Skip to content

Commit

Permalink
Manually test that panicking from C will abort the process
Browse files Browse the repository at this point in the history
Panicking from C is not UB in newer rust versions and will reliably
trigger an abort (without unwinding). In older rust versions, it is
technically UB but empirically it seems to "just work" (and what should
it realistically do except crashing, which is what we intent).

Since there's potentially no unwinding, we can't test this behavior
using [should_panic]. This PR will instead check the libtest output
explicitly in our CI tests.

Fixes #228.
  • Loading branch information
real-or-random committed Mar 24, 2021
1 parent 4ae0e7e commit 24df7ce
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 6 deletions.
3 changes: 3 additions & 0 deletions contrib/test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,9 @@ if [ "$DO_ASAN" = true ]; then
cargo run --release --manifest-path=./no_std_test/Cargo.toml | grep -q "Verified Successfully"
fi

# Test if panic in C code aborts the process (either with a real panic or with SIGILL)
cargo test -- --ignored --exact 'tests::test_panic_raw_ctx_should_terminate_abnormally' 2>&1 | tee /dev/tty | grep 'SIGILL\|panicked at' > /dev/null

# Bench
if [ "$DO_BENCH" = true ]; then
cargo bench --all --features="unstable"
Expand Down
10 changes: 4 additions & 6 deletions src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -938,14 +938,12 @@ mod tests {

#[cfg(not(target_arch = "wasm32"))]
#[test]
#[should_panic]
fn test_panic_raw_ctx() {
#[ignore] // Panicking from C may trap (SIGILL) intentionally, so we test this manually.
fn test_panic_raw_ctx_should_terminate_abnormally() {
let ctx_vrfy = Secp256k1::verification_only();
let raw_ctx_verify_as_full = unsafe {Secp256k1::from_raw_all(ctx_vrfy.ctx)};
let (sk, _) = raw_ctx_verify_as_full.generate_keypair(&mut thread_rng());
let msg = Message::from_slice(&[2u8; 32]).unwrap();
// Try signing
raw_ctx_verify_as_full.sign(&msg, &sk);
// Generating a key pair in verify context will panic (ARG_CHECK).
raw_ctx_verify_as_full.generate_keypair(&mut thread_rng());
}

#[test]
Expand Down

0 comments on commit 24df7ce

Please sign in to comment.