Harden scrape rendering and add AddressSanitizer test suite

Move all heap allocation out of the slab-mutex critical section in render_prom/render_json: snapshot cardinality under a brief lock, allocate aggs/snaps/string tables outside the lock, then re-acquire only to deep-copy strings and walk the LRU into the pre-allocated buffers. A worker crash during output buffer allocation can no longer leave the shared-memory zone locked, and a corrupt cardinality count is caught by a 10k sanity cap rather than causing a runaway ngx_pcalloc. Add build-asan and tests/02-asan/: a full sanitizer-instrumented nginx + module built via apt-source, and a 2-node containerlab Robot suite that drives reload storms, concurrent scrape-during-reload, and intern-table growth, failing if AddressSanitizer or UBSan reports anything on stderr. The two Robot suites now check for their required build artifacts up front so `make robot-test` no longer rebuilds them on every invocation. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-18 10:58:51 +02:00
parent cdcbb07c9a
commit fdef2a552b
8 changed files with 746 additions and 232 deletions
--- a/tests/02-asan/lab/server/nginx.conf
+++ b/tests/02-asan/lab/server/nginx.conf
@@ -0,0 +1,50 @@
+# SPDX-License-Identifier: Apache-2.0
+# Minimal nginx config for the ASan test suite. Exercises the code paths
+# most likely to surface memory errors: shared-zone init/reload, the
+# scrape renderer (under slab mutex), the log-phase handler's interning,
+# and logtail UDP buffering.
+
+load_module /opt/nginx-asan/modules/ngx_http_ipng_stats_module.so;
+
+daemon off;
+master_process on;
+worker_processes 2;
+pid /tmp/nginx.pid;
+error_log /tmp/nginx.err info;
+
+events {
+    worker_connections 128;
+}
+
+http {
+    access_log off;
+    ipng_stats_zone ipng:1m;
+    ipng_stats_flush_interval 300ms;
+    ipng_stats_default_source direct;
+
+    log_format logtail '$remote_addr\t$request_method\t$request_uri\t$status';
+    ipng_stats_logtail logtail udp://127.0.0.1:9514 buffer=4k flush=300ms;
+
+    server {
+        # Mgmt scrape endpoint.
+        listen 172.20.41.2:9113;
+
+        location = /stats {
+            ipng_stats;
+            allow all;
+        }
+    }
+
+    server {
+        # Data plane — client traffic lands here.
+        listen 10.0.1.1:8080 device=eth1 ipng_source_tag=cl1;
+        listen 172.20.41.2:8080;
+
+        location / {
+            return 200 "ok $server_addr\n";
+        }
+        location /notfound {
+            return 404 "nope\n";
+        }
+    }
+}