StillHammer/warfactoryracine
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bbc811c151
warfactoryracine/ADVANCED_TESTING.md
StillHammer 5bdd072117 Complete 10-engine architecture with CMake build system 
 All 10 engines now build successfully:
- Designer, Economy, Event, Factory, Intelligence
- Logistic, MacroEntity, Map, Operation, War

🚀 Features implemented:
- FAST_BUILD vs FULL_BUILD presets for efficient development
- Comprehensive defensive programming (sanitizers, contracts)
- 16 C++ libraries integrated via FetchContent
- GCC-compatible configuration with stack protection
- Unified CMake system across all engines

🛠️ Build commands:
- Fast: cmake -DFAST_BUILD=ON .. && make claude-workflow-fast
- Full: cmake .. && make (all sanitizers + validation)
- Single engine: make economy-engine

🔧 Development workflow optimized for daily iteration.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-19 14:19:25 +08:00

321 lines
8.6 KiB
Markdown
Raw Blame History

# 🛡️ Warfactory Advanced Testing & Verification System
Ce document décrit le système de test et vérification avancé intégré dans Warfactory, conçu pour détecter automatiquement les bugs, vulnerabilités et problèmes de performance sans intervention constante.
## 🎯 Vue d'ensemble
Le système combine **8 couches de défense** automatisées :
1. **Compilation stricte** - Flags "No Trust" avec zéro tolérance
2. **Static Analysis** - Détection de bugs avant exécution
3. **Fuzzing automatique** - Test d'inputs malformés
4. **Formal Verification** - Preuve mathématique de propriétés
5. **Concurrency Analysis** - Détection de race conditions
6. **Coverage-guided testing** - Feedback de couverture de code
7. **ABI/Interface validation** - Compatibilité entre versions
8. **Contract-based programming** - Assertions partout dans le code
## 🚀 Installation rapide
```bash
# 1. Installer tous les outils automatiquement
./scripts/setup_advanced_tools.sh
# 2. Configurer le projet avec tous les outils
mkdir build && cd build
cmake -DCMAKE_BUILD_TYPE=Debug -DENABLE_ADVANCED_TOOLS=ON ..
# 3. Compiler avec toutes les défenses
make all-engines
# 4. Lancer tous les tests avancés
make test-everything
```
## 🔧 Configuration par couches
### ⚙️ **Niveau 1 : Compilation "No Trust"**
Activé automatiquement sur tous les engines :
```cmake
# Erreurs critiques = compilation échoue
-Werror=null-dereference -Werror=array-bounds -Werror=use-after-free
-Werror=uninitialized -Werror=return-type -Werror=format-security
# Sanitizers complets (mode Debug)
-fsanitize=address,undefined,leak,memory,thread,cfi
# Protection runtime maximale
-fstack-protector-all -fstack-clash-protection -D_FORTIFY_SOURCE=3
```
### 🔍 **Niveau 2 : Static Analysis**
```bash
# Cppcheck - analyse statique C++
make economy-engine_cppcheck
# Clang Static Analyzer
cmake -DENABLE_STATIC_ANALYSIS=ON ..
make economy-engine
# PVS-Studio (si installé)
make economy-engine_pvs
```
### 🎯 **Niveau 3 : Fuzzing automatique**
#### libFuzzer (Clang intégré)
```bash
make economy-engine_fuzz_run # 5 minutes de fuzzing
```
#### AFL++ (coverage-guided)
```bash
make economy-engine_afl_run # Fuzzing avec feedback
```
#### honggfuzz (feedback hardware)
```bash
make economy-engine_honggfuzz_run
```
#### Fuzzing de tous les engines
```bash
make fuzz-all-engines # Fuzzing massif parallèle
```
### 🔬 **Niveau 4 : Formal Verification**
#### CBMC - Model Checking
```bash
make economy-engine_cbmc # Vérification mathématique
```
#### KLEE - Symbolic Execution
```bash
make economy-engine_klee # Exploration symbolique
```
### 🧵 **Niveau 5 : Concurrency Analysis**
#### Valgrind Helgrind
```bash
make economy-engine_helgrind # Détection race conditions
```
#### Valgrind DRD
```bash
make economy-engine_drd # Détection data races
```
#### Intel Inspector (si disponible)
```bash
make economy-engine_inspector # Analyse threading avancée
```
### 📊 **Niveau 6 : Coverage Analysis**
```bash
# Génération rapport de couverture
make economy-engine_coverage_run
# Rapport HTML dans economy-engine_coverage_report/
open economy-engine_coverage_report/index.html
```
### 🔗 **Niveau 7 : ABI Validation**
```bash
# Créer baseline ABI
make economy-engine_abi_dump
cp economy-engine_current.abi.tar.gz ../abi_baselines/economy-engine_baseline.abi.tar.gz
# Vérifier compatibilité après changements
make economy-engine_abi_check
open economy-engine_abi_report.html
```
### 📋 **Niveau 8 : Contract Programming**
Utilisation dans le code C++ :
```cpp
#include <warfactory/contracts.hpp>
#include <warfactory/gsl_contracts.hpp>
void process_market_data(gsl::not_null<const double*> price, double volume) {
// Préconditions automatiques
WARFACTORY_REQUIRE(std::isfinite(*price));
WARFACTORY_REQUIRE(volume > 0.0);
double result = calculate_value(*price, volume);
// Postconditions automatiques
WARFACTORY_ENSURE(std::isfinite(result));
WARFACTORY_PROPERTY_FINITE_VALUES(result);
}
```
## 🎮 Modes d'utilisation
### 🚀 **Mode Développement**
```bash
cmake -DCMAKE_BUILD_TYPE=Debug ..
make economy-engine
# → Tous les sanitizers + assertions activés
```
### ⚡ **Mode Production**
```bash
cmake -DCMAKE_BUILD_TYPE=Release ..
make economy-engine
# → CFI uniquement, performance optimisée
```
### 🔬 **Mode Test Complet**
```bash
cmake -DCMAKE_BUILD_TYPE=Debug -DENABLE_ADVANCED_TOOLS=ON ..
make test-everything
# → Tous les outils activés, test marathon
```
### 🎯 **Mode Fuzzing Intensif**
```bash
cmake -DENABLE_FUZZING=ON ..
make fuzz-all-engines
# → Fuzzing 24/7 sur tous les engines
```
## 📈 Targets disponibles
### Par engine (exemple : economy-engine)
```bash
# Compilation
make economy-engine
# Static Analysis
make economy-engine_cppcheck
make economy-engine_pvs
# Fuzzing
make economy-engine_fuzz_run # libFuzzer
make economy-engine_afl_run # AFL++
make economy-engine_honggfuzz_run # honggfuzz
make economy-engine_fuzz_all # Tous les fuzzers
# Formal Verification
make economy-engine_cbmc # Model checking
make economy-engine_klee # Symbolic execution
# Concurrency
make economy-engine_helgrind # Race conditions
make economy-engine_drd # Data races
make economy-engine_inspector # Intel Inspector
# Coverage
make economy-engine_coverage_run # Rapport HTML
# ABI
make economy-engine_abi_dump # Créer baseline
make economy-engine_abi_check # Vérifier compatibilité
```
### Globaux (tous les engines)
```bash
make all-engines # Build tout
make fuzz-all-engines # Fuzzing massif
make analyze-all-engines # Static analysis
make coverage-all-engines # Coverage reports
make concurrency-all-engines # Concurrency analysis
make abi-all-engines # ABI validation
make test-everything # TOUT en parallèle
```
## 🔧 Configuration avancée
### Variables CMake importantes
```bash
-DENABLE_ADVANCED_TOOLS=ON # Active tous les outils
-DENABLE_STATIC_ANALYSIS=ON # Clang Static Analyzer
-DENABLE_FUZZING=ON # Support fuzzing
-DCMAKE_BUILD_TYPE=Debug # Tous les sanitizers
```
### Personnalisation par engine
```cmake
# Dans engines/Mon-Engine/CMakeLists.txt
warfactory_add_defenses(mon-engine) # Défenses de base
warfactory_add_fuzzing(mon-engine) # Fuzzing
warfactory_add_formal_verification(mon-engine) # Vérification formelle
warfactory_add_concurrency_analysis(mon-engine) # Concurrence
warfactory_add_coverage_analysis(mon-engine) # Coverage
warfactory_add_abi_validation(mon-engine) # ABI
warfactory_add_gsl_support(mon-engine) # Guidelines Support Library
```
## 🎯 Intégration CI/CD
### GitHub Actions exemple
```yaml
- name: Setup Advanced Tools
run: ./scripts/setup_advanced_tools.sh
- name: Build with all defenses
run: |
mkdir build && cd build
cmake -DCMAKE_BUILD_TYPE=Debug -DENABLE_ADVANCED_TOOLS=ON ..
make all-engines
- name: Run comprehensive testing
run: cd build && make test-everything
```
### Détection automatique de régressions
- **ABI changes** détectés automatiquement
- **Coverage regressions** bloquent les merges
- **Fuzzing crashes** remontés immédiatement
- **Contract violations** = build failure
## 🚨 Résolution de problèmes
### Si la compilation échoue
```bash
# 1. Vérifier les outils installés
./scripts/setup_advanced_tools.sh
# 2. Mode minimal pour débugger
cmake -DCMAKE_BUILD_TYPE=Release ..
# 3. Désactiver temporairement les défenses strictes
cmake -DENABLE_ADVANCED_TOOLS=OFF ..
```
### Si le fuzzing ne trouve rien
```bash
# Augmenter la durée
make economy-engine_fuzz_run ARGS="-max_total_time=3600"
# Vérifier les seeds d'entrée
ls build/fuzzing/economy-engine/input/
```
### Si les tests de concurrence échouent
```bash
# Analyser les rapports détaillés
cat economy-engine_helgrind.xml
cat economy-engine_drd.xml
```
## 📚 Références
- [AFL++ Documentation](https://aflplus.plus/)
- [CBMC User Manual](https://www.cprover.org/cbmc/)
- [KLEE Tutorials](https://klee.github.io/tutorials/)
- [Valgrind Manual](https://valgrind.org/docs/manual/)
- [Microsoft GSL](https://github.com/microsoft/GSL)
---
**💡 Philosophie Warfactory** : *"Zéro bug en production grâce à la détection automatique exhaustive en développement"*
Reference in New Issue View Git Blame Copy Permalink