[secp256k1] ci: Run ASan/LSan and reorganize sanitizer and Valgrind jobs

real-or-random · Fabcien · commit 5f47cd05476d · 2023-01-09T17:39:49.000+01:00
Summary: ``` This enables asan (including lsan), and restructures the sanitizer builds. It also removes -fno-omit-frame-pointer again. This is debatable. The main reason for removing this is that GCC (but not clang) fails to build (runs out of registers) when combining asan, -fno-omit-frame-pointer, and the x86_64 asm. But I believe without -fno-omit-frame-pointer, the instrumented binary may be closer to the real binary, which is good. If we get unusable debugging output on CI without frame pointers, we can still reproduce the build locally. ``` Backport of [[bitcoin-core/secp256k1#846 | secp256k1#846]]. Completes backport of [[bitcoin-core/secp256k1#969 | secp256k1#969]]: bitcoin-core/secp256k1@3d2f492 Depends on D12957. Test Plan: ninja check-secp256k1 Tested the cirrus build against my personal github forked repo. Reviewers: #bitcoin_abc, sdulfari Reviewed By: #bitcoin_abc, sdulfari Subscribers: sdulfari Differential Revision: https://reviews.bitcoinabc.org/D12960
diff --git a/src/secp256k1/.cirrus.yml b/src/secp256k1/.cirrus.yml
@@ -8,7 +8,6 @@ env:
   AUTOTOOLS_EXTRA_FLAGS:
   CMAKE_EXTRA_FLAGS:
   WITH_VALGRIND: yes
-  RUN_VALGRIND: no
   HOST:
   ECDH: no
   RECOVERY: no
@@ -19,7 +18,8 @@ env:
   MULTISET: no
   CTIMETEST: yes
   BENCH: yes
-  ITERS: 2
+  TEST_ITERS:
+  BENCH_ITERS: 2
   MAKEFLAGS: -j2
 
 cat_logs_snippet: &CAT_LOGS
@@ -56,29 +56,8 @@ task:
       # The Cirrus macOS VM has no java installed
       only_if: $CIRRUS_OS == 'linux'
     - env: {SCHNORR: no}
-    - env:
-        CFLAGS:  "-fsanitize=undefined -fno-omit-frame-pointer"
-        LDFLAGS: "-fsanitize=undefined -fno-omit-frame-pointer"
-        UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1"
-        ASM: x86_64
-        ECDH: yes
-        RECOVERY: yes
-        EXPERIMENTAL: yes
-        MULTISET: yes
-        SCHNORRSIG: yes
-        CTIMETEST: no
     - env: { ECMULTGENPRECISION: 2 }
     - env: { ECMULTGENPRECISION: 8 }
-    - env:
-        RUN_VALGRIND: yes
-        ASM: x86_64
-        ECDH: yes
-        RECOVERY: yes
-        EXPERIMENTAL: yes
-        MULTISET: yes
-        SCHNORRSIG: yes
-        AUTOTOOLS_TARGET:
-        CMAKE_TARGET: "secp256k1-tests secp256k1-exhaustive_tests"
   matrix:
     - env:
         CC: gcc
@@ -178,7 +157,8 @@ task:
     cpu: 1
     memory: 1G
   env:
-    QEMU_CMD: qemu-s390x
+    WRAPPER_CMD: qemu-s390x
+    TEST_ITERS: 16
     HOST: s390x-linux-gnu
     WITH_VALGRIND: no
     ECDH: yes
@@ -193,3 +173,52 @@ task:
     - rm /etc/ld.so.cache
     - ./ci/build_autotools.sh
   << : *CAT_LOGS
+
+# Sanitizers
+task:
+  container:
+    dockerfile: ci/linux-debian.Dockerfile
+    cpu: 1
+    memory: 1G
+  env:
+    ECDH: yes
+    RECOVERY: yes
+    EXPERIMENTAL: yes
+    MULTISET: yes
+    SCHNORRSIG: yes
+    CTIMETEST: no
+  matrix:
+    - name: "Valgrind (memcheck)"
+      env:
+        # The `--error-exitcode` is required to make the test fail if valgrind
+        # found errors, otherwise it'll return 0
+        # (https://www.valgrind.org/docs/manual/manual-core.html)
+        WRAPPER_CMD: "valgrind --error-exitcode=42"
+        TEST_ITERS: 16
+        AUTOTOOLS_TARGET:
+        CMAKE_TARGET: "secp256k1-tests secp256k1-exhaustive_tests"
+    - name: "UBSan, ASan, LSan"
+      env:
+        CFLAGS: "-fsanitize=undefined,address"
+        CFLAGS_FOR_BUILD: "-fsanitize=undefined,address"
+        UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1"
+        ASAN_OPTIONS: "strict_string_checks=1:detect_stack_use_after_return=1:detect_leaks=1"
+        LSAN_OPTIONS: "use_unaligned=1"
+        TEST_ITERS: 32
+  # Try to cover many configurations with just a tiny matrix.
+  matrix:
+    - env:
+        STATICPRECOMPUTATION: yes
+    - env:
+        STATICPRECOMPUTATION: no
+        ECMULTGENPRECISION: 2
+  matrix:
+    - env:
+        CC: clang
+    - env:
+        HOST: i686-linux-gnu
+        CC: i686-linux-gnu-gcc
+  test_script:
+    - ./ci/build_autotools.sh
+    - ./ci/build_cmake.sh
+  << : *CAT_LOGS
diff --git a/src/secp256k1/ci/build_autotools.sh b/src/secp256k1/ci/build_autotools.sh
@@ -55,6 +55,13 @@ print_logs() {
 }
 trap 'print_logs' ERR
 
+# This tells `make check` to wrap test invocations.
+export LOG_COMPILER="$WRAPPER_CMD"
+
+# This limits the iterations in the tests and benchmarks.
+export SECP256K1_TEST_ITERS="$TEST_ITERS"
+export SECP256K1_BENCH_ITERS="$BENCH_ITERS"
+
 # We have set "-j<n>" in MAKEFLAGS.
 make $AUTOTOOLS_TARGET
 
@@ -63,32 +70,14 @@ file *tests || true
 file bench_* || true
 file .libs/* || true
 
-if [ "$RUN_VALGRIND" = "yes" ]; then
-  # the `--error-exitcode` is required to make the test fail if valgrind found
-  # errors, otherwise it'll return 0
-  # (https://www.valgrind.org/docs/manual/manual-core.html)
-  valgrind --error-exitcode=42 ./tests 16
-  valgrind --error-exitcode=42 ./exhaustive_tests
-fi
-
-if [ -n "$QEMU_CMD" ]; then
-  $QEMU_CMD ./tests 16
-  $QEMU_CMD ./exhaustive_tests
-fi
-
 if [ "$BENCH" = "yes" ]; then
   # Using the local `libtool` because on macOS the system's libtool has
   # nothing to do with GNU libtool
   EXEC='./libtool --mode=execute'
-  if [ -n "$QEMU_CMD" ]; then
-    EXEC="$EXEC $QEMU_CMD"
-  fi
-  if [ "$RUN_VALGRIND" = "yes" ]; then
-    EXEC="$EXEC valgrind --error-exitcode=42"
+  if [ -n "$WRAPPER_CMD" ]; then
+    EXEC="$EXEC $WRAPPER_CMD"
   fi
 
-  # This limits the iterations in the benchmarks below to ITER iterations.
-  export SECP256K1_BENCH_ITERS="$ITERS"
   {
     $EXEC ./bench_ecmult
     $EXEC ./bench_internal
diff --git a/src/secp256k1/ci/linux-debian.Dockerfile b/src/secp256k1/ci/linux-debian.Dockerfile
@@ -5,8 +5,9 @@ RUN dpkg --add-architecture s390x
 RUN apt-get update
 
 # dkpg-dev: to make pkg-config work in cross-builds
+# llvm: for llvm-symbolizer, which is used by clang's UBSan for symbolized stack traces
 RUN apt-get install --no-install-recommends --no-upgrade -y \
         automake cmake default-jdk dpkg-dev libssl-dev libtool make ninja-build pkg-config python3 qemu-user valgrind \
-        gcc clang libc6-dbg \
-        gcc-i686-linux-gnu libc6-dev-i386-cross libc6-dbg:i386 \
+        gcc clang llvm libc6-dbg \
+        gcc-i686-linux-gnu libc6-dev-i386-cross libc6-dbg:i386 libubsan1:i386 libasan6:i386 \
         gcc-s390x-linux-gnu libc6-dev-s390x-cross libc6-dbg:s390x
diff --git a/src/secp256k1/src/tests.c b/src/secp256k1/src/tests.c
@@ -5701,7 +5701,7 @@ int main(int argc, char **argv) {
         count = strtol(argv[1], NULL, 0);
     } else {
         const char* env = getenv("SECP256K1_TEST_ITERS");
-        if (env) {
+        if (env && strlen(env) > 0) {
             count = strtol(env, NULL, 0);
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -5701,7 +5701,7 @@ int main(int argc, char **argv) {`
`5701`	`5701`	`count = strtol(argv[1], NULL, 0);`
`5702`	`5702`	`} else {`
`5703`	`5703`	`const char* env = getenv("SECP256K1_TEST_ITERS");`
`5704`		`- if (env) {`
	`5704`	`+ if (env && strlen(env) > 0) {`
`5705`	`5705`	`count = strtol(env, NULL, 0);`
`5706`	`5706`	`}`
`5707`	`5707`	`}`