mirror of https://github.com/openssl/openssl
Fix ASLR to be smaller during asan/tsan/ubsan runs
Recently asan/tsan/ubsan runs have been failing randomly. It appears that a recent runner update may have led to the Address Space Layout Randomization setting in the linux kernel of ubuntu-latest runner getting set to too high a value (it defaults to 30). Such a setting leads to the possibility that a given application will have memory mapped to an address space that the sanitizer code typically uses to do its job. Lowering this value allows a/t/ubsan to work consistently again Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23842)
This commit is contained in:
parent
f08be09651
commit
37cd49f57f
|
@ -205,6 +205,10 @@ jobs:
|
|||
- uses: actions/checkout@v4
|
||||
- name: checkout fuzz/corpora submodule
|
||||
run: git submodule update --init --depth 1 fuzz/corpora
|
||||
- name: Adjust ASLR for sanitizer
|
||||
run: |
|
||||
sudo cat /proc/sys/vm/mmap_rnd_bits
|
||||
sudo sysctl -w vm.mmap_rnd_bits=28
|
||||
- name: config
|
||||
run: ./config --banner=Configured --debug enable-asan enable-ubsan no-cached-fetch no-fips no-dtls no-tls1 no-tls1-method no-tls1_1 no-tls1_1-method no-async && perl configdata.pm --dump
|
||||
- name: make
|
||||
|
@ -222,6 +226,10 @@ jobs:
|
|||
- uses: actions/checkout@v4
|
||||
- name: checkout fuzz/corpora submodule
|
||||
run: git submodule update --init --depth 1 fuzz/corpora
|
||||
- name: Adjust ASLR for sanitizer
|
||||
run: |
|
||||
sudo cat /proc/sys/vm/mmap_rnd_bits
|
||||
sudo sysctl -w vm.mmap_rnd_bits=28
|
||||
- name: config
|
||||
run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips && perl configdata.pm --dump
|
||||
- name: make
|
||||
|
@ -239,6 +247,10 @@ jobs:
|
|||
- uses: actions/checkout@v4
|
||||
- name: checkout fuzz/corpora submodule
|
||||
run: git submodule update --init --depth 1 fuzz/corpora
|
||||
- name: Adjust ASLR for sanitizer
|
||||
run: |
|
||||
sudo cat /proc/sys/vm/mmap_rnd_bits
|
||||
sudo sysctl -w vm.mmap_rnd_bits=28
|
||||
- name: config
|
||||
run: ./config --banner=Configured --debug -DPEDANTIC -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-weak-ssl-ciphers enable-ssl3 enable-ssl3-method enable-nextprotoneg && perl configdata.pm --dump
|
||||
- name: make
|
||||
|
@ -256,6 +268,10 @@ jobs:
|
|||
- uses: actions/checkout@v4
|
||||
- name: checkout fuzz/corpora submodule
|
||||
run: git submodule update --init --depth 1 fuzz/corpora
|
||||
- name: Adjust ASLR for sanitizer
|
||||
run: |
|
||||
sudo cat /proc/sys/vm/mmap_rnd_bits
|
||||
sudo sysctl -w vm.mmap_rnd_bits=28
|
||||
- name: config
|
||||
# --debug -O1 is to produce a debug build that runs in a reasonable amount of time
|
||||
run: CC=clang ./config --banner=Configured --debug -O1 -fsanitize=memory -DOSSL_SANITIZE_MEMORY -fno-optimize-sibling-calls enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips && perl configdata.pm --dump
|
||||
|
@ -274,6 +290,10 @@ jobs:
|
|||
- uses: actions/checkout@v4
|
||||
- name: checkout fuzz/corpora submodule
|
||||
run: git submodule update --init --depth 1 fuzz/corpora
|
||||
- name: Adjust ASLR for sanitizer
|
||||
run: |
|
||||
sudo cat /proc/sys/vm/mmap_rnd_bits
|
||||
sudo sysctl -w vm.mmap_rnd_bits=28
|
||||
- name: config
|
||||
run: CC=clang ./config --banner=Configured no-fips --strict-warnings -fsanitize=thread && perl configdata.pm --dump
|
||||
- name: make
|
||||
|
|
|
@ -48,6 +48,10 @@ jobs:
|
|||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get -yq --force-yes install ${{ matrix.fuzzy.install }}
|
||||
- name: Adjust ASLR for sanitizer
|
||||
run: |
|
||||
sudo cat /proc/sys/vm/mmap_rnd_bits
|
||||
sudo sysctl -w vm.mmap_rnd_bits=28
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: config
|
||||
|
|
|
@ -269,6 +269,10 @@ jobs:
|
|||
uses: actions/checkout@v4
|
||||
- name: checkout fuzz/corpora submodule
|
||||
run: git submodule update --init --depth 1 fuzz/corpora
|
||||
- name: Adjust ASLR for sanitizer
|
||||
run: |
|
||||
sudo cat /proc/sys/vm/mmap_rnd_bits
|
||||
sudo sysctl -w vm.mmap_rnd_bits=28
|
||||
- name: config
|
||||
run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-comp enable-brotli -DPEDANTIC && perl configdata.pm --dump
|
||||
- name: make
|
||||
|
@ -291,6 +295,10 @@ jobs:
|
|||
uses: actions/checkout@v4
|
||||
- name: checkout fuzz/corpora submodule
|
||||
run: git submodule update --init --depth 1 fuzz/corpora
|
||||
- name: Adjust ASLR for sanitizer
|
||||
run: |
|
||||
sudo cat /proc/sys/vm/mmap_rnd_bits
|
||||
sudo sysctl -w vm.mmap_rnd_bits=28
|
||||
- name: config
|
||||
run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-comp enable-zstd -DPEDANTIC && perl configdata.pm --dump
|
||||
- name: make
|
||||
|
|
|
@ -38,6 +38,10 @@ jobs:
|
|||
]
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Adjust ASLR for sanitizer
|
||||
run: |
|
||||
sudo cat /proc/sys/vm/mmap_rnd_bits
|
||||
sudo sysctl -w vm.mmap_rnd_bits=28
|
||||
- uses: actions/checkout@v4
|
||||
- name: checkout fuzz/corpora submodule
|
||||
run: git submodule update --init --depth 1 fuzz/corpora
|
||||
|
|
Loading…
Reference in New Issue