Skip to content

Commit 1eb2c32

Browse files
Manually test that panicking from C will abort the process
Panicking from C is not UB in newer rust versions and will reliably trigger an abort (without unwinding). In older rust versions, it is technically UB but empirically it seems to "just work" (and what should it realistically do except crashing, which is what we intent). Since there's potentially no unwinding, we can't test this behavior using [should_panic]. This PR will instead check the libtest output explicitly in our CI tests. Fixes #228.
1 parent 4ae0e7e commit 1eb2c32

File tree

2 files changed

+7
-6
lines changed

2 files changed

+7
-6
lines changed

contrib/test.sh

+3
Original file line numberDiff line numberDiff line change
@@ -78,6 +78,9 @@ if [ "$DO_ASAN" = true ]; then
7878
cargo run --release --manifest-path=./no_std_test/Cargo.toml | grep -q "Verified Successfully"
7979
fi
8080

81+
# Test if panic in C code aborts the process (either with a real panic or with SIGILL)
82+
cargo test -- --ignored --exact 'tests::test_panic_raw_ctx_should_terminate_abnormally' 2>&1 | tee /dev/stderr | grep "SIGILL\\|panicked at '\[libsecp256k1\]"
83+
8184
# Bench
8285
if [ "$DO_BENCH" = true ]; then
8386
cargo bench --all --features="unstable"

src/lib.rs

+4-6
Original file line numberDiff line numberDiff line change
@@ -938,14 +938,12 @@ mod tests {
938938

939939
#[cfg(not(target_arch = "wasm32"))]
940940
#[test]
941-
#[should_panic]
942-
fn test_panic_raw_ctx() {
941+
#[ignore] // Panicking from C may trap (SIGILL) intentionally, so we test this manually.
942+
fn test_panic_raw_ctx_should_terminate_abnormally() {
943943
let ctx_vrfy = Secp256k1::verification_only();
944944
let raw_ctx_verify_as_full = unsafe {Secp256k1::from_raw_all(ctx_vrfy.ctx)};
945-
let (sk, _) = raw_ctx_verify_as_full.generate_keypair(&mut thread_rng());
946-
let msg = Message::from_slice(&[2u8; 32]).unwrap();
947-
// Try signing
948-
raw_ctx_verify_as_full.sign(&msg, &sk);
945+
// Generating a key pair in verify context will panic (ARG_CHECK).
946+
raw_ctx_verify_as_full.generate_keypair(&mut thread_rng());
949947
}
950948

951949
#[test]

0 commit comments

Comments
 (0)