diff --git a/.github/workflows/ci-sanitizers.yml b/.github/workflows/ci-sanitizers.yml index 431551260..bc8218899 100644 --- a/.github/workflows/ci-sanitizers.yml +++ b/.github/workflows/ci-sanitizers.yml @@ -2,13 +2,15 @@ name: CI with sanitizers enabled on: pull_request: + workflow_dispatch: # schedule: # - cron: '0 20 * * *' # Every day at 12pm PST (UTC-8) env: - BUILD_TYPE: Release + BUILD_TYPE: Debug MOUNT: /azure-osconfig REGISTRY: ghcr.io + SANITIZER_FLAGS: -fsanitize=address,undefined -fno-omit-frame-pointer -g -O1 jobs: create-ci-matrix: @@ -22,44 +24,11 @@ jobs: run: | matrix="$(cat <<'EOL' [ - { "name": "almalinux-9", "arch": "amd64", "tag": "latest" }, - { "name": "amazonlinux-2", "arch": "amd64", "tag": "latest" }, - { "name": "centos-7", "arch": "amd64", "tag": "latest" }, - { "name": "centos-8", "arch": "amd64", "tag": "latest" }, - { "name": "debian-10", "arch": "amd64", "tag": "latest" }, - { "name": "debian-11", "arch": "amd64", "tag": "latest" }, - { "name": "debian-12", "arch": "amd64", "tag": "latest" }, - { "name": "mariner-2", "arch": "amd64", "tag": "latest" }, - { "name": "oraclelinux-7", "arch": "amd64", "tag": "latest" }, - { "name": "oraclelinux-8", "arch": "amd64", "tag": "latest" }, - { "name": "rhel-7", "arch": "amd64", "tag": "latest" }, - { "name": "rhel-8", "arch": "amd64", "tag": "latest" }, - { "name": "rhel-9", "arch": "amd64", "tag": "latest" }, - { "name": "sles-15", "arch": "amd64", "tag": "latest" }, - { "name": "ubuntu-20.04", "arch": "amd64", "tag": "latest" }, { "name": "ubuntu-22.04", "arch": "amd64", "tag": "latest" } ] EOL )" - # Skip ARM64 CI builds for now - # - # arm64Targets="$(cat <<'EOL' - # [ - # { "name": "debian-10", "arch": "arm64", "tag": "sha-c689eee" }, - # { "name": "debian-11", "arch": "arm64", "tag": "sha-c689eee" }, - # { "name": "debian-12", "arch": "arm64", "tag": "sha-db3d4c8" }, - # { "name": "ubuntu-20.04", "arch": "arm64", "tag": "sha-c689eee" }, - # { "name": "ubuntu-22.04", "arch": "arm64", "tag": "sha-db3d4c8" } - # ] - # EOL - # )" - # - # Add arm64 distros only on scheduled runs to prevent long CI times for PRs - # if [ "${{ github.event_name }}" == "schedule" ]; then - # matrix=$(jq --argjson arm64Targets "$arm64Targets" '. += $arm64Targets' <<< "$matrix") - # fi - echo Distros to perform CI on: $matrix echo matrix=$matrix >> $GITHUB_OUTPUT @@ -104,7 +73,7 @@ jobs: container: ${{ steps.container.outputs.id }} cmd: | mkdir build && cd build - cmake ../src -DCMAKE_build-type=${{ env.BUILD_TYPE }} -Duse_prov_client=ON -Dhsm_type_symm_key=ON -DCOMPILE_WITH_STRICTNESS=ON -DBUILD_TESTS=ON -DBUILD_SAMPLES=ON -DBUILD_ADAPTERS=ON -Duse_default_uuid=ON + cmake ../src -DCMAKE_C_FLAGS="${{ env.SANITIZER_FLAGS }}" -DCMAKE_CXX_FLAGS="${{ env.SANITIZER_FLAGS }}" -DCMAKE_build-type=${{ env.BUILD_TYPE }} -Duse_prov_client=ON -Dhsm_type_symm_key=ON -DCOMPILE_WITH_STRICTNESS=ON -DBUILD_TESTS=ON -DBUILD_SAMPLES=ON -DBUILD_ADAPTERS=ON -Duse_default_uuid=ON - name: Build azure-osconfig uses: ./.github/actions/container-exec @@ -118,22 +87,22 @@ jobs: with: container: ${{ steps.container.outputs.id }} working-directory: ${{ env.MOUNT }}/build - cmd: ctest --verbose > ../${{ matrix.target.name }}-${{ matrix.target.arch }}.log + cmd: ctest --verbose > ../${{ matrix.target.name }}-${{ matrix.target.arch }}-sanitizer.log - name: Generate test report uses: ./.github/actions/gtest-xml if: success() || failure() with: path: ./build/gtest-output - output: ${{ matrix.target.name }}-${{ matrix.target.arch }}.xml + output: ${{ matrix.target.name }}-${{ matrix.target.arch }}-sanitizer.xml - uses: actions/upload-artifact@v4 if: success() || failure() with: - name: unit-test-${{ matrix.target.name }}-${{ matrix.target.arch }} + name: unit-test-${{ matrix.target.name }}-${{ matrix.target.arch }}-sanitizer path: | - ${{ matrix.target.name }}-${{ matrix.target.arch }}.log - ${{ matrix.target.name }}-${{ matrix.target.arch }}.xml + ${{ matrix.target.name }}-${{ matrix.target.arch }}-sanitizer.log + ${{ matrix.target.name }}-${{ matrix.target.arch }}-sanitizer.xml report: name: Report @@ -148,10 +117,10 @@ jobs: uses: actions/download-artifact@v4 with: path: ci-test - pattern: 'unit-test-*' + pattern: 'unit-test-*-sanitizer' merge-multiple: true - name: Publish Test Results uses: EnricoMi/publish-unit-test-result-action@v2 with: - files: 'ci-test/*.xml' + files: 'ci-test/*-sanitizer.xml' \ No newline at end of file diff --git a/devops/docker/ubuntu-22.04-amd64/Dockerfile b/devops/docker/ubuntu-22.04-amd64/Dockerfile index a2e043486..af1409ada 100644 --- a/devops/docker/ubuntu-22.04-amd64/Dockerfile +++ b/devops/docker/ubuntu-22.04-amd64/Dockerfile @@ -21,7 +21,9 @@ RUN apt -y update && apt-get -y install \ gcovr\ jq \ bc \ - file + file \ + libasan6 \ + libubsan1 WORKDIR /git diff --git a/src/common/commonutils/FileUtils.c b/src/common/commonutils/FileUtils.c index 143a7dbaa..69a5245e4 100644 --- a/src/common/commonutils/FileUtils.c +++ b/src/common/commonutils/FileUtils.c @@ -28,7 +28,7 @@ char* LoadStringFromFile(const char* fileName, bool stopAtEol, void* log) if (string) { memset(&string[0], 0, fileSize + 1); - for (i = 0; i <= fileSize; i++) + for (i = 0; i < fileSize; i++) { next = fgetc(file); if ((EOF == next) || (stopAtEol && (EOL == next)))