ci: Add missing linux-headers package to ASan task

MarcoFalke · MarcoFalke · commit fa474397b5d4 · 2023-08-01T17:33:36.000+02:00
Otherwise the task will throw in skip_if_no_python_bcc.

Also, adjust CI_CONTAINER_CAP for all needed permissions.
diff --git a/.cirrus.yml b/.cirrus.yml
@@ -273,6 +273,10 @@ task:
 
 task:
   name: '[ASan + LSan + UBSan + integer, no depends, USDT] [lunar]'
+  enable_bpfcc_script:
+    # In the image build step, no external environment variables are available,
+    # so any settings will need to be written to the settings env file:
+    - sed -i "s|\${CIRRUS_CI}|true|g" ./ci/test/00_setup_env_native_asan.sh
   << : *GLOBAL_TASK_TEMPLATE
   persistent_worker:
     labels:
diff --git a/ci/test/00_setup_env_native_asan.sh b/ci/test/00_setup_env_native_asan.sh
@@ -8,9 +8,11 @@ export LC_ALL=C.UTF-8
 
 # Only install BCC tracing packages in Cirrus CI.
 if [[ "${CIRRUS_CI}" == "true" ]]; then
-  export BPFCC_PACKAGE="bpfcc-tools"
+  BPFCC_PACKAGE="bpfcc-tools linux-headers-$(uname --kernel-release)"
+  export CI_CONTAINER_CAP="--privileged -v /sys/kernel:/sys/kernel:rw"
 else
-  export BPFCC_PACKAGE=""
+  BPFCC_PACKAGE=""
+  export CI_CONTAINER_CAP="--cap-add SYS_PTRACE"  # If run with (ASan + LSan), the container needs access to ptrace (https://github.com/google/sanitizers/issues/764)
 fi
 
 export CONTAINER_NAME=ci_native_asan
diff --git a/ci/test/00_setup_env_native_fuzz.sh b/ci/test/00_setup_env_native_fuzz.sh
@@ -14,6 +14,7 @@ export RUN_UNIT_TESTS=false
 export RUN_FUNCTIONAL_TESTS=false
 export RUN_FUZZ_TESTS=true
 export GOAL="install"
+export CI_CONTAINER_CAP="--cap-add SYS_PTRACE"  # If run with (ASan + LSan), the container needs access to ptrace (https://github.com/google/sanitizers/issues/764)
 export BITCOIN_CONFIG="--enable-fuzz --with-sanitizers=fuzzer,address,undefined,float-divide-by-zero,integer \
 CC='clang-16 -ftrivial-auto-var-init=pattern' CXX='clang++-16 -ftrivial-auto-var-init=pattern'"
 export CCACHE_MAXSIZE=200M
diff --git a/ci/test/04_install.sh b/ci/test/04_install.sh
@@ -18,9 +18,6 @@ export ASAN_OPTIONS="detect_stack_use_after_return=1:check_initialization_order=
 export LSAN_OPTIONS="suppressions=${BASE_ROOT_DIR}/test/sanitizer_suppressions/lsan"
 export TSAN_OPTIONS="suppressions=${BASE_ROOT_DIR}/test/sanitizer_suppressions/tsan:halt_on_error=1:log_path=${BASE_SCRATCH_DIR}/sanitizer-output/tsan"
 export UBSAN_OPTIONS="suppressions=${BASE_ROOT_DIR}/test/sanitizer_suppressions/ubsan:print_stacktrace=1:halt_on_error=1:report_error_type=1"
-if [[ $BITCOIN_CONFIG = *--with-sanitizers=*address* ]]; then # If ran with (ASan + LSan), Docker needs access to ptrace (https://github.com/google/sanitizers/issues/764)
-  CI_CONTAINER_CAP="--cap-add SYS_PTRACE"
-fi
 
 if [ -z "$DANGER_RUN_CI_ON_HOST" ]; then
   # Export all env vars to avoid missing some.
