Merge pull request #276 from cconlon/ghActionASAN

Testing: add GitHub Action for -fsanitize=address
master
David Garske 2025-06-12 12:07:03 -07:00 committed by GitHub
commit 3ee581da6b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 118 additions and 1 deletions

View File

@ -0,0 +1,83 @@
name: AddressSanitizer Build and Test
on:
workflow_call:
inputs:
os:
required: true
type: string
jdk_distro:
required: true
type: string
jdk_version:
required: true
type: string
wolfssl_configure:
required: true
type: string
jobs:
build_wolfssljni_asan:
runs-on: ${{ inputs.os }}
steps:
- uses: actions/checkout@v4
- name: Cache JUnit dependencies
uses: actions/cache@v4
id: cache-junit
with:
path: junit
key: junit-jars-v1
- name: Download junit-4.13.2.jar
if: steps.cache-junit.outputs.cache-hit != 'true'
run: wget --directory-prefix=$GITHUB_WORKSPACE/junit https://repo1.maven.org/maven2/junit/junit/4.13.2/junit-4.13.2.jar
- name: Download hamcrest-all-1.3.jar
if: steps.cache-junit.outputs.cache-hit != 'true'
run: wget --directory-prefix=$GITHUB_WORKSPACE/junit https://repo1.maven.org/maven2/org/hamcrest/hamcrest-all/1.3/hamcrest-all-1.3.jar
- name: Build native wolfSSL with AddressSanitizer
uses: wolfSSL/actions-build-autotools-project@v1
with:
repository: wolfSSL/wolfssl
ref: master
path: wolfssl
configure: ${{ inputs.wolfssl_configure }} CFLAGS="-fsanitize=address -fno-omit-frame-pointer" LDFLAGS="-fsanitize=address"
check: false
install: true
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: ${{ inputs.jdk_distro }}
java-version: ${{ inputs.jdk_version }}
# Set environment variables
# Use detect_leaks=0 to avoid leak sanitizer going wild when run via
# Java, since it can have issues tracking internal JNI/JVM memory.
# This will let us catch all non-leak issues.
- name: Set environment variables
run: |
echo "JUNIT_HOME=$GITHUB_WORKSPACE/junit" >> "$GITHUB_ENV"
echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib" >> "$GITHUB_ENV"
echo "ASAN_OPTIONS=detect_leaks=0:abort_on_error=1:halt_on_error=1:print_stats=1" >> "$GITHUB_ENV"
- name: Build JNI library with AddressSanitizer
run: CFLAGS="-fsanitize=address -fno-omit-frame-pointer -g" LDFLAGS="-fsanitize=address" ./java.sh $GITHUB_WORKSPACE/build-dir
- name: Build JAR (ant)
run: ant
- name: Find AddressSanitizer library
run: |
ASAN_LIB=$(gcc -print-file-name=libasan.so)
echo "ASAN_LIB=$ASAN_LIB" >> "$GITHUB_ENV"
echo "LD_PRELOAD=$ASAN_LIB" >> "$GITHUB_ENV"
- name: Run Java tests with AddressSanitizer (ant test)
run: ant test
- name: Show logs on failure
if: failure() || cancelled()
run: |
cat build/reports/*.txt

View File

@ -32,10 +32,19 @@ jobs:
- name: Test Infer get version
run: infer --version
# Download Junit JARs
# Cache and Download Junit JARs
- name: Cache JUnit dependencies
uses: actions/cache@v4
id: cache-junit
with:
path: junit
key: junit-jars-v1
- name: Download junit-4.13.2.jar
if: steps.cache-junit.outputs.cache-hit != 'true'
run: wget --directory-prefix=$GITHUB_WORKSPACE/junit https://repo1.maven.org/maven2/junit/junit/4.13.2/junit-4.13.2.jar
- name: Download hamcrest-all-1.3.jar
if: steps.cache-junit.outputs.cache-hit != 'true'
run: wget --directory-prefix=$GITHUB_WORKSPACE/junit https://repo1.maven.org/maven2/org/hamcrest/hamcrest-all/1.3/hamcrest-all-1.3.jar
# Build native wolfSSL

View File

@ -25,9 +25,18 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Cache JUnit dependencies
uses: actions/cache@v4
id: cache-junit
with:
path: junit
key: junit-jars-v1
- name: Download junit-4.13.2.jar
if: steps.cache-junit.outputs.cache-hit != 'true'
run: wget --directory-prefix=$GITHUB_WORKSPACE/junit https://repo1.maven.org/maven2/junit/junit/4.13.2/junit-4.13.2.jar
- name: Download hamcrest-all-1.3.jar
if: steps.cache-junit.outputs.cache-hit != 'true'
run: wget --directory-prefix=$GITHUB_WORKSPACE/junit https://repo1.maven.org/maven2/org/hamcrest/hamcrest-all/1.3/hamcrest-all-1.3.jar
- name: Build native wolfSSL

View File

@ -205,3 +205,19 @@ jobs:
jdk_version: ${{ matrix.jdk_version }}
wolfssl_configure: ${{ matrix.wolfssl_configure }}
# --------------- AddressSanitizer build and test ------------------
# Run AddressSanitizer build and test on Linux only for memory error detection
address-sanitizer:
strategy:
matrix:
os: [ 'ubuntu-latest' ]
jdk_version: [ '21' ]
wolfssl_configure: [ '--enable-jni' ]
name: AddressSanitizer (${{ matrix.os }} Zulu JDK ${{ matrix.jdk_version }})
uses: ./.github/workflows/address-sanitizer.yml
with:
os: ${{ matrix.os }}
jdk_distro: "zulu"
jdk_version: ${{ matrix.jdk_version }}
wolfssl_configure: ${{ matrix.wolfssl_configure }}