@ mkMesonExecutable (finalAttrs: { mkdir -p "$HOME" '' + '' + export ASAN_OPTIONS=abort_on_error=1:print_summary=1:detect_leaks=0 export _NIX_TEST_UNIT_DATA=${./data} ${stdenv.hostPlatform.emulator buildPackages} ${lib.getExe finalAttrs.finalPackage} touch $out diff --git a/src/libutil/meson.build b/src/libutil/meson.build index f4b8dbb61..8c9e1f1eb 100644 --- a/src/libutil/meson.build +++ b/src/libutil/meson.build @@ -118,6 +118,7 @@ config_priv_h = configure_file( ) subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') sources = [ config_priv_h ] + files( 'archive.cc', diff --git a/src/nix/asan-options.cc b/src/nix/asan-options.cc new file mode 100644 index 000000000..256f34cbe --- /dev/null +++ b/src/nix/asan-options.cc @@ -0,0 +1,6 @@ +extern "C" [[gnu::retain]] const char * __asan_default_options() +{ + // We leak a bunch of memory knowingly on purpose. It's not worthwhile to + // diagnose that memory being leaked for now. + return "abort_on_error=1:print_summary=1:detect_leaks=0"; +} diff --git a/src/nix/meson.build b/src/nix/meson.build index e989e8016..f67a2948f 100644 --- a/src/nix/meson.build +++ b/src/nix/meson.build @@ -56,11 +56,13 @@ config_priv_h = configure_file( ) subdir('nix-meson-build-support/common') +subdir('nix-meson-build-support/asan-options') subdir('nix-meson-build-support/generate-header') nix_sources = [ config_priv_h ] + files( 'add-to-store.cc', 'app.cc', + 'asan-options.cc', 'build.cc', 'bundle.cc', 'cat.cc', diff --git a/tests/functional/meson.build b/tests/functional/meson.build index 54e13b26d..368f60452 100644 --- a/tests/functional/meson.build +++ b/tests/functional/meson.build @@ -239,6 +239,12 @@ foreach suite : suites # Turns, e.g., `tests/functional/flakes/show.sh` into a Meson test target called # `functional-flakes-show`. name = fs.replace_suffix(script, '') + asan_options = 'abort_on_error=1:print_summary=1:detect_leaks=0' + # Otherwise ASAN dumps warnings into stderr that make some tests fail on stderr output + # comparisons. + asan_options += ':log_path=@0@'.format( + meson.current_build_dir() / 'asan-log', + ) test( name, @@ -253,6 +259,7 @@ foreach suite : suites ], suite : suite_name, env : { + 'ASAN_OPTIONS' : asan_options, '_NIX_TEST_SOURCE_DIR' : meson.current_source_dir(), '_NIX_TEST_BUILD_DIR' : meson.current_build_dir(), 'TEST_NAME' : suite_name / name, diff --git a/tests/functional/test-libstoreconsumer/main.cc b/tests/functional/test-libstoreconsumer/main.cc index a372886ea..d8db67a4d 100644 --- a/tests/functional/test-libstoreconsumer/main.cc +++ b/tests/functional/test-libstoreconsumer/main.cc @@ -5,6 +5,13 @@ using namespace nix; +extern "C" [[gnu::retain]] const char * __asan_default_options() +{ + // We leak a bunch of memory knowingly on purpose. It's not worthwhile to + // diagnose that memory being leaked for now. + return "abort_on_error=1:print_summary=1:detect_leaks=0"; +} + int main(int argc, char ** argv) { try { diff --git a/tests/functional/test-libstoreconsumer/meson.build b/tests/functional/test-libstoreconsumer/meson.build index e5a1cc182..7f619d01b 100644 --- a/tests/functional/test-libstoreconsumer/meson.build +++ b/tests/functional/test-libstoreconsumer/meson.build @@ -1,3 +1,7 @@ +cxx = meson.get_compiler('cpp') + +subdir('nix-meson-build-support/asan-options') + libstoreconsumer_tester = executable( 'test-libstoreconsumer', 'main.cc', diff --git a/tests/functional/test-libstoreconsumer/nix-meson-build-support b/tests/functional/test-libstoreconsumer/nix-meson-build-support new file mode 120000 index 000000000..ac8a39762 --- /dev/null +++ b/tests/functional/test-libstoreconsumer/nix-meson-build-support @@ -0,0 +1 @@ +../../../nix-meson-build-support \ No newline at end of file