New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cmd/{snap-confine,libsnap-confine-private,snap-shutdown}: cleanup low-level C bits #4153
cmd/{snap-confine,libsnap-confine-private,snap-shutdown}: cleanup low-level C bits #4153
Conversation
Bump the number of warning issue by compiler. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
… symbol takes no paramters, make symbols static Make sure to use void in parameter list when a function takes no paramters. Otherwise the symbol can take any number of parameters. Where possible, make symbols static. Fixes 'function declaration isn’t a prototype [-Wstrict-prototypes]' warnings. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Reformat the F() macro to make it readable. Make sure to include braces braces in do-while statement. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Nested functions are not supported outside of gcc. Refactor the code using this feature. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Codecov Report
@@ Coverage Diff @@
## master #4153 +/- ##
==========================================
- Coverage 75.38% 75.38% -0.01%
==========================================
Files 435 435
Lines 37724 37724
==========================================
- Hits 28439 28437 -2
- Misses 7296 7298 +2
Partials 1989 1989
Continue to review full report at Codecov.
|
…sts are gcc specific Rename the test to indicate that it is GCC specific Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Introduce a test that builds the low-level C bits with clang and runs unit tests. This should ensure code can also be built with clang and we get an early heads up if gcc specific bits are incoming. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Small tweak, otherwise LGTM
As discussed on IRC I think this will bitrot unless we go and actually test a clang-based build. I know you are doing that already.
@@ -20,15 +20,18 @@ | |||
|
|||
#include <glib.h> | |||
|
|||
static int called = 0; | |||
|
|||
void cleanup_fn(int *ptr) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please change to static void cleanup_fn(int *ptr)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. I noticed that CHECK_CFLAGS were not set for libsnap-confine-private.a
and its unit tests at all, will be fixing this right now.
@@ -7,6 +7,8 @@ dist_man_MANS = | |||
noinst_PROGRAMS = | |||
noinst_LIBRARIES = | |||
|
|||
CHECK_CFLAGS = -Wall -Wextra -Wmissing-prototypes -Wstrict-prototypes \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Gentoo has a policy where those are not added automatically as they tend to break good builds due to new compiler releases. I was wondering if those flags should not be in the unit tests, and instead we could resort to perhaps, just, -Wall
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Interesting, do you know if they push -Werror
by default? Just having the warnings enabled should not cause build failures.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Two extra suggestions.
execute: | | ||
# Refresh autotools build system | ||
cd "$SPREAD_PATH/cmd/" | ||
autoreconf --install --force |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe we could just run autogen.sh, this would handle the case of what arguments to pass?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ack.
cd "$SPREAD_PATH/cmd/autogarbage" | ||
EXTRA_CONF= | ||
if [ ! -d /sys/kernel/security/apparmor ]; then | ||
EXTRA_CONF="--disable-apparmor --disable-seccomp" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we now enable seccomp even if apparmor is not enabled.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is fixed now, we'll calling autogen.sh
so it will set whatever flags we have there for any particular platform.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for taking this on. I added comments inline, I like the fact that the "int" vs "size_t" issues got cleaned up and there are some other nice fixes. I'm not so sure about f() -> f(void). I understand the technical reason behind it but it makes me sad and I wish there was a way to say -std=c11-dont-be-silly to avoid the need for this.
@@ -33,7 +33,7 @@ static bool broken_alter_msg(struct sc_fault_state *state, void *ptr) | |||
return true; | |||
} | |||
|
|||
static void test_fault_injection() | |||
static void test_fault_injection(void) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I dislike that this needs to be done :/ That is one of my complains about C (one of many ;) - the fact that K&R C from ~1879 requires us to nowdays write clunky (void) like this. Oh well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess you meant 1978, although it does feel like 19th century by modern standards :)
@@ -33,7 +33,13 @@ const char *sc_mount_opt2str(char *buf, size_t buf_size, unsigned long flags) | |||
{ | |||
unsigned long used = 0; | |||
sc_string_init(buf, buf_size); | |||
#define F(FLAG, TEXT) do if (flags & (FLAG)) { sc_string_append(buf, buf_size, #TEXT ","); flags ^= (FLAG); } while (0) | |||
|
|||
#define F(FLAG, TEXT) do { \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
\o/
@@ -144,7 +144,7 @@ static void test_sc_snap_name_validate() | |||
"a0", "a-0", "a-0a", | |||
"01game", "1-or-2" | |||
}; | |||
for (int i = 0; i < sizeof valid_names / sizeof *valid_names; ++i) { | |||
for (size_t i = 0; i < sizeof valid_names / sizeof *valid_names; ++i) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
\o/
@@ -48,7 +48,7 @@ | |||
// sc_maybe_fixup_permissions fixes incorrect permissions | |||
// inside the mount namespace for /var/lib. Before 1ccce4 | |||
// this directory was created with permissions 1777. | |||
void sc_maybe_fixup_permissions() | |||
static void sc_maybe_fixup_permissions(void) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
\o/
Noticed that there were no CFLAGS being set for |
…unit tests Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…otype warnings Fixes 'function declaration isn’t a prototype [-Wstrict-prototypes]' warnings. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
… unit tests This will allow us to catch warnings as part of CI pipeline Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…ariable Allow passing of desired build directory path in BUILD_DIR environment variable. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…ogen.sh Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
ENOENT case is not expected to fall through. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
This is a series of cleanups for low level C bits. Notable changes is that warning flags are more strict than they used to be. Namely
-Wextra
is included now (-Wall
is only half of warnings one usually wants) plus some exceptions for warnings that gcc and clang are a bit over eager to raise.The cleanups come from building with warning flags enabled, and separate runs with clang 5.0.0 and sparse 0.5.1.
I've also ran some tests locally with asan and ubsan. Both were ok.
This is only the first part of cleanups. We should aim to integrate at least clang builds into the CI pipeline.