diff --git a/.travis.yml b/.travis.yml index 39ed6132cc..b5713d6933 100644 --- a/.travis.yml +++ b/.travis.yml @@ -33,12 +33,8 @@ env: ## We don't list default variable values, because we set the defaults ## in global (or the default is unset) - - ## We turn off hardening for Rust builds, because they are incompatible, - ## and it's going to take a while for them to be fixed. See: - ## https:/trac.torproject.org/projects/tor/ticket/25386 - ## https:/trac.torproject.org/projects/tor/ticket/26398 ## TOR_RUST_DEPENDENCIES is spelt RUST_DEPENDENCIES in 0.3.2 - - RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true HARDENING_OPTIONS="" + - RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true matrix: ## include creates builds with gcc, linux, sudo: false @@ -54,10 +50,9 @@ matrix: # We clone our stem repo and run `make test-stem` - env: TEST_STEM="yes" ## Check rust online with distcheck, to make sure we remove rust products - ## But without hardening (see above) - - env: DISTCHECK="yes" RUST_OPTIONS="--enable-rust --enable-cargo-online-mode" HARDENING_OPTIONS="" + - env: DISTCHECK="yes" RUST_OPTIONS="--enable-rust --enable-cargo-online-mode" ## Check disable module dirauth with and without rust - - env: MODULES_OPTIONS="--disable-module-dirauth" RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true HARDENING_OPTIONS="" + - env: MODULES_OPTIONS="--disable-module-dirauth" RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true - env: MODULES_OPTIONS="--disable-module-dirauth" ## Check NSS - env: NSS_OPTIONS="--enable-nss" @@ -181,8 +176,8 @@ install: - if [[ "$ASCIIDOC_OPTIONS" == "" ]] && [[ "$TRAVIS_OS_NAME" == "osx" ]]; then export XML_CATALOG_FILES="/usr/local/etc/xml/catalog"; fi ## If we're using Rust, download rustup - if [[ "$RUST_OPTIONS" != "" ]]; then curl -Ssf -o rustup.sh https://sh.rustup.rs; fi - ## Install the stable channels of rustc and cargo and setup our toolchain environment - - if [[ "$RUST_OPTIONS" != "" ]]; then sh rustup.sh -y --default-toolchain stable; fi + ## Install the nightly channels of rustc and cargo and setup our toolchain environment + - if [[ "$RUST_OPTIONS" != "" ]]; then sh rustup.sh -y --default-toolchain nightly; fi - if [[ "$RUST_OPTIONS" != "" ]]; then source $HOME/.cargo/env; fi ## If we're testing rust builds in offline-mode, then set up our vendored dependencies - if [[ "$TOR_RUST_DEPENDENCIES" == "true" ]]; then export TOR_RUST_DEPENDENCIES=$PWD/src/ext/rust/crates; fi diff --git a/changes/rust_asan b/changes/rust_asan new file mode 100644 index 0000000000..1ca7ae6888 --- /dev/null +++ b/changes/rust_asan @@ -0,0 +1,8 @@ + o Major bugfixes (compilation, rust): + - Rust tests can now build and run successfully with the + --enable-fragile-hardening option enabled. + Doing this currently requires the rust beta channel; it will + be possible with stable rust as of rust version 1.31 is out. + Patch from Alex Crichton. + Fixes bugs 27272, 27273, and 27274. + Bugfix on 0.3.1.1-alpha. diff --git a/configure.ac b/configure.ac index 292244f56f..a7405ec41d 100644 --- a/configure.ac +++ b/configure.ac @@ -1210,17 +1210,17 @@ dnl variable. RUST_LINKER_OPTIONS="" if test "x$have_clang" = "xyes"; then if test "x$CFLAGS_ASAN" != "x"; then - RUST_LINKER_OPTIONS="$RUST_LINKER_OPTIONS $CFLAGS_ASAN" + RUST_LINKER_OPTIONS="$RUST_LINKER_OPTIONS -Clink-arg=$CFLAGS_ASAN -Cdefault-linker-libraries" fi if test "x$CFLAGS_UBSAN" != "x"; then - RUST_LINKER_OPTIONS="$RUST_LINKER_OPTIONS $CFLAGS_UBSAN" + RUST_LINKER_OPTIONS="$RUST_LINKER_OPTIONS -Clink-arg=$CFLAGS_UBSAN -Cdefault-linker-libraries" fi else if test "x$CFLAGS_ASAN" != "x"; then - RUST_LINKER_OPTIONS="$RUST_LINKER_OPTIONS -lasan" + RUST_LINKER_OPTIONS="$RUST_LINKER_OPTIONS -Clink-arg=-fsanitize=address -Cdefault-linker-libraries" fi if test "x$CFLAGS_UBSAN" != "x"; then - RUST_LINKER_OPTIONS="$RUST_LINKER_OPTIONS -lubsan" + RUST_LINKER_OPTIONS="$RUST_LINKER_OPTIONS -Clink-arg=-fsanitize=undefined -Cdefault-linker-libraries" fi fi AC_SUBST(RUST_LINKER_OPTIONS) @@ -2416,7 +2416,6 @@ AC_CONFIG_FILES([ Doxyfile Makefile config.rust - link_rust.sh contrib/dist/suse/tor.sh contrib/operator-tools/tor.logrotate contrib/dist/tor.sh diff --git a/link_rust.sh.in b/link_rust.sh.in deleted file mode 100644 index 59f4142baa..0000000000 --- a/link_rust.sh.in +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh -# -# A linker script used when building Rust tests. Autoconf makes link_rust.sh -# from link_rust_sh.in, and uses it to pass extra options to the linker -# when linking Rust stuff. -# -# We'd like to remove the need for this, but build.rs doesn't let us pass -# -static-libasan and -static-libubsan to the linker. - -$CCLD @RUST_LINKER_OPTIONS@ "$@" diff --git a/src/rust/Cargo.lock b/src/rust/Cargo.lock index 1d2a7359aa..7d6a6635c5 100644 --- a/src/rust/Cargo.lock +++ b/src/rust/Cargo.lock @@ -26,6 +26,7 @@ version = "0.0.1" dependencies = [ "libc 0.2.39 (registry+https://github.com/rust-lang/crates.io-index)", "smartlist 0.0.1", + "tor_allocate 0.0.1", ] [[package]] diff --git a/src/rust/Cargo.toml b/src/rust/Cargo.toml index e399dbb33a..83f9629660 100644 --- a/src/rust/Cargo.toml +++ b/src/rust/Cargo.toml @@ -13,19 +13,3 @@ members = [ [profile.release] debug = true panic = "abort" - -[features] -default = [] -# If this feature is enabled, test code which calls Tor C code from Rust will -# execute with `cargo test`. Due to numerous linker issues (#25386), this is -# currently disabled by default. Crates listed here are those which, in their -# unittests, doctests, and/or integration tests, call C code. -test-c-from-rust = [ - "crypto/test-c-from-rust", -] - -# We have to define a feature here because doctests don't get cfg(test), -# and we need to disable some C dependencies when running the doctests -# because of the various linker issues. See -# https://github.com/rust-lang/rust/issues/45599 -test_linking_hack = [] diff --git a/src/rust/crypto/Cargo.toml b/src/rust/crypto/Cargo.toml index 6ebfe0dc11..a7ff7f78d9 100644 --- a/src/rust/crypto/Cargo.toml +++ b/src/rust/crypto/Cargo.toml @@ -9,7 +9,6 @@ build = "../build.rs" [lib] name = "crypto" path = "lib.rs" -crate_type = ["rlib", "staticlib"] [dependencies] libc = "=0.2.39" diff --git a/src/rust/external/Cargo.toml b/src/rust/external/Cargo.toml index 4735144ee6..5f443645bb 100644 --- a/src/rust/external/Cargo.toml +++ b/src/rust/external/Cargo.toml @@ -5,14 +5,12 @@ name = "external" [dependencies] libc = "=0.2.39" - -[dependencies.smartlist] -path = "../smartlist" +smartlist = { path = "../smartlist" } +tor_allocate = { path = "../tor_allocate" } [lib] name = "external" path = "lib.rs" -crate_type = ["rlib", "staticlib"] [features] # We have to define a feature here because doctests don't get cfg(test), diff --git a/src/rust/external/lib.rs b/src/rust/external/lib.rs index b72a4f6e4c..d68036fcad 100644 --- a/src/rust/external/lib.rs +++ b/src/rust/external/lib.rs @@ -8,7 +8,7 @@ //! module implementing this functionality repeatedly. extern crate libc; - +extern crate tor_allocate; extern crate smartlist; pub mod crypto_digest; diff --git a/src/rust/protover/Cargo.toml b/src/rust/protover/Cargo.toml index 2f7783e76c..84a7c71c1a 100644 --- a/src/rust/protover/Cargo.toml +++ b/src/rust/protover/Cargo.toml @@ -31,4 +31,3 @@ path = "../tor_log" [lib] name = "protover" path = "lib.rs" -crate_type = ["rlib", "staticlib"] diff --git a/src/rust/smartlist/Cargo.toml b/src/rust/smartlist/Cargo.toml index 4ecdf50869..a5afe7bf74 100644 --- a/src/rust/smartlist/Cargo.toml +++ b/src/rust/smartlist/Cargo.toml @@ -9,7 +9,6 @@ libc = "0.2.39" [lib] name = "smartlist" path = "lib.rs" -crate_type = ["rlib", "staticlib"] [features] # We have to define a feature here because doctests don't get cfg(test), diff --git a/src/rust/smartlist/lib.rs b/src/rust/smartlist/lib.rs index 2716842af2..34d0b907ed 100644 --- a/src/rust/smartlist/lib.rs +++ b/src/rust/smartlist/lib.rs @@ -6,3 +6,12 @@ extern crate libc; mod smartlist; pub use smartlist::*; + +// When testing we may be compiled with sanitizers which are incompatible with +// Rust's default allocator, jemalloc (unsure why at this time). Most crates +// link to `tor_allocate` which switches by default to a non-jemalloc allocator, +// but we don't already depend on `tor_allocate` so make sure that while testing +// we don't use jemalloc. (but rather malloc/free) +#[global_allocator] +#[cfg(test)] +static A: std::alloc::System = std::alloc::System; diff --git a/src/rust/tor_allocate/Cargo.toml b/src/rust/tor_allocate/Cargo.toml index 7bb3b9887f..06ac605f17 100644 --- a/src/rust/tor_allocate/Cargo.toml +++ b/src/rust/tor_allocate/Cargo.toml @@ -9,7 +9,6 @@ libc = "=0.2.39" [lib] name = "tor_allocate" path = "lib.rs" -crate_type = ["rlib", "staticlib"] [features] # We have to define a feature here because doctests don't get cfg(test), diff --git a/src/rust/tor_allocate/lib.rs b/src/rust/tor_allocate/lib.rs index 5a355bc8d6..1cfa0b5178 100644 --- a/src/rust/tor_allocate/lib.rs +++ b/src/rust/tor_allocate/lib.rs @@ -11,5 +11,10 @@ extern crate libc; +use std::alloc::System; + mod tor_allocate; pub use tor_allocate::*; + +#[global_allocator] +static A: System = System; diff --git a/src/rust/tor_log/Cargo.toml b/src/rust/tor_log/Cargo.toml index 1aa9be0612..14d9ae803a 100644 --- a/src/rust/tor_log/Cargo.toml +++ b/src/rust/tor_log/Cargo.toml @@ -6,7 +6,6 @@ authors = ["The Tor Project"] [lib] name = "tor_log" path = "lib.rs" -crate_type = ["rlib", "staticlib"] [features] # We have to define a feature here because doctests don't get cfg(test), diff --git a/src/rust/tor_rust/Cargo.toml b/src/rust/tor_rust/Cargo.toml index 1523ee0dd1..35c629882e 100644 --- a/src/rust/tor_rust/Cargo.toml +++ b/src/rust/tor_rust/Cargo.toml @@ -6,7 +6,7 @@ version = "0.1.0" [lib] name = "tor_rust" path = "lib.rs" -crate_type = ["rlib", "staticlib"] +crate_type = ["staticlib"] [dependencies.tor_util] path = "../tor_util" diff --git a/src/rust/tor_util/Cargo.toml b/src/rust/tor_util/Cargo.toml index 51e4bd9c5d..9ffaeda8a6 100644 --- a/src/rust/tor_util/Cargo.toml +++ b/src/rust/tor_util/Cargo.toml @@ -6,7 +6,6 @@ version = "0.0.1" [lib] name = "tor_util" path = "lib.rs" -crate_type = ["rlib", "staticlib"] [dependencies.tor_allocate] path = "../tor_allocate" diff --git a/src/test/include.am b/src/test/include.am index dd2986c67c..e5eae56e25 100644 --- a/src/test/include.am +++ b/src/test/include.am @@ -12,8 +12,7 @@ TESTS_ENVIRONMENT = \ export EXTRA_CARGO_OPTIONS="$(EXTRA_CARGO_OPTIONS)"; \ export CARGO_ONLINE="$(CARGO_ONLINE)"; \ export CCLD="$(CCLD)"; \ - chmod +x "$(abs_top_builddir)/link_rust.sh"; \ - export RUSTFLAGS="-C linker=$(abs_top_builddir)/link_rust.sh"; + export RUSTFLAGS="-C linker=`echo '$(CC)' | cut -d' ' -f 1` $(RUST_LINKER_OPTIONS)"; TESTSCRIPTS = \ src/test/fuzz_static_testcases.sh \ diff --git a/src/test/test_rust.sh b/src/test/test_rust.sh index a1a56af480..00b3e88d37 100755 --- a/src/test/test_rust.sh +++ b/src/test/test_rust.sh @@ -5,12 +5,20 @@ set -e export LSAN_OPTIONS=suppressions=${abs_top_srcdir:-../../..}/src/test/rust_supp.txt +# When testing Cargo we pass a number of very specific linker flags down +# through Cargo. We do not, however, want these flags to affect things like +# build scripts, only the tests that we're compiling. To ensure this happens +# we unconditionally pass `--target` into Cargo, ensuring that `RUSTFLAGS` in +# the environment won't make their way into build scripts. +rustc_host=$(rustc -vV | grep host | sed 's/host: //') + for cargo_toml_dir in "${abs_top_srcdir:-../../..}"/src/rust/*; do if [ -e "${cargo_toml_dir}/Cargo.toml" ]; then cd "${abs_top_builddir:-../../..}/src/rust" && \ CARGO_TARGET_DIR="${abs_top_builddir:-../../..}/src/rust/target" \ "${CARGO:-cargo}" test ${CARGO_ONLINE-"--frozen"} \ - --features "test_linking_hack" \ + --features "test_linking_hack" \ + --target $rustc_host \ ${EXTRA_CARGO_OPTIONS} \ --manifest-path "${cargo_toml_dir}/Cargo.toml" || exitcode=1 fi