From: Daniele Buono <dbuono@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Daniele Buono <dbuono@linux.vnet.ibm.com>
Subject: [PATCH 0/2] gitlab-ci.yml: Add jobs to test CFI
Date: Mon, 22 Feb 2021 18:01:03 -0500 [thread overview]
Message-ID: <20210222230106.7030-1-dbuono@linux.vnet.ibm.com> (raw)
For a few months now QEMU has had options to enable compiler-based
control-flow integrity if built with clang.
While this feature has a low maintenance, It's probably still better to
add tests to the CI environment to check that an update doesn't break it.
As an added benefit, this also inherently tests LTO. The patch allow
gitlab testing of:
* --enable-cfi: forward-edge cfi (function pointers)
* --enable-safe-stack: backward-edge cfi (return pointers)
My original intention was to create a single chain of
build -> check -> acceptance, with all the targets compiled by default.
Unfortunately, the resulting artifact is too big and won't be uploaded.
So I split the test in two chains, that should cover all non-deprecated
targets as of today.
I also had to add a small patch to allow a custom selection for make
parallelism. This is because the gitlab runner nodes only have ~3.5GB of
ram, and with the default parallelism (2), in some cases two ld
instances will start working on two binaries and exaust the memory.
By only forcing one make job at a time, this is avoided.
Test runs of the full pipeline are here (cfi-ci branch):
https://gitlab.com/dbuono/qemu/-/pipelines/259931154
Daniele Buono (2):
gitlab-ci.yml: Allow custom make parallelism
gitlab-ci.yml: Add jobs to test CFI flags
.gitlab-ci.yml | 94 +++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 93 insertions(+), 1 deletion(-)
--
2.30.0
next reply other threads:[~2021-02-22 23:04 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-22 23:01 Daniele Buono [this message]
2021-02-22 23:01 ` [PATCH 1/2] gitlab-ci.yml: Allow custom make parallelism Daniele Buono
2021-02-23 8:12 ` Paolo Bonzini
2021-02-23 19:34 ` Daniele Buono
2021-02-24 7:44 ` Paolo Bonzini
2021-02-24 18:02 ` Daniele Buono
2021-02-23 15:03 ` Wainer dos Santos Moschetta
2021-02-22 23:01 ` [PATCH 2/2] gitlab-ci.yml: Add jobs to test CFI flags Daniele Buono
2021-02-23 8:11 ` Paolo Bonzini
2021-02-24 17:55 ` Daniele Buono
2021-02-24 18:28 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210222230106.7030-1-dbuono@linux.vnet.ibm.com \
--to=dbuono@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).