ci: defer to libsanitizer + filter jit note from parity diff

Two latent CI matrix failures after v0.255.15:

mino's install_crash_handler unconditionally installs SIGSEGV /
SIGABRT / SIGBUS handlers. Under libasan (gcc, Linux) those run
BEFORE libasan's own handlers, so a sanitizer trap produces an
opaque "[mino] fatal SIGSEGV" line with no AddressSanitizer
preamble -- the diagnostic libasan formatted gets swallowed.
Apple clang's ASan on macos was permissive enough not to surface
this. Skip the crash handler entirely when any sanitizer is
built in; the sanitizer's reports are strictly better than
mino's minimal preamble.

test-jit-parity builds four variants and asserts byte-identical
stdout across them. On hosts where the JIT is not available
(every non-arm64-darwin runner: arm64-linux, x86_64-linux, etc),
--jit=on prints a one-line stderr note that the build can't
honor the flag. sh captures stderr via 2>&1, so the note lands
in :out and breaks the diff. Strip it before comparing.

Local release-gate 17/17 green; tests/run.clj 1274/4557 green.

Author: leifericf

CHANGELOG.md

@@ -1,5 +1,52 @@
 # Changelog
 
+## v0.255.16 — Fix: Defer to libsanitizer + filter JIT note from parity diff
+
+Two remaining CI matrix failures after v0.255.15:
+
+- **ubuntu-24.04 (x86_64) ASan SEGV.** mino's `install_crash_handler`
+  unconditionally installs SIGSEGV / SIGABRT / SIGBUS handlers via
+  `sigaction`. Under libasan (gcc) those run BEFORE libasan's own
+  handlers, so a sanitizer-driven trap (red-zone read or any other
+  ASan-flagged access) produces an opaque
+  `[mino] fatal SIGSEGV (signal 11)` line with no `==XXX==ERROR:
+  AddressSanitizer:` preamble -- the actual diagnostic libasan
+  formatted gets swallowed. Apple clang's ASan on macos was permissive
+  enough not to surface this. Skip the crash handler entirely when any
+  sanitizer (ASan / TSan / UBSan) is built in; the sanitizer's
+  reports are strictly better than mino's minimal preamble.
+
+- **ubuntu-24.04-arm jit-parity warning leak.** `test-jit-parity`
+  builds four variants (`--jit=auto`, `--jit=on`, `--jit=off`,
+  `mino-lean`) and asserts every variant's stdout is byte-identical.
+  On hosts where the JIT is not available (every non-arm64-darwin
+  runner in this matrix), `--jit=on` prints a one-line note to stderr
+  that the build can't honor the flag. `sh` captures stderr via
+  `2>&1`, so the note lands in `:out` and breaks the diff. The note
+  is informational and orthogonal to the parity contract (which is
+  about the evaluator's stdout). Strip it before comparing.
+
+### Changes
+
+- `main.c::install_crash_handler`: dual-path early-return when
+  `__has_feature(address_sanitizer)` (clang) or
+  `__SANITIZE_ADDRESS__` / `__SANITIZE_THREAD__` /
+  `__SANITIZE_UNDEFINED__` (gcc).
+- `lib/mino/tasks/builtin.clj::run-parity-variant`: filter the
+  "this build has the JIT compiled out" line out of each variant's
+  `:out` before the byte-identity comparison. Line-based filter
+  because mino's `clojure.string/replace` doesn't accept regex.
+- `src/mino.h`: `MINO_VERSION_PATCH` bumped to 16.
+
+### Verification
+
+- Local `release-gate` 17/17 green.
+- Local `tests/run.clj` 1274 tests / 4557 assertions green.
+- On ubuntu-24.04 x86_64 the v0.255.16 ASan run will either pass
+  (if the previous SEGV was an instrumentation false positive only
+  masked by the handler) or surface the real ASan report (if there
+  IS a real OOB). Either is a step forward from the silent SEGV.
+
 ## v0.255.15 — Fix: Free dyn_frame on eval_try unwind path
 
 With v0.255.14's ASan stack-scan attribute fix letting the ASan

lib/mino/tasks/builtin.clj

@@ -313,10 +313,33 @@
     (apply sh! args)
     (println "  lean build -> mino-lean")))
 
+(def ^:private jit-disabled-warning-prefix
+  "mino: note: this build has the JIT compiled out")
+
+(defn- strip-jit-disabled-warning [s]
+  ;; mino prints a one-line stderr note when --jit=on or MINO_JIT=on is
+  ;; requested on a build/host where the JIT isn't available (e.g. all
+  ;; non-arm64-darwin matrix entries: arm64-linux, x86_64-linux,
+  ;; x86_64-windows). sh captures stderr via 2>&1, so the note lands in
+  ;; the variant's :out and breaks the byte-identity diff against
+  ;; jit-auto (which doesn't trip the warning). The note is informational
+  ;; and not part of the parity contract -- jit-parity is about the
+  ;; runtime evaluator's stdout, not about which CLI flags this build
+  ;; honors. Strip it before comparing.
+  ;;
+  ;; Implemented line-by-line because mino's clojure.string/replace
+  ;; requires a string match; regex matching is unavailable on this path.
+  (if (nil? s)
+    s
+    (str/join "\n"
+              (remove (fn [line]
+                        (str/starts-with? line jit-disabled-warning-prefix))
+                      (str/split s "\n")))))
+
 (defn- run-parity-variant [bin-args label parity-test]
   (let [result (apply sh (concat bin-args [parity-test]))]
     {:label label
-     :out   (get result :out)
+     :out   (strip-jit-disabled-warning (get result :out))
      :exit  (get result :exit)}))
 
 (defn test-jit-parity

main.c

@@ -760,6 +760,27 @@ static void install_crash_handler(mino_state_t *S)
     if (disabled != NULL && disabled[0] != '\0' && disabled[0] != '0') {
         return;
     }
+    /* Skip when running under a sanitizer: libasan / libtsan / libubsan
+     * install their own SIGSEGV / SIGABRT handlers and produce far more
+     * detailed reports (red-zone diagnosis, allocation backtraces, leak
+     * graphs). Mino's handler intercepting SIGSEGV first means the
+     * sanitizer's report path never runs -- on ubuntu-24.04 x86_64 a
+     * conservative-stack-scan false positive surfaced as an opaque
+     * "[mino] fatal SIGSEGV" line with no ASan preamble, masking the
+     * actual diagnostic. Detect clang via __has_feature and gcc via
+     * __SANITIZE_*__ predefined macros (same dual-path used in
+     * gc/internal.h's MINO_GC_PIN_LOUD_ASSERT). */
+#if defined(__has_feature)
+#  if __has_feature(address_sanitizer) \
+      || __has_feature(thread_sanitizer) \
+      || __has_feature(undefined_behavior_sanitizer)
+    return;
+#  endif
+#elif defined(__SANITIZE_ADDRESS__) \
+    || defined(__SANITIZE_THREAD__) \
+    || defined(__SANITIZE_UNDEFINED__)
+    return;
+#endif
     crash_handler_state = S;
 #ifndef _WIN32
     {

src/mino.h

@@ -28,7 +28,7 @@
  */
 #define MINO_VERSION_MAJOR 0
 #define MINO_VERSION_MINOR 255
-#define MINO_VERSION_PATCH 15
+#define MINO_VERSION_PATCH 16
 
 /*
  * Human-readable version string of the *linked* runtime, e.g. "0.48.0".