From 76d315000a9f20559e5e48f183a3ff4e6cd10f65 Mon Sep 17 00:00:00 2001 From: Nick Banks Date: Mon, 8 Jul 2024 23:01:16 +0100 Subject: [PATCH] Test on Ubuntu 24.04 GitHub Images (#4306) * Test on Ubuntu 24.04 GitHub Images * Dockerfile * more ubuntu24.04 on yml files * remove Dockerfile * update reuse image * Remove misc-include-cleaner build warnings * More codecheck ignores * Missed one * Fix potential buffer overflow * rollback fix and ignore the error * Windows to avoid touching GCC pragma * the warning should be from gcc13 * static_assert expects its string to be normal * Revert "static_assert expects its string to be normal" This reverts commit 73ac2579d18c5142fcbcdf74f6eb76e4683fba61. * add supress option for clang * clang version * fix openssl check issue * fix yaml * exclude android * remove Sanitize for xdp * support azure pipeline --------- Co-authored-by: ami-GS <1991.daiki@gmail.com> --- .azure/OneBranch.Official.yml | 17 +++++++++++++++++ .azure/OneBranch.PullRequest.yml | 17 +++++++++++++++++ .azure/obtemplates/build-linux.yml | 25 +++++++++++++++++-------- .github/workflows/build-reuse-unix.yml | 1 + .github/workflows/build.yml | 12 ++++++++++-- .github/workflows/dotnet-test.yml | 2 ++ .github/workflows/package-linux.yml | 4 ++++ .github/workflows/stress.yml | 10 ++++++++-- .github/workflows/test.yml | 4 ++++ CMakeLists.txt | 15 +++++++++++++++ docs/BUILD.md | 2 +- scripts/prepare-machine.ps1 | 17 +++++++++++------ src/inc/msquichelper.h | 9 +++++++++ 13 files changed, 116 insertions(+), 19 deletions(-) diff --git a/.azure/OneBranch.Official.yml b/.azure/OneBranch.Official.yml index c2d0feb745..76955b5777 100644 --- a/.azure/OneBranch.Official.yml +++ b/.azure/OneBranch.Official.yml @@ -84,6 +84,9 @@ extends: - container: ubuntu_2204_cross image: 'ghcr.io/microsoft/msquic/linux-build-xcomp:ubuntu-22.04-cross' type: Linux + - container: ubuntu_2404_cross + image: 'ghcr.io/microsoft/msquic/linux-build-xcomp:ubuntu-24.04-cross' + type: Linux stages: - stage: build_winkernel @@ -179,11 +182,25 @@ extends: - template: .azure/obtemplates/build-linux.yml@self parameters: config: Release + os: ubuntu-22.04 + tls: openssl3 + xdp: "-UseXdp" + - template: .azure/obtemplates/build-linux.yml@self + parameters: + config: Debug + os: ubuntu-22.04 + tls: openssl3 + xdp: "-UseXdp" + - template: .azure/obtemplates/build-linux.yml@self + parameters: + config: Release + os: ubuntu-24.04 tls: openssl3 xdp: "-UseXdp" - template: .azure/obtemplates/build-linux.yml@self parameters: config: Debug + os: ubuntu-24.04 tls: openssl3 xdp: "-UseXdp" diff --git a/.azure/OneBranch.PullRequest.yml b/.azure/OneBranch.PullRequest.yml index d5ec8bcb6f..3b1088009d 100644 --- a/.azure/OneBranch.PullRequest.yml +++ b/.azure/OneBranch.PullRequest.yml @@ -80,6 +80,9 @@ extends: - container: ubuntu_2204_cross image: 'ghcr.io/microsoft/msquic/linux-build-xcomp:ubuntu-22.04-cross' type: Linux + - container: ubuntu_2404_cross + image: 'ghcr.io/microsoft/msquic/linux-build-xcomp:ubuntu-24.04-cross' + type: Linux stages: - stage: build_winkernel @@ -175,11 +178,25 @@ extends: - template: .azure/obtemplates/build-linux.yml@self parameters: config: Release + os: ubuntu-22.04 + tls: openssl3 + xdp: "-UseXdp" + - template: .azure/obtemplates/build-linux.yml@self + parameters: + config: Debug + os: ubuntu-22.04 + tls: openssl3 + xdp: "-UseXdp" + - template: .azure/obtemplates/build-linux.yml@self + parameters: + config: Release + os: ubuntu-24.04 tls: openssl3 xdp: "-UseXdp" - template: .azure/obtemplates/build-linux.yml@self parameters: config: Debug + os: ubuntu-24.04 tls: openssl3 xdp: "-UseXdp" diff --git a/.azure/obtemplates/build-linux.yml b/.azure/obtemplates/build-linux.yml index 8d9b84122d..3fcb7a789d 100644 --- a/.azure/obtemplates/build-linux.yml +++ b/.azure/obtemplates/build-linux.yml @@ -2,6 +2,7 @@ parameters: config: '' tls: 'openssl' platform: 'linux' + os: 'ubuntu-20.04' xdp: '' jobs: @@ -16,40 +17,48 @@ jobs: steps: - task: PowerShell@2 displayName: Prepare Build Machine - ${{ if eq(parameters.tls, 'openssl') }}: + ${{ if eq(parameters.os, 'ubuntu-20.04') }}: target: linux_build_container - ${{ else }}: + ${{ elseif eq(parameters.os, 'ubuntu-22.04') }}: target: ubuntu_2204_xdp + ${{ else }}: + target: ubuntu_2404_cross inputs: pwsh: true filePath: scripts/prepare-machine.ps1 arguments: -Tls ${{ parameters.tls }} -ForContainerBuild - task: PowerShell@2 displayName: x64 - ${{ if eq(parameters.tls, 'openssl') }}: + ${{ if eq(parameters.os, 'ubuntu-20.04') }}: target: linux_build_container - ${{ else }}: + ${{ elseif eq(parameters.os, 'ubuntu-22.04') }}: target: ubuntu_2204_xdp + ${{ else }}: + target: ubuntu_2404_cross inputs: pwsh: true filePath: scripts/build.ps1 arguments: -Tls ${{ parameters.tls }} -Config ${{ parameters.config }} -Platform ${{ parameters.platform }} ${{ parameters.xdp }} -Arch x64 -CI -UseSystemOpenSSLCrypto -OneBranch -OfficialRelease - task: PowerShell@2 displayName: arm64 - ${{ if eq(parameters.tls, 'openssl') }}: + ${{ if eq(parameters.os, 'ubuntu-20.04') }}: target: linux_build_container - ${{ else }}: + ${{ elseif eq(parameters.os, 'ubuntu-22.04') }}: target: ubuntu_2204_cross + ${{ else }}: + target: ubuntu_2404_cross inputs: pwsh: true filePath: scripts/build.ps1 arguments: -Tls ${{ parameters.tls }} -Config ${{ parameters.config }} -Platform ${{ parameters.platform }} -Arch arm64 -CI -UseSystemOpenSSLCrypto -OneBranch -OfficialRelease - task: PowerShell@2 displayName: arm - ${{ if eq(parameters.tls, 'openssl') }}: + ${{ if eq(parameters.os, 'ubuntu-20.04') }}: target: linux_build_container - ${{ else }}: + ${{ elseif eq(parameters.os, 'ubuntu-22.04') }}: target: ubuntu_2204_cross + ${{ else }}: + target: ubuntu_2404_cross inputs: pwsh: true filePath: scripts/build.ps1 diff --git a/.github/workflows/build-reuse-unix.yml b/.github/workflows/build-reuse-unix.yml index 4530c0ae13..7d96634510 100644 --- a/.github/workflows/build-reuse-unix.yml +++ b/.github/workflows/build-reuse-unix.yml @@ -32,6 +32,7 @@ on: # options: # - ubuntu-20.04 # - ubuntu-22.04 + # - ubuntu-24.04 # - macos-12 arch: required: false diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2d66d417af..9c410d6630 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -81,7 +81,7 @@ jobs: matrix: config: ['Debug', 'Release'] plat: [linux] - os: ['ubuntu-20.04', 'ubuntu-22.04'] + os: ['ubuntu-20.04', 'ubuntu-22.04', 'ubuntu-24.04'] arch: [arm, arm64] tls: [openssl, openssl3] static: ['', '-Static'] @@ -102,7 +102,7 @@ jobs: matrix: config: ['Debug', 'Release'] plat: [linux, android] - os: ['ubuntu-20.04', 'ubuntu-22.04'] + os: ['ubuntu-20.04', 'ubuntu-22.04', 'ubuntu-24.04'] arch: [x86, x64] tls: [openssl, openssl3] systemcrypto: ['', '-UseSystemOpenSSLCrypto'] @@ -117,6 +117,9 @@ jobs: # Android doesn't use system crypto - plat: android systemcrypto: '-UseSystemOpenSSLCrypto' + # TODO: android to support ubuntu-24.04 + - plat: android + os: 'ubuntu-24.04' # No openssl3 system crypto on ubuntu-20.04 - plat: linux os: 'ubuntu-20.04' @@ -127,6 +130,11 @@ jobs: os: 'ubuntu-22.04' tls: 'openssl' systemcrypto: '-UseSystemOpenSSLCrypto' + # No openssl system crypto on ubuntu-24.04 + - plat: linux + os: 'ubuntu-24.04' + tls: 'openssl' + systemcrypto: '-UseSystemOpenSSLCrypto' # linux xdp is for ubuntu22.04 only for now - plat: android xdp: "-UseXdp" diff --git a/.github/workflows/dotnet-test.yml b/.github/workflows/dotnet-test.yml index a2575a7951..16ebbdd6f0 100644 --- a/.github/workflows/dotnet-test.yml +++ b/.github/workflows/dotnet-test.yml @@ -35,6 +35,7 @@ jobs: vec: [ { plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl" }, { plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", xdp: "-UseXdp" }, + { plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", xdp: "-UseXdp" }, ] uses: ./.github/workflows/build-reuse-unix.yml with: @@ -74,6 +75,7 @@ jobs: { plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl3" }, { plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl" }, { plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", xdp: "-UseXdp" }, + { plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", xdp: "-UseXdp" }, { plat: "macos", os: "macos-12", arch: "universal", tls: "openssl" }, ] runs-on: ${{ matrix.vec.os }} diff --git a/.github/workflows/package-linux.yml b/.github/workflows/package-linux.yml index 4362bf926a..142260917f 100644 --- a/.github/workflows/package-linux.yml +++ b/.github/workflows/package-linux.yml @@ -33,6 +33,9 @@ jobs: { config: "Release", os: "ubuntu-22.04", arch: "arm", tls: "openssl3" }, { config: "Release", os: "ubuntu-22.04", arch: "arm64", tls: "openssl3" }, { config: "Release", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", xdp: "-UseXdp" }, + { config: "Release", os: "ubuntu-24.04", arch: "arm", tls: "openssl3" }, + { config: "Release", os: "ubuntu-24.04", arch: "arm64", tls: "openssl3" }, + { config: "Release", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", xdp: "-UseXdp" }, ] uses: ./.github/workflows/package-reuse-linux.yml with: @@ -52,6 +55,7 @@ jobs: vec: [ { config: "Release", os: "ubuntu-20.04", arch: "x64", tls: "openssl" }, { config: "Release", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", xdp: "-UseXdp" }, + { config: "Release", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", xdp: "-UseXdp" }, ] steps: - name: Checkout repository diff --git a/.github/workflows/stress.yml b/.github/workflows/stress.yml index 830dec4b9c..0f72e15cca 100644 --- a/.github/workflows/stress.yml +++ b/.github/workflows/stress.yml @@ -51,8 +51,10 @@ jobs: { config: "Debug", plat: "macos", os: "macos-12", arch: "x64", tls: "openssl3", build: "-Test" }, { config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl", sanitize: "-Sanitize", build: "-Test" }, { config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" }, - { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", build: "-Test" }, + { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" }, { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", build: "-Test", xdp: "-UseXdp" }, + { config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" }, + { config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", build: "-Test", xdp: "-UseXdp" }, ] uses: ./.github/workflows/build-reuse-unix.yml with: @@ -75,7 +77,11 @@ jobs: vec: [ { config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl", sanitize: "-Sanitize", build: "-Test" }, { config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" }, - { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", xdp: "-UseXdp", build: "-Test" }, + { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" }, + # TODO: I don't think this actually testing XDP, since there is no unix XDP builds above. + # { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", xdp: "-UseXdp", build: "-Test" }, + { config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" }, + { config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", build: "-Test", xdp: "-UseXdp" }, { config: "Debug", plat: "macos", os: "macos-12", arch: "x64", tls: "openssl", build: "-Test" }, { config: "Debug", plat: "macos", os: "macos-12", arch: "x64", tls: "openssl3", build: "-Test" }, { config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", sanitize: "-Sanitize", build: "-Test" }, diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b0be7737e4..7ca9b1b8c7 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -73,6 +73,8 @@ jobs: { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" }, { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", build: "-Test", xdp: "-UseXdp" }, { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", build: "-Test" }, + { config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", build: "-Test" }, + { config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", build: "-Test", xdp: "-UseXdp" }, ] uses: ./.github/workflows/build-reuse-unix.yml with: @@ -100,6 +102,8 @@ jobs: { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" }, { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", xdp: "-UseXdp", build: "-Test" }, { config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", build: "-Test" }, + { config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", build: "-Test" }, + { config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", build: "-Test", xdp: "-UseXdp" }, { config: "Debug", plat: "windows", os: "windows-2019", arch: "x64", tls: "openssl", build: "-Test" }, { config: "Debug", plat: "windows", os: "windows-2019", arch: "x64", tls: "openssl3", build: "-Test" }, { config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", sanitize: "-Sanitize", build: "-Test" }, diff --git a/CMakeLists.txt b/CMakeLists.txt index 3f8f4d58fe..01df477fd6 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -311,6 +311,9 @@ else() list(APPEND QUIC_WARNING_FLAGS -Wno-strict-aliasing) elseif(CMAKE_CXX_COMPILER_ID MATCHES "Clang") list(APPEND QUIC_WARNING_FLAGS -Wno-missing-braces -Wno-microsoft-anon-tag) + if (CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 18) + list(APPEND QUIC_WARNING_FLAGS -Wno-invalid-unevaluated-string) + endif() endif() endif() @@ -687,38 +690,50 @@ if(QUIC_CODE_CHECK) -android-cloexec-fopen -android-cloexec-socket -bugprone-assignment-in-if-condition + -bugprone-casting-through-void -bugprone-easily-swappable-parameters -bugprone-implicit-widening-of-multiplication-result -bugprone-macro-parentheses + -bugprone-multi-level-implicit-pointer-conversion -bugprone-narrowing-conversions -bugprone-reserved-identifier -bugprone-sizeof-expression + -bugprone-switch-missing-default-case -cert-dcl37-c -cert-dcl51-cpp -cert-err33-c + -clang-analyzer-optin.core.EnumCastOutOfRange -clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling + -clang-diagnostic-invalid-unevaluated-string -clang-diagnostic-microsoft-anon-tag -concurrency-mt-unsafe -cppcoreguidelines-avoid-magic-numbers -cppcoreguidelines-avoid-non-const-global-variables -cppcoreguidelines-init-variables + -cppcoreguidelines-macro-to-enum -cppcoreguidelines-narrowing-conversions + -google-readability-casting -google-readability-function-size -google-readability-todo -hicpp-function-size -hicpp-no-assembler -hicpp-signed-bitwise -llvmlibc-restrict-system-libc-headers + -misc-include-cleaner -misc-no-recursion # do you really need recursion? + -misc-header-include-cycle -modernize-macro-to-enum -readability-avoid-const-params-in-decls + -readability-avoid-nested-conditional-operator -readability-duplicate-include -readability-function-cognitive-complexity -readability-function-size -readability-identifier-length + -readability-identifier-naming -readability-isolate-declaration -readability-magic-numbers -readability-non-const-parameter + -readability-redundant-casting ) string(REPLACE ";" "," CLANG_TIDY_CHECKS "${CLANG_TIDY_CHECKS}") set(CMAKE_C_CLANG_TIDY_AVAILABLE ${CLANGTIDY} -checks=${CLANG_TIDY_CHECKS} diff --git a/docs/BUILD.md b/docs/BUILD.md index 47c417bbde..6caa5164d1 100644 --- a/docs/BUILD.md +++ b/docs/BUILD.md @@ -200,7 +200,7 @@ $ pwsh ./scripts/build.ps1 -UseXdp `./scripts/prepare-machine.ps1` internally does the below commands. This might break your environment. ```sh -# for libxdp v1.4.2 +# for libxdp v1.4.2 on Ubuntu 22.04. Ubuntu 24.04 doesn't need this step sudo apt-add-repository "deb http://mirrors.kernel.org/ubuntu noble main" -y # install runtime dependencies diff --git a/scripts/prepare-machine.ps1 b/scripts/prepare-machine.ps1 index 738cf476c8..318648076d 100644 --- a/scripts/prepare-machine.ps1 +++ b/scripts/prepare-machine.ps1 @@ -103,9 +103,10 @@ Set-StrictMode -Version 'Latest' $PSDefaultParameterValues['*:ErrorAction'] = 'Stop' $ProgressPreference = 'SilentlyContinue' -if ($IsLinux -and $UseXdp) { +$IsUbuntu2404 = $false +if ($IsLinux) { $IsUbuntu2404 = (Get-Content -Path /etc/os-release | Select-String -Pattern "24.04") -ne $null - if (!$IsUbuntu2404 -and !$ForceXdpInstall) { + if ($UseXdp -and !$IsUbuntu2404 -and !$ForceXdpInstall) { Write-Host "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARN !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" Write-Host "Linux XDP installs dependencies from Ubuntu 24.04 packages, which should affect your environment" Write-Host "You need to understand the impact of this on your environment before proceeding" @@ -541,8 +542,10 @@ if ($IsLinux) { # XDP dependencies if ($UseXdp) { sudo apt-get -y install --no-install-recommends libc6-dev-i386 # for building xdp programs - sudo apt-add-repository "deb http://mirrors.kernel.org/ubuntu noble main" -y - sudo apt-get update -y + if (!$IsUbuntu2404) { + sudo apt-add-repository "deb http://mirrors.kernel.org/ubuntu noble main" -y + sudo apt-get update -y + } sudo apt-get -y install libxdp-dev libbpf-dev sudo apt-get -y install libnl-3-dev libnl-genl-3-dev libnl-route-3-dev zlib1g-dev zlib1g pkg-config m4 clang libpcap-dev libelf-dev } @@ -555,8 +558,10 @@ if ($IsLinux) { sudo apt-get install -y liblttng-ust-dev sudo apt-get install -y gdb if ($UseXdp) { - sudo apt-add-repository "deb http://mirrors.kernel.org/ubuntu noble main" -y - sudo apt-get update -y + if (!$IsUbuntu2404) { + sudo apt-add-repository "deb http://mirrors.kernel.org/ubuntu noble main" -y + sudo apt-get update -y + } sudo apt-get install -y libxdp1 libbpf1 sudo apt-get install -y libnl-3-200 libnl-route-3-200 libnl-genl-3-200 sudo apt-get install -y iproute2 iptables diff --git a/src/inc/msquichelper.h b/src/inc/msquichelper.h index 6f95ebc190..a3837bec4a 100644 --- a/src/inc/msquichelper.h +++ b/src/inc/msquichelper.h @@ -257,6 +257,11 @@ DecodeHexBuffer( return HexBufferLen; } +#if defined(__GNUC__) && (__GNUC__ >= 13) +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wstringop-overflow" +#endif + inline void EncodeHexBuffer( @@ -272,6 +277,10 @@ EncodeHexBuffer( } } +#if defined(__GNUC__) && (__GNUC__ >= 13) +#pragma GCC diagnostic pop +#endif + #if defined(__cplusplus) //