Skip to content

Commit

Permalink
ci: Run the sanitizers in parallel (#2166)
Browse files Browse the repository at this point in the history 
* ci: Run the sanitizers in parallel

* Fixes

* Again

* Again

* Again

* Again

* Finalize

* Update .github/workflows/check.yml

Co-authored-by: Max Inden <mail@max-inden.de>
Signed-off-by: Lars Eggert <lars@eggert.org>

* Refactor into separate workflow

* Again

* Again

* llvm

* memory

* No memory

* ASAN_OPTIONS: detect_leaks=1:detect_stack_use_after_return=1

* actionlint

* Suppress

* LSAN_OPTIONS

* Remove comment

* Again

* pwd

---------

Signed-off-by: Lars Eggert <lars@eggert.org>
Co-authored-by: Max Inden <mail@max-inden.de>
  • Loading branch information
@larseggert @mxinden
larseggert and mxinden authored Oct 11, 2024
1 parent 5f8d876 commit 249d062
Show file tree
Hide file tree
Showing 3 changed files with 98 additions and 25 deletions.
44 changes: 20 additions & 24 deletions .github/workflows/check.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,31 @@ concurrency:
permissions:
contents: read

defaults:
run:
shell: bash

jobs:
toolchains:
runs-on: ubuntu-latest
outputs:
toolchains: ${{ steps.toolchains.outputs.toolchains }}
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
sparse-checkout: Cargo.toml
- id: toolchains
run: |
msrv="$(grep rust-version Cargo.toml | tr -d '"' | cut -f3 -d\ )"
echo "toolchains=[\"$msrv\", \"stable\", \"nightly\"]" >> "$GITHUB_OUTPUT"
check:
needs: toolchains
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
# Keep in sync with Cargo.toml
rust-toolchain: [1.76.0, stable, nightly]
rust-toolchain: ${{ fromJSON(needs.toolchains.outputs.toolchains) }}
type: [debug]
include:
- os: ubuntu-latest
Expand All @@ -41,17 +58,14 @@ jobs:
env:
BUILD_TYPE: ${{ matrix.type == 'release' && '--release' || '' }}
runs-on: ${{ matrix.os }}
defaults:
run:
shell: bash

steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0

- uses: ./.github/actions/rust
with:
version: ${{ matrix.rust-toolchain }}
components: ${{ matrix.rust-toolchain == 'stable' && 'llvm-tools-preview' || matrix.rust-toolchain == 'nightly' && 'rust-src' || '' }}
components: ${{ matrix.rust-toolchain == 'stable' && 'llvm-tools-preview' || '' }}
tools: ${{ matrix.rust-toolchain == 'stable' && 'cargo-llvm-cov, ' || '' }} cargo-nextest
token: ${{ secrets.GITHUB_TOKEN }}

Expand Down Expand Up @@ -103,24 +117,6 @@ jobs:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
if: matrix.type == 'debug' && matrix.rust-toolchain == 'stable'

- name: Run tests with sanitizers
if: (matrix.os == 'ubuntu-latest' || matrix.os == 'macos-latest') && matrix.rust-toolchain == 'nightly'
env:
RUST_LOG: trace
run: |
if [ "${{ matrix.os }}" = "ubuntu-latest" ]; then
TARGET="x86_64-unknown-linux-gnu"
SANITIZERS="address thread leak"
elif [ "${{ matrix.os }}" = "macos-latest" ]; then
TARGET="aarch64-apple-darwin"
# no leak sanitizer support yet
SANITIZERS="address thread"
fi
for sanitizer in $SANITIZERS; do
echo "Running tests with $sanitizer sanitizer..."
RUSTFLAGS="-Z sanitizer=$sanitizer" RUSTDOCFLAGS="-Z sanitizer=$sanitizer" cargo +nightly nextest run -Z build-std --features ci --target "$TARGET"
done
bench:
needs: [check]
if: >
Expand Down
78 changes: 78 additions & 0 deletions .github/workflows/sanitize.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
name: Sanitize
on:
push:
branches: ["main"]
paths-ignore: ["*.md", "*.png", "*.svg", "LICENSE-*"]
pull_request:
branches: ["main"]
paths-ignore: ["*.md", "*.png", "*.svg", "LICENSE-*"]
merge_group:
workflow_dispatch:
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1

concurrency:
group: ${{ github.workflow }}-${{ github.ref_name }}
cancel-in-progress: true

permissions:
contents: read

defaults:
run:
shell: bash

jobs:
sanitize:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest] # No Windows support for sanitizers.
sanitizer: [address, thread, leak] # TODO: memory
exclude:
# Memory and leak sanitizers are not supported on macOS.
- os: macos-latest
sanitizer: leak
# - os: macos-latest
# sanitizer: memory
runs-on: ${{ matrix.os }}

steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: ./.github/actions/rust
with:
version: nightly
components: rust-src
tools: cargo-nextest
token: ${{ secrets.GITHUB_TOKEN }}

- id: nss-version
run: echo "minimum=$(cat neqo-crypto/min_version.txt)" >> "$GITHUB_OUTPUT"

- uses: ./.github/actions/nss
with:
minimum-version: ${{ steps.nss-version.outputs.minimum }}

- name: Run tests with sanitizers
env:
RUST_LOG: trace
RUSTFLAGS: "-Z sanitizer=${{ matrix.sanitizer }}"
RUSTDOCFLAGS: "-Z sanitizer=${{ matrix.sanitizer }}"
ASAN_OPTIONS: detect_leaks=1:detect_stack_use_after_return=1
run: |
if [ "${{ matrix.os }}" = "ubuntu-latest" ]; then
sudo apt-get install -y --no-install-recommends llvm
TARGET="x86_64-unknown-linux-gnu"
elif [ "${{ matrix.os }}" = "macos-latest" ]; then
# llvm-symbolizer (as part of llvm) is installed by default on macOS runners
TARGET="aarch64-apple-darwin"
# Suppress non-neqo leaks on macOS. TODO: Check occasionally if these are still needed.
{
echo "leak:dyld4::RuntimeState"
echo "leak:fetchInitializingClassList"
} > suppressions.txt
PWD=$(pwd)
export LSAN_OPTIONS="suppressions=$PWD/suppressions.txt"
fi
cargo nextest run -Z build-std --features ci --target "$TARGET"
1 change: 0 additions & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ edition = "2021"
license = "MIT OR Apache-2.0"
# Don't increase beyond what Firefox is currently using:
# https://searchfox.org/mozilla-central/search?q=MINIMUM_RUST_VERSION&path=python/mozboot/mozboot/util.py
# Keep in sync with .github/workflows/check.yml
rust-version = "1.76.0"

[workspace.dependencies]
Expand Down

0 comments on commit 249d062

Please sign in to comment.