There are a ton of libsoup/GLib-related "leaks" that we can't whitelist
and with leak detective active there is a delay that interestingly doesn't
happen with soup_session_sync_new(), so tests failed with a timeout (actually
they hung due to the lock in the fetcher manager).
On Travis, the curl plugin is used for the tests, so that's not an issue
there (and without LD the tests complete quickly and successfully).
As noted in 8ea13bbc5ccd newer compilers might optimize out the
assignment leading to invalid values in the keyUsage extension (as the
length was still set, the extension was encoded, just not with the
intended values).
Fixes#3249.
The build system is a bit limited, only the repository directory and
LGTM_WORKSPACE is writable. sudo doesn't work at all, for others we
don't have enough permission.
While it's unlikely that so many (large) items are allocated, this is
technically more correct. The result previously could overflow an
unsigned int (the conversion to size_t happened afterwards).
This clearly never was correct, but didn't cause problems so far.
However, GCC 10 will default to `-fno-common` instead of
`-fcommon` (https://gcc.gnu.org/PR85678), so compilation there fails
with something like:
```
libtool: link: gcc ... -o .libs/swanctl ...
ld: commands/load_authorities.o:strongswan/src/swanctl/./swanctl.h:33:
multiple definition of `swanctl_dir'; commands/load_all.o:strongswan/src/swanctl/./swanctl.h:33: first defined here
```
Fixes: 501bd53a6cce ("swanctl: Make credential directories relative to swanctl.conf")
Closesstrongswan/strongswan#163.
GCC 9+ and clang 4+ (partially) optimize out usages of
chunk_from_chars() if the value is read outside of the block where the
macro is used. For instance:
```
chunk_t chunk = chunk_empty;
if (...)
{
chunk = chunk_from_chars(0x01, 0x06);
}
/* do something with chunk */
```
The chunk_from_chars() macro expands to a chunk_t declaration, which is
technically only defined inside that block.
Still, with older GCC versions the fourth line was compiled to something
like this:
```
mov WORD PTR [rsp+14], 1537 # 0x0106 in little-endian
lea rdx, [rsp+14]
mov ecx, 2
```
However, with GCC 9.1 and -O2 the first instruction might be omitted
(strangely the others usually were not, so the chunk pointed to whatever
was stored on the stack). It's not easily reproducible, so there are
situations where the seemingly identical code is not optimized in this
way.
This query should detect such problematic uses of the macro (definition
and usage in different blocks).
References #3249.
IBM Z is big-endian, IBM Power runs in little-endian mode.
Botan requires a fix for issues with GCC and amalgamation enabled (target
pragma ‘*’ is invalid) on ARM64 and IBM Power, while wolfSSL can't be
compiled successfully on IBM Z without an additional patch.
libunwind is not available for x390x, but since we explicitly disable
such backtraces it's not necessary anyway.
This is the recommended location and import config as it allows running the
tests against installed versions of the package. And while the test file
itself is automatically included in the source distribution this way, the
__init__.py file is not, so we still have to update MANIFEST.in.
This reverts commit 1806ba0890bc503df3dacf01992ec1bca2b0fbb0 as the
workaround is not required anymore and now actually fails because
pre-installed tools have a dependency on libtool.
