| Message ID | patch-v4-3.3-fffbfc35c00-20210907T151855Z-avarab@gmail.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | add a test mode for SANITIZE=leak, run it in CI | expand |
On Tue, Sep 7, 2021 at 11:33 AM Ævar Arnfjörð Bjarmason <avarab@gmail.com> wrote: > [...] > On the topi of "LSAN_OPTIONS": It would be nice to have a mode to > aggregate all failures in our various scripts, see [2] for a start at > doing that which sets "log_path" in "LSAN_OPTIONS". I've punted on > that for now, it can be added later, and that proposed patch is also > hindered by us wanting to test e.g. test-tool leaks (and by proxy, any > API leaks they uncover), not just the "common-main.c" entry point. s/topi/topic/
On Tue, Sep 07, 2021 at 05:33:31PM +0200, Ævar Arnfjörð Bjarmason wrote: > Subject: [PATCH v4 3/3] tests: add a test mode for SANITIZE=leak, run it in CI The patch looks OK to me. There are a bunch of typos/nits in the commit message which made it a little harder to read. I don't care _that_ much, but there's one inaccuracy I wanted to point out, and the others are along for the ride. :) > While git can be compiled with SANITIZE=leak we have not run > regression tests under that mode, memory leaks have only been fixed as > one-offs without structured regression testing. Funky comma placement. Maybe: While git can be compiled with SANITIZE=leak, we have not run regression tests under that mode. Memory leaks have only been fixed as one-offs without structured regression testing. > This change add CI testing for it. We'll now build with GCC under > Linux and test t000[04]*.sh with SANITIZE=leak, and likewise with GCC > on OSX. The new jobs are called "linux-SANITIZE=leak" and > "osx-SANITIZE=leak". s/add/adds/ A matter of taste, but I find the "linux-SANITIZE=leak" a little funny to read because of the mixed-caps and punctuation. Just linux-leaks or something is descriptive enough. Pure bikeshedding, of course. > On the topi of "LSAN_OPTIONS": It would be nice to have a mode to > aggregate all failures in our various scripts, see [2] for a start at > doing that which sets "log_path" in "LSAN_OPTIONS". I've punted on > that for now, it can be added later, and that proposed patch is also > hindered by us wanting to test e.g. test-tool leaks (and by proxy, any > API leaks they uncover), not just the "common-main.c" entry point. I think test-tool does actually use common-main.c, so we'd be covered there, too. That said, I'm perfectly fine to leave this for now (or perhaps never; if we can get the whole suite passing with leak-checking on, then aggregating the many leak reports without having test failures will become a moot point). > +# skip non-whitelisted tests when compiled with SANITIZE=leak > +if test -n "$SANITIZE_LEAK" > +then > + if test_bool_env GIT_TEST_PASSING_SANITIZE_LEAK false > + then > + # We need to see it in "git env--helper" (via > + # test_bool_env) > + export TEST_PASSES_SANITIZE_LEAK > + > + if ! test_bool_env TEST_PASSES_SANITIZE_LEAK false > + then > + skip_all="skipping $this_test under GIT_TEST_PASSING_SANITIZE_LEAK=true" > + test_done > + fi > + fi > +elif test_bool_env GIT_TEST_PASSING_SANITIZE_LEAK false > +then > + error "GIT_TEST_PASSING_SANITIZE_LEAK=true has no effect except when compiled with SANITIZE=leak" > +fi I wondered if it would be helpful for this to be more forgiving. But there's not much point in setting GIT_TEST_PASSING_SANITIZE_LEAK all the time (say, in your config.mak), since it will just skip a bunch of tests. So it probably does make sense to alert the user that "oops, you did not actually build things correctly". -Peff
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 68596f25927..b41572293c9 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -232,6 +232,12 @@ jobs: - jobname: linux-gcc-default cc: gcc pool: ubuntu-latest + - jobname: linux-SANITIZE=leak + cc: gcc + pool: ubuntu-latest + - jobname: osx-SANITIZE=leak + cc: gcc + pool: macos-latest env: CC: ${{matrix.vector.cc}} jobname: ${{matrix.vector.jobname}} diff --git a/ci/install-dependencies.sh b/ci/install-dependencies.sh index 5772081b6e5..a89e72c1438 100755 --- a/ci/install-dependencies.sh +++ b/ci/install-dependencies.sh @@ -12,13 +12,13 @@ UBUNTU_COMMON_PKGS="make libssl-dev libcurl4-openssl-dev libexpat-dev libemail-valid-perl libio-socket-ssl-perl libnet-smtp-ssl-perl" case "$jobname" in -linux-clang|linux-gcc) +linux-clang|linux-gcc|linux-SANITIZE=leak) sudo apt-add-repository -y "ppa:ubuntu-toolchain-r/test" sudo apt-get -q update sudo apt-get -q -y install language-pack-is libsvn-perl apache2 \ $UBUNTU_COMMON_PKGS case "$jobname" in - linux-gcc) + linux-gcc|linux-SANITIZE=leak) sudo apt-get -q -y install gcc-8 ;; esac @@ -37,7 +37,7 @@ linux-clang|linux-gcc) cp git-lfs-$LINUX_GIT_LFS_VERSION/git-lfs . popd ;; -osx-clang|osx-gcc) +osx-clang|osx-gcc|osx-SANITIZE=leak) export HOMEBREW_NO_AUTO_UPDATE=1 HOMEBREW_NO_INSTALL_CLEANUP=1 # Uncomment this if you want to run perf tests: # brew install gnu-time diff --git a/ci/lib.sh b/ci/lib.sh index 33b9777ab7e..36b7c0d3020 100755 --- a/ci/lib.sh +++ b/ci/lib.sh @@ -183,9 +183,9 @@ export GIT_TEST_CLONE_2GB=true export SKIP_DASHED_BUILT_INS=YesPlease case "$jobname" in -linux-clang|linux-gcc) +linux-clang|linux-gcc|linux-SANITIZE=leak) case "$jobname" in - linux-gcc) + linux-gcc|linux-SANITIZE=leak) export CC=gcc-8 MAKEFLAGS="$MAKEFLAGS PYTHON_PATH=/usr/bin/python3" ;; @@ -208,9 +208,9 @@ linux-clang|linux-gcc) GIT_LFS_PATH="$HOME/custom/git-lfs" export PATH="$GIT_LFS_PATH:$P4_PATH:$PATH" ;; -osx-clang|osx-gcc) +osx-clang|osx-gcc|osx-SANITIZE=leak) case "$jobname" in - osx-gcc) + osx-gcc|osx-SANITIZE=leak) export CC=gcc-9 MAKEFLAGS="$MAKEFLAGS PYTHON_PATH=$(which python3)" ;; @@ -237,4 +237,11 @@ linux-musl) ;; esac +case "$jobname" in +linux-SANITIZE=leak|osx-SANITIZE=leak) + export SANITIZE=leak + export GIT_TEST_PASSING_SANITIZE_LEAK=true + ;; +esac + MAKEFLAGS="$MAKEFLAGS CC=${CC:-cc}" diff --git a/ci/run-build-and-tests.sh b/ci/run-build-and-tests.sh index 3ce81ffee94..4133239fc36 100755 --- a/ci/run-build-and-tests.sh +++ b/ci/run-build-and-tests.sh @@ -12,7 +12,7 @@ esac make case "$jobname" in -linux-gcc) +linux-gcc|linux-SANITIZE=leak) export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME=main make test export GIT_TEST_SPLIT_INDEX=yes diff --git a/t/README b/t/README index 9e701223020..4864f208c8a 100644 --- a/t/README +++ b/t/README @@ -366,6 +366,13 @@ excluded as so much relies on it, but this might change in the future. GIT_TEST_SPLIT_INDEX=<boolean> forces split-index mode on the whole test suite. Accept any boolean values that are accepted by git-config. +GIT_TEST_PASSING_SANITIZE_LEAK=<boolean> when compiled with +SANITIZE=leak will run only those tests that have whitelisted +themselves as passing with no memory leaks. Tests can be whitelisted +by setting "TEST_PASSES_SANITIZE_LEAK=true" before sourcing +"test-lib.sh" itself at the top of the test script. This test mode is +used by the "linux-SANITIZE=leak" CI target. + GIT_TEST_PROTOCOL_VERSION=<n>, when set, makes 'protocol.version' default to n. diff --git a/t/t0000-basic.sh b/t/t0000-basic.sh index cb87768513c..54318af3861 100755 --- a/t/t0000-basic.sh +++ b/t/t0000-basic.sh @@ -18,6 +18,7 @@ swapping compression and hashing order, the person who is making the modification *should* take notice and update the test vectors here. ' +TEST_PASSES_SANITIZE_LEAK=true . ./test-lib.sh try_local_xy () { diff --git a/t/t0004-unwritable.sh b/t/t0004-unwritable.sh index fbdcb926b3a..37d68ef03be 100755 --- a/t/t0004-unwritable.sh +++ b/t/t0004-unwritable.sh @@ -2,6 +2,7 @@ test_description='detect unwritable repository and fail correctly' +TEST_PASSES_SANITIZE_LEAK=true . ./test-lib.sh test_expect_success setup ' diff --git a/t/test-lib.sh b/t/test-lib.sh index 4ab18914a3d..3b7acfec23b 100644 --- a/t/test-lib.sh +++ b/t/test-lib.sh @@ -1379,6 +1379,26 @@ then test_done fi +# skip non-whitelisted tests when compiled with SANITIZE=leak +if test -n "$SANITIZE_LEAK" +then + if test_bool_env GIT_TEST_PASSING_SANITIZE_LEAK false + then + # We need to see it in "git env--helper" (via + # test_bool_env) + export TEST_PASSES_SANITIZE_LEAK + + if ! test_bool_env TEST_PASSES_SANITIZE_LEAK false + then + skip_all="skipping $this_test under GIT_TEST_PASSING_SANITIZE_LEAK=true" + test_done + fi + fi +elif test_bool_env GIT_TEST_PASSING_SANITIZE_LEAK false +then + error "GIT_TEST_PASSING_SANITIZE_LEAK=true has no effect except when compiled with SANITIZE=leak" +fi + # Last-minute variable setup HOME="$TRASH_DIRECTORY" GNUPGHOME="$HOME/gnupg-home-not-used"
While git can be compiled with SANITIZE=leak we have not run regression tests under that mode, memory leaks have only been fixed as one-offs without structured regression testing. This change add CI testing for it. We'll now build with GCC under Linux and test t000[04]*.sh with SANITIZE=leak, and likewise with GCC on OSX. The new jobs are called "linux-SANITIZE=leak" and "osx-SANITIZE=leak". The CI target uses a new GIT_TEST_PASSING_SANITIZE_LEAK=true test mode. When running in that mode, we'll assert that we were compiled with SANITIZE=leak, and then skip all tests except those that we've opted-in by setting "TEST_PASSES_SANITIZE_LEAK=true" before sourcing test-lib.sh (see discussion in t/README). The tests using the "TEST_PASSES_SANITIZE_LEAK=true" setting can in turn make use of the "SANITIZE_LEAK" prerequisite, should they wish to selectively skip tests even under "GIT_TEST_PASSING_SANITIZE_LEAK=true". In a preceding commit we started doing this in "t0004-unwritable.sh" under SANITIZE=leak, now it'll combine nicely with "GIT_TEST_PASSING_SANITIZE_LEAK=true". Now tests that don't set "TEST_PASSES_SANITIZE_LEAK=true" will be skipped under GIT_TEST_PASSING_SANITIZE_LEAK=true: $ GIT_TEST_PASSING_SANITIZE_LEAK=true ./t0001-init.sh 1..0 # SKIP skip all tests in t0001 under SANITIZE=leak, TEST_PASSES_SANITIZE_LEAK not set The intent is to add more TEST_PASSES_SANITIZE_LEAK=true annotations as follow-up change, but let's start small to begin with. It would also be possible to implement a more lightweight version of this by only relying on setting "LSAN_OPTIONS". See <YS9OT/pn5rRK9cGB@coredump.intra.peff.net>[1] and <YS9ZIDpANfsh7N+S@coredump.intra.peff.net>[2] for a discussion of that. I've opted for this approach of adding a GIT_TEST_* mode instead because it's consistent with how we handle other special test modes. Being able to add a "!SANITIZE_LEAK" prerequisite and calling "test_done" early if it isn't satisfied also means that we can more incrementally add regression tests without being forced to fix widespread and hard-to-fix leaks at the same time. We have tests that do simple checking of some tool we're interested in, but later on in the script might be stressing trace2, or common sources of leaks like "git log" in combination with the tool (e.g. the commit-graph tests). To be clear having a prerequisite could also be accomplished by using "LSAN_OPTIONS" directly. On the topi of "LSAN_OPTIONS": It would be nice to have a mode to aggregate all failures in our various scripts, see [2] for a start at doing that which sets "log_path" in "LSAN_OPTIONS". I've punted on that for now, it can be added later, and that proposed patch is also hindered by us wanting to test e.g. test-tool leaks (and by proxy, any API leaks they uncover), not just the "common-main.c" entry point. As of writing this we've got major regressions between master..seen, i.e. the t000*.sh tests and more fixed since 31f9acf9ce2 (Merge branch 'ah/plugleaks', 2021-08-04) have regressed recently. See the discussion at <87czsv2idy.fsf@evledraar.gmail.com> about the lack of this sort of test mode, and 0e5bba53af (add UNLEAK annotation for reducing leak false positives, 2017-09-08) for the initial addition of SANITIZE=leak. See also 09595ab381 (Merge branch 'jk/leak-checkers', 2017-09-19), 7782066f67 (Merge branch 'jk/apache-lsan', 2019-05-19) and the recent 936e58851a (Merge branch 'ah/plugleaks', 2021-05-07) for some of the past history of "one-off" SANITIZE=leak (and more) fixes. The reason for using gcc on OSX over the clang default is because it'll currently fail to build with: clang: error: unsupported option '-fsanitize=leak' for target 'x86_64-apple-darwin19.6.0' If that's sorted out in the future we might want to run that job with "clang" merely to make use of the default, and also to add some compiler variance into the mix. Both use the "AddressSanitizerLeakSanitizer" library[3], so in they shouldn't be have differently under GCC or clang. 1. https://github.com/google/sanitizers/wiki/AddressSanitizerLeakSanitizer 2. https://lore.kernel.org/git/YS9OT%2Fpn5rRK9cGB@coredump.intra.peff.net/ 3. https://lore.kernel.org/git/YS9ZIDpANfsh7N+S@coredump.intra.peff.net/ Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> --- .github/workflows/main.yml | 6 ++++++ ci/install-dependencies.sh | 6 +++--- ci/lib.sh | 15 +++++++++++---- ci/run-build-and-tests.sh | 2 +- t/README | 7 +++++++ t/t0000-basic.sh | 1 + t/t0004-unwritable.sh | 1 + t/test-lib.sh | 20 ++++++++++++++++++++ 8 files changed, 50 insertions(+), 8 deletions(-)