graphene_quad_t installed test crashes

[jtojnar]

Experienced behavior

I am trying to run graphene 1.9.6 installed tests in a NixOS module test VM and a single test fails:

Running test: graphene-1.0/quad.test

  graphene_quad_t
    has bounds
      ✓ converting rect corners into a quad yields the same bounds
      ✓ converting a rect into a quad yields the same bounds
      ✓ point[0] to be top left
free(): invalid pointer
FAIL: graphene-1.0/quad.test (Child process killed by signal 6)

The test when built in a sandbox succeeds; so it does when run in my user environment with nix run -f . gnome-desktop-testing ostree -c gnome-desktop-testing-runner -d $(nix-build -A graphene.installedTests --no-out-link)/share graphene-1.0/quad.test

Expected behavior

Test succeeds.

Steps to reproduce

nix-build -I nixpkgs=https://github.com/NixOS/nixpkgs/archive/80354ee31404243bafc7a17b9c1bf6b46ea7ec08.tar.gz '<nixpkgs/nixos/tests/graphene.nix>'

Operating system in use

NixOS unstable

SIMD implementation in use

?

[jtojnar]

Note that the test passes in 1.8.6:

nix-build -I nixpkgs=https://github.com/NixOS/nixpkgs/archive/1412af4b2cfae71d447164097d960d426e9752c0.tar.gz '<nixpkgs/nixos/tests/graphene.nix>'

[ebassi]

Thanks for your bug report.

1.8.6 used a completely different test suite, so it doesn't help me much.

I'm also not going to build a nix package myself, as I'm not familiar with it. Could you please try and see if you can get a GDB stack trace and a valgrind log?

[jtojnar]

Here is the backtrace:

#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51                                                       
#1  0x00007f4c908c4dc1 in __GI_abort () at abort.c:79                                                                           
#2  0x00007f4c909052ac in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7f4c90a0738e "%s\n")                    
    at ../sysdeps/posix/libc_fatal.c:181                                                                                        
#3  0x00007f4c9090b49a in malloc_printerr (str=str@entry=0x7f4c90a05579 "free(): invalid pointer") at malloc.c:5350             
#4  0x00007f4c9090c10c in _int_free (av=<optimized out>, p=<optimized out>, have_lock=0) at malloc.c:4157                       
#5  0x00007f4c90a6a264 in mutest_expect_res_free (res=res@entry=0x89a620) at ../src/mutest-wrappers.c:42                        
#6  0x00007f4c90a6791b in mutest_expect_full (file=file@entry=0x40200f "../tests/quad.c", line=line@entry=37,                   
    func_name=func_name@entry=0x4021b0 <__func__.10947> "quad_bounds",                                                          
    description=description@entry=0x4020be "point[0] to be top left", value=0x89a620, first_matcher_func=<optimized out>)       
    at ../src/mutest-expect.c:427                                                                                               
#7  0x00000000004016dd in quad_bounds (spec=<optimized out>) at ../tests/quad.c:34                                              
#8  0x00007f4c90a696dc in mutest_it_full (file=file@entry=0x40200f "../tests/quad.c", line=line@entry=104,                      
    func_name=func_name@entry=0x4021d0 <__func__.10963> "quad_suite", description=description@entry=0x402004 "has bounds",      
    func=func@entry=0x401524 <quad_bounds>) at ../src/mutest-spec.c:62                                                          
#9  0x0000000000401291 in quad_suite (suite=<optimized out>) at ../tests/quad.c:104                                             
#10 0x00007f4c90a698eb in mutest_describe_full (file=file@entry=0x40200f "../tests/quad.c", line=line@entry=110,                
    func_name=func_name@entry=0x4021db <__func__.10970> "main", description=description@entry=0x402126 "graphene_quad_t",       
    func=func@entry=0x401267 <quad_suite>) at ../src/mutest-suite.c:87                                                          
#11 0x000000000040185f in main (argc=<optimized out>, argv=<optimized out>) at ../tests/quad.c:108                              

[jtojnar]

Valgrind:

$machine->succeed('valgrind /nix/store/s7jkmgw9mlxaqbjvcy08dhlc7v4w0p51-graphene-1.9.6-installedTests/libexec/installed-tests/graphene-1.0/quad')
machine: must succeed: valgrind /nix/store/s7jkmgw9mlxaqbjvcy08dhlc7v4w0p51-graphene-1.9.6-installedTests/libexec/installed-tests/graphene-1.0/quad
machine# ==830== Memcheck, a memory error detector
machine# ==830== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
machine# ==830== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
machine# ==830== Command: /nix/store/s7jkmgw9mlxaqbjvcy08dhlc7v4w0p51-graphene-1.9.6-installedTests/libexec/installed-tests/graphene-1.0/quad
machine# ==830== 
machine# ==830== Invalid write of size 1
machine# ==830==    at 0x4866083: string_split (mutest-utils.c:384)
machine# ==830==    by 0x4866154: mutest_format_string_for_display (mutest-utils.c:406)
machine# ==830==    by 0x48646AE: mocha_spec_preamble (mutest-format-mocha.c:100)
machine# ==830==    by 0x4866184: mutest_format_spec_preamble (mutest-utils.c:437)
machine# ==830==    by 0x48655F0: mutest_it_full (mutest-spec.c:42)
machine# ==830==    by 0x401290: quad_suite (quad.c:104)
machine# ==830==    by 0x48658EA: mutest_describe_full (mutest-suite.c:87)
machine# ==830==    by 0x40185E: main (quad.c:108)
machine# ==830==  Address 0x4df2cfb is 0 bytes after a block of size 11 alloc'd
machine# ==830==    at 0x483479B: malloc (in /nix/store/r7hq9l4pqs7jym03pavn306pid1kzgqv-valgrind-3.15.0/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
machine# ==830==    by 0x4865FF3: string_split (mutest-utils.c:370)
machine# ==830==    by 0x4866154: mutest_format_string_for_display (mutest-utils.c:406)
machine# ==830==    by 0x48646AE: mocha_spec_preamble (mutest-format-mocha.c:100)
machine# ==830==    by 0x4866184: mutest_format_spec_preamble (mutest-utils.c:437)
machine# ==830==    by 0x48655F0: mutest_it_full (mutest-spec.c:42)
machine# ==830==    by 0x401290: quad_suite (quad.c:104)
machine# ==830==    by 0x48658EA: mutest_describe_full (mutest-suite.c:87)
machine# ==830==    by 0x40185E: main (quad.c:108)
machine# ==830== 
machine# ==830== Invalid write of size 1
machine# ==830==    at 0x4866083: string_split (mutest-utils.c:384)
machine# ==830==    by 0x4866154: mutest_format_string_for_display (mutest-utils.c:406)
machine# ==830==    by 0x48644F3: mocha_expect_result (mutest-format-mocha.c:40)
machine# ==830==    by 0x486623C: mutest_format_expect_result (mutest-utils.c:494)
machine# ==830==    by 0x4863912: mutest_expect_full (mutest-expect.c:425)
machine# ==830==    by 0x40161C: quad_bounds (quad.c:21)
machine# ==830==    by 0x48656DB: mutest_it_full (mutest-spec.c:62)
machine# ==830==    by 0x401290: quad_suite (quad.c:104)
machine# ==830==    by 0x48658EA: mutest_describe_full (mutest-suite.c:87)
machine# ==830==    by 0x40185E: main (quad.c:108)
machine# ==830==  Address 0x4df2fcb is 0 bytes after a block of size 59 alloc'd
machine# ==830==    at 0x483479B: malloc (in /nix/store/r7hq9l4pqs7jym03pavn306pid1kzgqv-valgrind-3.15.0/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
machine# ==830==    by 0x4865FF3: string_split (mutest-utils.c:370)
machine# ==830==    by 0x4866154: mutest_format_string_for_display (mutest-utils.c:406)
machine# ==830==    by 0x48644F3: mocha_expect_result (mutest-format-mocha.c:40)
machine# ==830==    by 0x486623C: mutest_format_expect_result (mutest-utils.c:494)
machine# ==830==    by 0x4863912: mutest_expect_full (mutest-expect.c:425)
machine# ==830==    by 0x40161C: quad_bounds (quad.c:21)
machine# ==830==    by 0x48656DB: mutest_it_full (mutest-spec.c:62)
machine# ==830==    by 0x401290: quad_suite (quad.c:104)
machine# ==830==    by 0x48658EA: mutest_describe_full (mutest-suite.c:87)
machine# ==830==    by 0x40185E: main (quad.c:108)
machine# ==830== 
machine# ==830== 
machine# ==830== HEAP SUMMARY:
machine# ==830==     in use at exit: 37,214 bytes in 246 blocks
machine# ==830==   total heap usage: 370 allocs, 124 frees, 48,559 bytes allocated
machine# ==830== 
machine# ==830== LEAK SUMMARY:
machine# ==830==    definitely lost: 386 bytes in 14 blocks
machine# ==830==    indirectly lost: 0 bytes in 0 blocks
machine# ==830==      possibly lost: 1,352 bytes in 18 blocks
machine# ==830==    still reachable: 35,476 bytes in 214 blocks
machine# ==830==                       of which reachable via heuristic:
machine# ==830==                         newarray           : 1,536 bytes in 16 blocks
machine# ==830==         suppressed: 0 bytes in 0 blocks
machine# ==830== Rerun with --leak-check=full to see details of leaked memory
machine# ==830== 
machine# ==830== For lists of detected and suppressed errors, rerun with: -s
machine# ==830== ERROR SUMMARY: 14 errors from 2 contexts (suppressed: 0 from 0)
machine: exit status 0

[jtojnar]

For completeness, we are using ebassi/mutest@822b5dd

[jtojnar]

ebassi/mutest#11 seems to fix the test.

[ebassi]

Thanks, @jtojnar for the quick PR and thorough investigation!

I've updated the µTest subproject in Graphene.