diff --git a/.cirrus.yml b/.cirrus.yml index 542bbb6ee6c..4a6e73ac85b 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -14,8 +14,24 @@ cirrus_ephemeral_worker_template_env: &CIRRUS_EPHEMERAL_WORKER_TEMPLATE_ENV persistent_worker_template_env: &PERSISTENT_WORKER_TEMPLATE_ENV RESTART_CI_DOCKER_BEFORE_RUN: "1" +# https://cirrus-ci.org/guide/persistent-workers/ +# +# It is possible to select a specific persistent worker by label. Refer to the +# Cirrus CI docs for more details. +# +# Generally, a persistent worker must run Ubuntu 23.04+ or Debian 12+. +# Specifically, +# - apt-get is required due to PACKAGE_MANAGER_INSTALL +# - podman-docker-4.1+ is required due to the use of `podman` when +# RESTART_CI_DOCKER_BEFORE_RUN is set and 4.1+ due to the bugfix in 4.1 +# (https://github.com/bitcoin/bitcoin/pull/21652) +# - The ./ci/ depedencies should be installed: +# apt update && apt install screen python3 bash podman-docker curl -y +# +# The following specific types should exist, with the following requirements: +# - lunar: For a machine running the Linux kernel shipped with Ubuntu Lunar 23.04. The machine is recommended to have 4 CPUs and 16 GB of memory. persistent_worker_template: &PERSISTENT_WORKER_TEMPLATE - persistent_worker: {} # https://cirrus-ci.org/guide/persistent-workers/ + persistent_worker: {} # Only use this if the task does not care about the type at all # https://cirrus-ci.org/guide/tips-and-tricks/#sharing-configuration-between-tasks filter_template: &FILTER_TEMPLATE @@ -257,22 +273,17 @@ task: task: name: '[ASan + LSan + UBSan + integer, no depends, USDT] [lunar]' + enable_bpfcc_script: + # In the image build step, no external environment variables are available, + # so any settings will need to be written to the settings env file: + - sed -i "s|\${CIRRUS_CI}|true|g" ./ci/test/00_setup_env_native_asan.sh << : *GLOBAL_TASK_TEMPLATE - # We can't use a 'container' for the USDT interface tests as the CirrusCI - # containers don't have privileges to hook into bitcoind. CirrusCI uses - # Google Compute Engine instances: https://cirrus-ci.org/guide/custom-vms/ - # Images can be found here: https://cloud.google.com/compute/docs/images/os-details - compute_engine_instance: - image_project: ubuntu-os-cloud - image: family/ubuntu-2304-amd64 # https://cirrus-ci.org/guide/custom-vms/#custom-compute-engine-vms - cpu: 4 - disk: 100 - memory: 12G + persistent_worker: + labels: + type: lunar # Must use the lunar-specific worker (needed for USDT functional tests) env: - << : *CIRRUS_EPHEMERAL_WORKER_TEMPLATE_ENV - HOME: /root/ # Only needed for compute_engine_instance + << : *PERSISTENT_WORKER_TEMPLATE_ENV FILE_ENV: "./ci/test/00_setup_env_native_asan.sh" - MAKEJOBS: "-j4" # Avoid excessive memory use task: name: '[fuzzer,address,undefined,integer, no depends] [lunar]' diff --git a/ci/test/00_setup_env_native_asan.sh b/ci/test/00_setup_env_native_asan.sh index a5c80c2afcf..dff86b1ffec 100755 --- a/ci/test/00_setup_env_native_asan.sh +++ b/ci/test/00_setup_env_native_asan.sh @@ -8,9 +8,11 @@ export LC_ALL=C.UTF-8 # Only install BCC tracing packages in Cirrus CI. if [[ "${CIRRUS_CI}" == "true" ]]; then - export BPFCC_PACKAGE="bpfcc-tools" + BPFCC_PACKAGE="bpfcc-tools linux-headers-$(uname --kernel-release)" + export CI_CONTAINER_CAP="--privileged -v /sys/kernel:/sys/kernel:rw" else - export BPFCC_PACKAGE="" + BPFCC_PACKAGE="" + export CI_CONTAINER_CAP="--cap-add SYS_PTRACE" # If run with (ASan + LSan), the container needs access to ptrace (https://github.com/google/sanitizers/issues/764) fi export CONTAINER_NAME=ci_native_asan diff --git a/ci/test/00_setup_env_native_fuzz.sh b/ci/test/00_setup_env_native_fuzz.sh index 15785d16130..bfd51be6d00 100755 --- a/ci/test/00_setup_env_native_fuzz.sh +++ b/ci/test/00_setup_env_native_fuzz.sh @@ -14,6 +14,7 @@ export RUN_UNIT_TESTS=false export RUN_FUNCTIONAL_TESTS=false export RUN_FUZZ_TESTS=true export GOAL="install" +export CI_CONTAINER_CAP="--cap-add SYS_PTRACE" # If run with (ASan + LSan), the container needs access to ptrace (https://github.com/google/sanitizers/issues/764) export BITCOIN_CONFIG="--enable-fuzz --with-sanitizers=fuzzer,address,undefined,float-divide-by-zero,integer \ CC='clang-16 -ftrivial-auto-var-init=pattern' CXX='clang++-16 -ftrivial-auto-var-init=pattern'" export CCACHE_MAXSIZE=200M diff --git a/ci/test/04_install.sh b/ci/test/04_install.sh index ff436989940..205c79328a5 100755 --- a/ci/test/04_install.sh +++ b/ci/test/04_install.sh @@ -18,9 +18,6 @@ export ASAN_OPTIONS="detect_stack_use_after_return=1:check_initialization_order= export LSAN_OPTIONS="suppressions=${BASE_ROOT_DIR}/test/sanitizer_suppressions/lsan" export TSAN_OPTIONS="suppressions=${BASE_ROOT_DIR}/test/sanitizer_suppressions/tsan:halt_on_error=1:log_path=${BASE_SCRATCH_DIR}/sanitizer-output/tsan" export UBSAN_OPTIONS="suppressions=${BASE_ROOT_DIR}/test/sanitizer_suppressions/ubsan:print_stacktrace=1:halt_on_error=1:report_error_type=1" -if [[ $BITCOIN_CONFIG = *--with-sanitizers=*address* ]]; then # If ran with (ASan + LSan), Docker needs access to ptrace (https://github.com/google/sanitizers/issues/764) - CI_CONTAINER_CAP="--cap-add SYS_PTRACE" -fi if [ -z "$DANGER_RUN_CI_ON_HOST" ]; then # Export all env vars to avoid missing some.