ci: add ASan and UBSan CI jobs#354
Draft
abhinavagarwal07 wants to merge 1 commit into
Draft
Conversation
abhinavagarwal07
force-pushed
the
ci-sanitizers
branch
from
0e710c3 to
bfe262a
Compare
- New sanitizers.yml with separate ASan, UBSan, and ASan+LSan jobs, all built with clang - Uses -Db_sanitize and -Db_lundef=false for proper sanitizer runtime linking - ASan runs with detect_leaks=0 (libfuse teardown false positives); ASan+LSan runs with detect_leaks=1 and continue-on-error: true - Sanitizer logs written to workspace-local log_path files and uploaded as artifacts - Hard-fail FUSE preflight, explicit SSH setup, pytest timeouts, JUnit XML - All actions pinned to Node 24-capable SHAs, runner pinned to ubuntu-24.04
abhinavagarwal07
force-pushed
the
ci-sanitizers
branch
from
bfe262a to
65e657f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
New
sanitizers.ymlwith separate AddressSanitizer, UndefinedBehaviorSanitizer, and ASan+LeakSanitizer jobs, all built with clang using-Db_sanitizeand-Db_lundef=false. All jobs run on every push/PR.Includes SSH setup, hard-fail FUSE preflight, pytest timeouts, JUnit XML, and sanitizer log capture via
log_pathto workspace-local paths (uploaded as artifacts). All actions SHA-pinned to Node 24-capable versions, runner pinned toubuntu-24.04.Suppressed failures:
detect_leaks=0because libfuse teardown leaks cause false positives during FUSE session teardown.detect_leaks=1andcontinue-on-error: true— it surfaces real sshfs leaks without blocking PRs. Promote to required once leaks are fixed.ASan and UBSan catch memory errors and undefined behavior that compilers cannot detect statically. Both should be required PR checks once merged. Leak detection runs separately with
continue-on-errorbecause libfuse's teardown allocations produce false positives; once sshfs-owned leaks are fixed, the LSan job can be promoted to required.A weekly schedule trigger also runs these jobs on master even without pushes, catching regressions from runner image updates or dependency changes that would otherwise go undetected between active development periods.