Add address sanitizer build to travis-ci

[czchen]

Add address sanitizer build to travis-ci. Currently it fails because there is an illegal memory access detected by address sanitizer. I am not sure how to setup llvm-symbolizer in travis-ci, so currently it cannot show line number when error detected.

[czchen]

Look like we can setup llvm-symbolizer using https://github.com/travis-ci/travis-ci/issues/2262. Studying now.

[czchen]

Need to fix this global-buffer-overflow problem.

==9522==ERROR: AddressSanitizer: global-buffer-overflow on address 0x00000049e03f at pc 0x2b0221545aa4 bp 0x7fff8836f7a0 sp 0x7fff8836f798
READ of size 1 at 0x00000049e03f thread T0
    #0 0x2b0221545aa3 in inside_slug /home/travis/build/czchen/r3/src/str.c:59
    #1 0x2b0221544aa8 in r3_tree_insert_pathl_ /home/travis/build/czchen/r3/src/node.c:450
    #2 0x4846c8 in testr3_tree_insert_pathl /home/travis/build/czchen/r3/tests/check_tree.c:189
    #3 0x48ad80 in srunner_run_all (/home/travis/build/czchen/r3/tests/.libs/lt-check_tree+0x48ad80)
    #4 0x48848f in main /home/travis/build/czchen/r3/tests/check_tree.c:763
    #5 0x2b02222b976c (/lib/x86_64-linux-gnu/libc.so.6+0x2176c)
    #6 0x483f4c in _start (/home/travis/build/czchen/r3/tests/.libs/lt-check_tree+0x483f4c)

[coveralls]

Coverage remained the same when pulling 298bd24237a07c985479f49c6205d3caa822b1b5 on czchen:feature/asan into ceb615335b25afb794e86163c3696ae6691c98bf on c9s:master.

[c9s]

Can we fix it?

[c9s]

Does 33eea25 fix this overflow error?

[czchen]

Rebasing now.

[czchen]

Still have problem.

I guess the problem happens when offset in inside_slug already point to the invalid address. In this situation, s2 is not updated by second while loop, and the if statement if ( *s1 == '{' && *s2 == '}' ) { will cause illegal memory address.

[c9s]

In the real use case, the offset will be in the string (needle). won’t be a invalid address pointer.

maybe it could be safer if we do extra checks.

On May 21, 2014, at 20:47, ChangZhuo Chen (陳昌倬) notifications@github.com wrote:

Still have problem.

I guess the problem happens when offset in inside_slug already point to the invalid address. In this situation, s2 is not updated by second while loop, and the if statement if ( s1 == '{' && s2 == '}' ) { will cause illegal memory address.

— Reply to this email directly or view it on GitHub.

[coveralls]

Coverage remained the same when pulling e5209aa31aa0d2429ffdcd5d4627276ac39ca057 on czchen:feature/asan into 33eea2592690a59bf4d103133fa158b8f18b8bb7 on c9s:master.

[czchen]

The issue is cause by s1 underflow.

Whe s1 == needle, the first while loop runs last time. In the while loop, s1-- set s1 to invalid address.

But there still another issue remain.

pcre: no match
Benchmarking...
92%: Checks: 14, Failures: 0, Errors: 1
check_tree.c:717:E:testcase:benchmark_str:0: (after this point) Test timeout expired
FAIL: check_tree
Running suite(s): slug test
100%: Checks: 7, Failures: 0, Errors: 0
PASS: check_slug

[c9s]

Perhaps we need a found flag for them XD

[c9s]

See if this commit 45690da works ?

[coveralls]

Coverage increased (+0.23%) when pulling bd95ce9355f1506eb02e20a6f7ae44107de71847 on czchen:feature/asan into e7aaaac63f2b9499f0a4e4600f6b74f129194afa on c9s:master.

[czchen]

Underflow issue is solved by the patch. But Test timeout expired remains.

pcre: no match
Benchmarking...
92%: Checks: 14, Failures: 0, Errors: 1
check_tree.c:717:E:testcase:benchmark_str:0: (after this point) Test timeout expired
FAIL: check_tree
Running suite(s): slug test
100%: Checks: 7, Failures: 0, Errors: 0

[c9s]

Pretty weird

[c9s]

I encountered the timeout issue sometime today, i think it might be caused by segment fault in other test cases

[c9s]

I think it's caused by the timeout setting of check. it can be fixed by tcase_set_timeout(tcase, 30);

[c9s]

Fixed and Merged!