PG-1465 Add ASAN and UBSAN sanitizers

[artemgavrilov]

https://perconadev.atlassian.net/browse/PG-1465

This PR adds CI workflow with ASAN(including LSAN) and UBSAN sanitizers. To make this workflow pass it required to modify couple tests that were affected by sanitizers influence. Running check-world takes 46 minutes, so it looks like overkill for workflow that we will run for every PR. Because of that I ended with pg_tde tests + PG regression tests.

One real issue were found with sanitizers in tde_keyring.c file (access uninitialized pointer)

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 80.07%. Comparing base (7f2f26e) to head (5b7c987).

❌ Your project status has failed because the head coverage (80.07%) is below the target coverage (90.00%). You can increase the head coverage or adjust the target coverage.

Additional details and impacted files

@@                Coverage Diff                 @@
##           TDE_REL_17_STABLE     #285   +/-   ##
==================================================
  Coverage              80.07%   80.07%           
==================================================
  Files                     22       22           
  Lines                   2569     2570    +1     
  Branches                 402      403    +1     
==================================================
+ Hits                    2057     2058    +1     
  Misses                   434      434           
  Partials                  78       78           

Components	Coverage Δ
access	83.06% <ø> (ø)
catalog	87.57% <ø> (ø)
common	92.42% <ø> (ø)
encryption	71.90% <ø> (ø)
keyring	72.07% <ø> (ø)
src	64.60% <ø> (ø)
smgr	97.08% <ø> (+0.02%)	⬆️
transam	∅ <ø> (∅)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[AndersAstrand]

we should maybe use palloc0_object() here instead so that everything is null by default?

[artemgavrilov]

Yep, make sense. Changed.

[dutow]

can we create a ticket/tickets about this? Some of these supressions definitely seem like issues.

[artemgavrilov]

Most of them are not real issues, but "design features" or just allocation functions. I used timescale as a reference and they mute the same things: https://github.com/timescale/timescaledb/blob/main/scripts/suppressions/suppr_leak.txt

But I'm agree that this list should be reviewed. Probably some mutes scope can be reduced. Here is the ticket: https://perconadev.atlassian.net/browse/PG-1588

[jeltz]

The kmip.c one is likely to be an actual bug. But, yeah, that can be outside the scope of this PR:

[dutow]

Yes, and strdup also seems to be a possible issue, or at least it can hide possible issues, as it suppresses any leaked strings created by strdup - even if it's a leak in postgres itself, we should look at that.

[jeltz]

Is there a reason why you disable inlining? LLVM's documentation says nothing about that as far as I can see.

https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#stack-traces-and-report-symbolization

[dutow]

https://clang.llvm.org/docs/AddressSanitizer.html#usage

To get a reasonable performance add -O1 or higher. To get nicer stack traces in error messages add -fno-omit-frame-pointer. To get perfect stack traces you may need to disable inlining (just use -O1) and tail call elimination (-fno-optimize-sibling-calls).

[artemgavrilov]

This is for ASAN. BTW it looks like it's worth to add -fno-optimize-sibling-calls as well.

[jeltz]

What is the best practices about optimization and sanitizers? Our production build will be -O2 but maybe that fucks up sanitizers.

[artemgavrilov]

I didn't see information that -O2 could harm sanitizer checks, however lower optimization levels simplify report reviews. I hope there should be no difference between -O0 and -O2 in terms of leaks and UBs, am I wrong?

[Andriciuc]

Approved for contribute and contributing changes to docs