Add ASAN and UBSAN stages to CI, fix various errors [AP-1386] (#1403)

# Description

@swift-nav/devinfra

Add bazel config to build with ASAN, UBSAN, TSAN, or MSAN

Add CI stages to run tests with ASAN and UBSAN. The other sanitizers
aren't important to run regularly given the nature of code in this
repository, but they exist for consistency with other projects and to
enable manually running those sanitizer if required

A couple of fixes to problems in code which were discovered by the
sanitizer. No breaking changes though

# API compatibility

No

## API compatibility plan

No

# JIRA Reference

https://swift-nav.atlassian.net/browse/AP-1386

.bazelrc

@@ -1,4 +1,97 @@
+# Causes the build to default to the custom toolchain
+build --incompatible_enable_cc_toolchain_resolution
+
 build --action_env=BAZEL_CXXOPTS='-std=c++14'
 
 build:clang-tidy --aspects @rules_swiftnav//clang_tidy:clang_tidy.bzl%clang_tidy_aspect
 build:clang-tidy --output_groups=report
+
+# Shared sanitizer configuration
+common:sanitize -c dbg
+common:sanitize --cxxopt=-g3
+common:sanitize --copt=-g3
+common:sanitize --linkopt=-g3
+#common:sanitize --cxxopt=-O1
+#common:sanitize --copt=-O1
+#common:sanitize --linkopt=-O1
+common:sanitize --cxxopt=-fno-omit-frame-pointer
+common:sanitize --copt=-fno-omit-frame-pointer
+common:sanitize --linkopt=-fno-omit-frame-pointer
+common:sanitize --@rules_swiftnav//cc:enable_symbolizer=true
+
+# Sanitizer overhead can cause some functions to become so large that
+# the compiler falls back to a linear register allocator.  This
+# shouldn't cause a sanitizer build to fail.
+common:sanitize --cxxopt=-Wno-error=disabled-optimization
+common:sanitize --copt=-Wno-error=disabled-optimization 
+common:sanitize --linkopt=-Wno-error=disabled-optimization
+# https://github.com/bazelbuild/bazel/issues/12797#issuecomment-980641064
+common:sanitize --linkopt='-fsanitize-link-c++-runtime'
+common:sanitize --cxxopt=-fPIC
+common:sanitize --copt=-fPIC
+common:sanitize --linkopt=-fPIC
+
+# Address sanitizer
+common:asan --config=sanitize
+common:asan --cxxopt=-fsanitize=address
+common:asan --copt=-fsanitize=address
+common:asan --linkopt=-fsanitize=address
+common:asan --cxxopt=-fno-optimize-sibling-calls
+common:asan --copt=-fno-optimize-sibling-calls
+common:asan --linkopt=-fno-optimize-sibling-calls
+common:asan --platform_suffix=asan
+
+# Undefined behavior sanitizer
+common:ubsan --config=sanitize
+common:ubsan --cxxopt=-fsanitize=undefined
+common:ubsan --copt=-fsanitize=undefined
+common:ubsan --linkopt=-fsanitize=undefined
+common:ubsan --cxxopt=-fno-sanitize-recover=all
+common:ubsan --copt=-fno-sanitize-recover=all
+common:ubsan --linkopt=-fno-sanitize-recover=all
+common:ubsan --cxxopt=-fsanitize=local-bounds
+common:ubsan --copt=-fsanitize=local-bounds
+common:ubsan --linkopt=-fsanitize=local-bounds
+common:ubsan --@rules_swiftnav//cc:enable_rtti=true
+# Unfortunately the current build setup doesn't seem to provide stack
+# frame names using clang++ and llvm-symbolizer.  (This was also the
+# case in cmake, but the default of g++ there _did_ provide frame
+# names in backtraces.)
+test:ubsan --action_env="UBSAN_OPTIONS=print_stacktrace=1"
+run:ubsan --action_env="UBSAN_OPTIONS=print_stacktrace=1"
+# vptr sanitizer is horribly broken to the point of throwing false positives at a
+# rate that suppressions or an ignore list are impractical.
+common:ubsan --cxxopt=-fno-sanitize=vptr
+common:ubsan --linkopt=-fno-sanitize=vptr
+common:ubsan --platform_suffix=ubsan
+
+# Dynamic memory sanitizer
+#
+# Warning: takes an incredible amount of space!  Try testing only one
+# target at a time.
+common:msan --config=sanitize
+common:msan --cxxopt=-fsanitize=memory
+common:msan --copt=-fsanitize=memory
+common:msan --linkopt=-fsanitize=memory
+common:msan --cxxopt=-fsanitize-memory-track-origins=2
+common:msan --copt=-fsanitize-memory-track-origins=2
+common:msan --linkopt=-fsanitize-memory-track-origins=2
+common:msan --cxxopt=-fsanitize-memory-use-after-dtor
+common:msan --copt=-fsanitize-memory-use-after-dtor
+common:msan --linkopt=-fsanitize-memory-use-after-dtor
+common:msan --platform_suffix=msan
+
+# > Currently, ThreadSanitizer symbolizes its output using an external
+# > addr2line process (this will be fixed in future).
+#
+# https://clang.llvm.org/docs/ThreadSanitizer.html#usage
+common:tsan --config=sanitize
+common:tsan --cxxopt=-fsanitize=thread
+common:tsan --copt=-fsanitize=thread
+common:tsan --linkopt=-fsanitize=thread
+common:tsan --platform_suffix=tsan
+
+# Helpful aliases
+common:asan_ubsan --config=asan
+common:asan_ubsan --config=ubsan
+common:ubsan_asan --config=asan_ubsan

.github/workflows/c.yaml

@@ -140,15 +140,60 @@ jobs:
       - uses: actions/checkout@v2
         with:
           submodules: recursive
-      - name: Install Bazel
+
+      - uses: bazelbuild/setup-bazelisk@v2
+
+      - name: Mount bazel cache
+        uses: actions/cache@v1
+        with:
+          path: "~/.cache/bazel"
+          key: bazel
+
+      - name: Bazel Build & Test
         run: |
-          curl -LO "https://github.com/bazelbuild/bazelisk/releases/download/v1.15.0/bazelisk-linux-amd64"
-          mkdir -p "${GITHUB_WORKSPACE}/bin/"
-          mv bazelisk-linux-amd64 "${GITHUB_WORKSPACE}/bin/bazel"
-          chmod +x "${GITHUB_WORKSPACE}/bin/bazel"
+          bazel test //...
+
+
+  asan:
+    name: ASAN
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          submodules: recursive
+
+      - uses: bazelbuild/setup-bazelisk@v2
+
+      - name: Mount bazel cache
+        uses: actions/cache@v1
+        with:
+          path: "~/.cache/bazel"
+          key: bazel
+
+      - name: Bazel Build & Test
+        run: |
+          bazel test --config=asan //...
+
+
+  ubsan:
+    name: UBSAN
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          submodules: recursive
+
+      - uses: bazelbuild/setup-bazelisk@v2
+
+      - name: Mount bazel cache
+        uses: actions/cache@v1
+        with:
+          path: "~/.cache/bazel"
+          key: bazel
+
       - name: Bazel Build & Test
         run: |
-          ${GITHUB_WORKSPACE}/bin/bazel test //...
+          bazel test --config=ubsan //...
 
 
   windows-2019:

WORKSPACE.bazel

@@ -4,10 +4,20 @@ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
 
 http_archive(
     name = "rules_swiftnav",
-    strip_prefix = "rules_swiftnav-82e89313fc0c2046a2b19d4a4da5167a88f5da3f",
-    url = "https://github.com/swift-nav/rules_swiftnav/archive/82e89313fc0c2046a2b19d4a4da5167a88f5da3f.tar.gz",
+    strip_prefix = "rules_swiftnav-cb82c790d50dd87f301df67b710161906dafb0c2",
+    url = "https://github.com/swift-nav/rules_swiftnav/archive/cb82c790d50dd87f301df67b710161906dafb0c2.tar.gz",
 )
 
+load(
+    "@rules_swiftnav//cc:repositories.bzl",
+    "register_swift_cc_toolchains",
+    "swift_cc_toolchain",
+)
+
+swift_cc_toolchain()
+
+register_swift_cc_toolchains()
+
 http_archive(
     name = "rules_foreign_cc",
     strip_prefix = "rules_foreign_cc-c65e8cfbaa002bcd1ce9c26e9fec63b0b866c94b",

c/test/cpp/auto_check_sbp_acquisition_MsgAcqResult.cc

@@ -340,7 +340,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResult0 : public ::testing::Test {
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;

c/test/cpp/auto_check_sbp_acquisition_MsgAcqResultDepA.cc

@@ -346,7 +346,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepA0
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -1126,7 +1126,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepA1
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -1906,7 +1906,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepA2
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -2686,7 +2686,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepA3
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -3466,7 +3466,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepA4
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -4246,7 +4246,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepA5
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;

c/test/cpp/auto_check_sbp_acquisition_MsgAcqResultDepB.cc

@@ -348,7 +348,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepB0
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -1142,7 +1142,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepB1
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -1936,7 +1936,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepB2
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -2730,7 +2730,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepB3
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -3524,7 +3524,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepB4
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;

c/test/cpp/auto_check_sbp_acquisition_MsgAcqResultDepC.cc

@@ -348,7 +348,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepC0
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -1142,7 +1142,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepC1
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -1936,7 +1936,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepC2
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -2730,7 +2730,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepC3
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -3524,7 +3524,7 @@ class Testauto_check_sbp_acquisition_MsgAcqResultDepC4
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;

c/test/cpp/auto_check_sbp_acquisition_MsgAcqSvProfile.cc

@@ -383,7 +383,7 @@ class Testauto_check_sbp_acquisition_MsgAcqSvProfile0 : public ::testing::Test {
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;

c/test/cpp/auto_check_sbp_acquisition_MsgAcqSvProfileDep.cc

@@ -387,7 +387,7 @@ class Testauto_check_sbp_acquisition_MsgAcqSvProfileDep0
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;

c/test/cpp/auto_check_sbp_bootload_MsgBootloaderHandshakeReq.cc

@@ -345,7 +345,7 @@ class Testauto_check_sbp_bootload_MsgBootloaderHandshakeReq0
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;

c/test/cpp/auto_check_sbp_bootload_MsgBootloaderHandshakeResp.cc

@@ -354,7 +354,7 @@ class Testauto_check_sbp_bootload_MsgBootloaderHandshakeResp0
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;
@@ -1296,7 +1296,7 @@ class Testauto_check_sbp_bootload_MsgBootloaderHandshakeResp1
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;

c/test/cpp/auto_check_sbp_bootload_MsgBootloaderJumptoApp.cc

@@ -345,7 +345,7 @@ class Testauto_check_sbp_bootload_MsgBootloaderJumptoApp0
   template <typename T,
             std::enable_if_t<std::is_integral<T>::value, bool> = true>
   void make_lesser_greater(T &lesser, T &greater) {
-    if (greater == std::numeric_limits<T>::max()) {
+    if (lesser > std::numeric_limits<T>::min()) {
       lesser--;
     } else {
       greater++;