Skip to content

feat(#459): Add ASan + TSan CI gates for mutex and buffer safety#498

Merged
justinjoy merged 6 commits intomainfrom
feat/issue-459-tsan-ci
Apr 13, 2026
Merged

feat(#459): Add ASan + TSan CI gates for mutex and buffer safety#498
justinjoy merged 6 commits intomainfrom
feat/issue-459-tsan-ci

Conversation

@justinjoy
Copy link
Copy Markdown
Collaborator

@justinjoy justinjoy commented Apr 13, 2026

Summary

Implements Issue #459: ASan + TSan CI gates for comprehensive mutex and buffer safety validation.

Addresses Issue #446 (user-defined I/O adapters) by adding:

  • TSan CI job: Validates I/O adapter registry mutex safety and workqueue thread synchronization
  • Concurrent stress tests: Registry under simultaneous register/find/unregister operations
  • Error-path ASan tests: Buffer ownership validation under allocation failures
  • Windows race fix: Corrects CRITICAL_SECTION initialization order race
  • Documentation: Adapter lifetime contract and thread safety guarantees

Test Plan

  • ASan suite passes (134/134 tests)
  • TSan suite passes (134/134 tests)
  • New concurrent I/O adapter registry stress test passes (3 scenarios, 8 threads x 2000 iterations)
  • New error-path ASan tests pass (10 boundary/error scenarios)
  • No regressions in existing tests
  • CI gates (PR = blocking, main = monitoring) configured correctly
  • Windows CRITICAL_SECTION init race resolved

Commits

  1. afbf114 - feat([NEW] ASan + TSan CI gates as discrete jobs #459): Add TSan CI gate to ci-pr.yml (blocking)
  2. 15099af - feat([NEW] ASan + TSan CI gates as discrete jobs #459): Add TSan monitoring job to ci-main.yml (non-blocking)
  3. f109575 - test([NEW] ASan + TSan CI gates as discrete jobs #459): Add concurrent I/O adapter registry stress test
  4. cbd83d6 - test([NEW] ASan + TSan CI gates as discrete jobs #459): Add mock-adapter error-path tests for ASan
  5. e3762ee - docs([NEW] ASan + TSan CI gates as discrete jobs #459): Document adapter lifetime contract and thread safety
  6. 8a2b304 - fix([NEW] ASan + TSan CI gates as discrete jobs #459): Fix Windows ensure_builtins() CRITICAL_SECTION init race

Verification

  • Code review: 6/6 APPROVE
  • Verifier: PASS (all gates clear)
  • Local testing: ASan 134/134, TSan 134/134

@justinjoy
feat(#459): Add TSan CI gate to ci-pr.yml
afbf114 
Configure separate TSan build with -Db_sanitize=thread for PR merge gate.
Validates mutex safety in I/O adapter registry and workqueue.
Linux GCC and Clang only (TSan/ASan mutually exclusive).
@justinjoy
feat(#459): Add TSan monitoring job to ci-main.yml
15099af 
Add non-blocking TSan job (continue-on-error: true) for Linux GCC and Clang.
Monitors thread safety on main branch pushes without blocking merges.
TSan and ASan are mutually exclusive; separate job avoids flag conflicts.
@justinjoy
test(#459): Add concurrent I/O adapter registry stress test
f109575 
Three scenarios under TSan: concurrent find (8 threads x 2000 iters),
concurrent register/unregister (8 threads each owning a unique scheme),
and mixed readers+writers (4 find + 4 reg/unreg threads simultaneously).
Exercises mutex safety in the 32-slot registry. POSIX only; skipped on Windows.
@justinjoy
test(#459): Add mock-adapter error-path tests for ASan
cbd83d6 
Ten boundary/error scenarios: NULL adapter, NULL scheme, NULL find/unregister,
ABI mismatch, max-length scheme boundary (63 chars), overlong scheme safe
truncation, registry-full overflow, unregister nonexistent, error-string
cleared after success. ASan catches out-of-bounds writes on internal
scheme copy; UBSan catches NULL deref on error paths.
@justinjoy
docs(#459): Document adapter lifetime contract and thread safety in i…
e3762ee 
…o_adapter.h

Add inline documentation for the Registration API covering:
- Adapter pointer lifetime (must outlive unregister/process exit)
- Scheme string is copied internally at registration (safe to reuse after)
- Thread safety guarantee (mutex-guarded; validated by TSan CI gate)
- Error reporting contract (thread-local buffer, cleared on success)
- Return value summary for all three public functions
@justinjoy
fix(#459): Fix Windows ensure_builtins() CRITICAL_SECTION init race
8a2b304 
Replace single-phase flag (0=uninit, 1=ready) with two-phase protocol:
  0 -> 1: winning thread claims init via InterlockedCompareExchange
  1 -> 2: winning thread sets done only after mutex_init() returns

Competing threads spin on SwitchToThread() until phase 2 is visible.
Previously, a second thread could see flag=1 and call mutex_lock()
on a CRITICAL_SECTION that had not yet been initialised by the winner.
@justinjoy justinjoy merged commit d1a0642 into main Apr 13, 2026
7 checks passed
@justinjoy justinjoy deleted the feat/issue-459-tsan-ci branch April 13, 2026 14:37
@justinjoy justinjoy linked an issue Apr 13, 2026 that may be closed by this pull request
[NEW] ASan + TSan CI gates as discrete jobs #459
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[NEW] ASan + TSan CI gates as discrete jobs

1 participant

@justinjoy