[Tarantool-patches] [PATCH luajit v2 5/5] ci: introduce testing workflow with sanitizers
Sergey Bronnikov
sergeyb at tarantool.org
Mon Jul 24 14:54:49 MSK 2023
Thanks for the patch!
See my comments below.
Sergey
On 7/21/23 11:12, Igor Munkin wrote:
<snipped>
> diff --git a/.github/actions/setup-sanitizers/README.md b/.github/actions/setup-sanitizers/README.md
> new file mode 100644
> index 00000000..3aa9e214
> --- /dev/null
> +++ b/.github/actions/setup-sanitizers/README.md
> @@ -0,0 +1,12 @@
> +# Setup environment for sanitizers on Linux
> +
> +Action setups the environment on Linux runners (install requirements, setup the
> +workflow environment, etc) for testing with sanitizers enabled.
> +
> +## How to use Github Action from Github workflow
> +
> +Add the following code to the running steps before LuaJIT configuration:
> +```
> +- uses: ./.github/actions/setup-sanitizers
> + if: ${{ matrix.OS == 'Linux' }}
Nit: I would left a comment why OSes is limited by Linux only.
You actually said it in commit message ("I believe we will
be able to add other platforms being supported, when macOS runners
starvation is defeated.").
> +```
> diff --git a/.github/actions/setup-sanitizers/action.yml b/.github/actions/setup-sanitizers/action.yml
> new file mode 100644
> index 00000000..ca6b6b9f
> --- /dev/null
> +++ b/.github/actions/setup-sanitizers/action.yml
> @@ -0,0 +1,24 @@
> +name: Setup CI environment for testing with sanitizers on Linux
> +description: Common part to tweak Linux CI runner environment for sanitizers
> +runs:
> + using: composite
> + steps:
> + - name: Setup CI environment
> + uses: ./.github/actions/setup
> + - name: Set CMAKE_BUILD_PARALLEL_LEVEL
> + run: |
> + # Set CMAKE_BUILD_PARALLEL_LEVEL environment variable to
> + # limit the number of parallel jobs for build/test step.
> + NPROC=$(nproc)
> + echo CMAKE_BUILD_PARALLEL_LEVEL=$(($NPROC + 1)) | tee -a $GITHUB_ENV
> + shell: bash
> + - name: Install build and test dependencies
> + run: |
> + apt -y update
> + apt -y install clang-11 cmake ninja-build make perl
> + shell: bash
> + - name: Set Clang as a default toolchain
> + run: |
> + echo CC=clang-11 | tee -a $GITHUB_ENV
> + echo CXX=clang++-11 | tee -a $GITHUB_ENV
> + shell: bash
> diff --git a/.github/workflows/sanitizers-testing.yml b/.github/workflows/sanitizers-testing.yml
> new file mode 100644
> index 00000000..6c345108
> --- /dev/null
> +++ b/.github/workflows/sanitizers-testing.yml
> @@ -0,0 +1,89 @@
> +name: Sanitizers testing
> +
> +on:
> + push:
> + branches-ignore:
> + - '**-notest'
> + - 'upstream-**'
> + tags-ignore:
> + - '**'
> +
> +concurrency:
> + # An update of a developer branch cancels the previously
> + # scheduled workflow run for this branch. However, the default
> + # branch, and long-term branch (tarantool/release/2.11,
> + # tarantool/release/2.10, etc) workflow runs are never canceled.
> + #
> + # We use a trick here: define the concurrency group as 'workflow
> + # run ID' + # 'workflow run attempt' because it is a unique
> + # combination for any run. So it effectively discards grouping.
> + #
> + # XXX: we cannot use `github.sha` as a unique identifier because
> + # pushing a tag may cancel a run that works on a branch push
> + # event.
> + group: ${{ startsWith(github.ref, 'refs/heads/tarantool/')
> + && format('{0}-{1}', github.run_id, github.run_attempt)
> + || format('{0}-{1}', github.workflow, github.ref) }}
> + cancel-in-progress: true
> +
> +jobs:
> + test-asan:
> + strategy:
> + fail-fast: false
> + matrix:
> + # XXX: Let's start with only Linux/x86_64
> + BUILDTYPE: [Debug, Release]
> + include:
> + - BUILDTYPE: Debug
> + CMAKEFLAGS: -DCMAKE_BUILD_TYPE=Debug -DLUA_USE_ASSERT=ON -DLUA_USE_APICHECK=ON
> + - BUILDTYPE: Release
> + CMAKEFLAGS: -DCMAKE_BUILD_TYPE=RelWithDebInfo
> + runs-on: [self-hosted, regular, Linux, x86_64]
> + name: >
> + LuaJIT with ASan (Linux/x86_64)
> + ${{ matrix.BUILDTYPE }}
> + GC64:ON SYSMALLOC:ON
> + steps:
> + - uses: actions/checkout at v3
> + with:
> + fetch-depth: 0
> + submodules: recursive
> + - name: setup Linux for sanitizers
> + uses: ./.github/actions/setup-sanitizers
> + - name: configure
> + run: >
> + cmake -S . -B ${{ env.BUILDDIR }}
> + -G Ninja
> + ${{ matrix.CMAKEFLAGS }}
> + -DLUAJIT_USE_ASAN=ON
> + # XXX: Unfortunately, internal LuaJIT memory allocator
> + # is not instrumented yet, so to find any memory errors
> + # it's better to build LuaJIT with system provided
> + # memory allocator (i.e. run CMake configuration phase
> + # with -DLUAJIT_USE_SYSMALLOC=ON). For more info, see
> + # root CMakeLists.txt.
> + -DLUAJIT_USE_SYSMALLOC=ON
> + # XXX: LUAJIT_USE_SYSMALLOC cannot be enabled on x64
> + # without GC64, since realloc usually doesn't return
> + # addresses in the right address range. For more info,
> + # see root CMakeLists.txt.
> + -DLUAJIT_ENABLE_GC64=ON
Nit: I suppose it would be easy read paragraph above if indent it by
"-S", not by "cmake".
> + - name: build
> + run: cmake --build . --parallel
> + working-directory: ${{ env.BUILDDIR }}
> + - name: test
> + env:
> + # Enable as much checks as possible. See more info here:
> + # https://github.com/google/sanitizers/wiki/AddressSanitizerFlags.
> + ASAN_OPTIONS: " \
> + detect_invalid_pointer_pairs=1: \
> + detect_leaks=1: \
> + detect_stack_use_after_return=1: \
> + dump_instruction_bytes=1: \
> + heap_profile=0: \
> + print_suppressions=0 \
> + symbolize=1: \
> + unmap_shadow_on_exit=1: \
> + "
This options are used in CI and doesn't present in CMake, so ASAN will
work different locally and in CI.
Is it expected?
> + run: cmake --build . --parallel --target LuaJIT-test
> + working-directory: ${{ env.BUILDDIR }}
More information about the Tarantool-patches
mailing list