ci: add asan runs under gcc (aws#4402)

lrstewart · Mar 31, 2024 · 0381567 · 0381567
1 parent 63d56b4
commit 0381567
Showing 1 changed file with 61 additions and 11 deletions.
diff --git a/codebuild/spec/buildspec_asan.yml b/codebuild/spec/buildspec_asan.yml
@@ -18,43 +18,93 @@ version: 0.2
 
 # Codebuild's matrix jobs have non-differentiated names so use batch-list
 # instead.
+
+# Parameter motivation
+
+# COMPILERS
+# We run asan on both gcc and clang because of different features sets for their
+# address sanitizers. Specifically there was a case where GCC was able to detect
+# a memcpy-param-overlap that Clang did not.
+
+# LIBCRYPTOS
+# awslc: happy path libcrypto for s2n-tls
+# openssl 3: s2n-tls takes different code paths for ossl3, so make sure we run 
+#            asan on it. See pr 4033 for a historical motivating example.
+# openssl 1.1.1: a widely deployed version of openssl.
+# openssl 1.0.2: the default libcrypto on AL2, and AL2 is still widely deployed.
+
+# CMAKE_BUILD_TYPE
+# RelWithDebInfo: This instructs CMake to do all optimizations (Rel -> Release)
+# along with debug info (DebInfo). Debug info is necessary to get line numbers 
+# in the stack traces that ASAN reports.
 batch:
   build-list:
-    # awslc is the happy path libcrypto for s2n-tls
-    - identifier: awslc
+    - identifier: clang_awslc
+      env:
+        compute-type: BUILD_GENERAL1_LARGE
+        variables:
+          S2N_LIBCRYPTO: awslc
+          COMPILER: clang
+    - identifier: clang_openssl_3_0
+      env:
+        compute-type: BUILD_GENERAL1_LARGE
+        variables:
+          S2N_LIBCRYPTO: openssl-3.0
+          COMPILER: clang
+    - identifier: clang_openssl_1_1_1
+      env:
+        compute-type: BUILD_GENERAL1_LARGE
+        variables:
+          S2N_LIBCRYPTO: openssl-1.1.1
+          COMPILER: clang
+    - identifier: clang_openssl_1_0_2
+      env:
+        compute-type: BUILD_GENERAL1_LARGE
+        variables:
+          S2N_LIBCRYPTO: openssl-1.0.2
+          COMPILER: clang
+    - identifier: gcc_awslc
       env:
         compute-type: BUILD_GENERAL1_LARGE
         variables:
           S2N_LIBCRYPTO: awslc
-    # s2n-tls takes different code paths for ossl3, so make sure we run asan on
-    # it. See pr 4033 for a historical motivating example.
-    - identifier: openssl_3_0
+          COMPILER: gcc
+    - identifier: gcc_openssl_3_0
       env:
         compute-type: BUILD_GENERAL1_LARGE
         variables:
           S2N_LIBCRYPTO: openssl-3.0
-    # openssl 1.1.1 is a widely deployed version of openssl.
-    - identifier: openssl_1_1_1
+          COMPILER: gcc
+    - identifier: gcc_openssl_1_1_1
       env:
         compute-type: BUILD_GENERAL1_LARGE
         variables:
           S2N_LIBCRYPTO: openssl-1.1.1
-    # openssl 1.0.2 is the default distributed on AL2, and AL2 is still widely
-    # deployed
-    - identifier: openssl_1_0_2
+          COMPILER: gcc
+    - identifier: gcc_openssl_1_0_2
       env:
         compute-type: BUILD_GENERAL1_LARGE
         variables:
           S2N_LIBCRYPTO: openssl-1.0.2
+          COMPILER: gcc
 
 phases:
+  pre_build:
+    commands:
+      - |
+        if [ -d "third-party-src" ]; then
+          cd third-party-src;
+          ln -s /usr/local $CODEBUILD_SRC_DIR/third-party-src/test-deps;
+        fi
+      - /usr/bin/$COMPILER --version
   build:
     on-failure: ABORT
     commands:
       - |
         cmake . -Bbuild \
-          -DCMAKE_C_COMPILER=/usr/bin/clang \
+          -DCMAKE_C_COMPILER=/usr/bin/$COMPILER \
           -DCMAKE_PREFIX_PATH=/usr/local/$S2N_LIBCRYPTO \
+          -DCMAKE_BUILD_TYPE=RelWithDebInfo \
           -DASAN=ON
       - cmake --build ./build -- -j $(nproc)
   post_build: