directwrite: fix outdated dealloc code that has become leaky #50

Workflow file for this run

	name: GitHub CI

	on:
	push:
	branches: [master, ci, coverity_scan]
	pull_request:

	jobs:
	build:
	runs-on: ${{ matrix.os }}
	name: build(${{ matrix.msystem \|\| matrix.docker_image \|\| matrix.os }},
	${{ matrix.cc }}${{ matrix.api && ', ' }}${{ matrix.api }})
	strategy:
	fail-fast: false
	matrix:
	include:
	# Enable distcheck for one build
	- os: ubuntu-latest
	cc: gcc
	do_distc: yes
	# Run Coverity on a clang build; Coverity's gcc causes issues
	- os: ubuntu-latest
	cc: clang
	do_coverity: yes
	# Add a tcc build
	- os: ubuntu-latest
	cc: tcc
	ld: tcc
	# Add docker-build on Alpine
	- os: ubuntu-latest
	cc: gcc
	docker_image: alpine:latest
	shell: '/tmp/docker_shell {0}'
	art_reg_skip: 'font_nonunicode'
	# Add docker-build with minimum version of dependencies
	- os: ubuntu-latest
	cc: gcc
	docker_image: oldlibs
	docker_pullprefix: 'ghcr.io/theoneric/libass-containers/'
	shell: '/tmp/docker_shell {0}'
	# Crash Tests detect (false?) leaks in Fontconfig, and
	# various regression test fail, assumed due to older deps
	skip_tests: yes
	# MacOS build
	- os: macos-latest
	cc: clang
	# Add a Windows build (MinGW-gcc via MSYS2) with no extras
	- os: windows-2019
	msystem: MINGW32
	cc: gcc
	api: desktop
	shell: 'msys2 {0}'
	# Add a best-effort build for UWP apps for Microsoft Store
	- os: windows-2019
	msystem: UCRT64
	cc: gcc
	api: app
	extra_cflags: -DWINAPI_FAMILY=WINAPI_FAMILY_APP -specs=/tmp/windowsapp.specs
	shell: 'msys2 {0}'

	defaults:
	run:
	shell: ${{ matrix.shell \|\| 'bash' }}

	env:
	ART_SAMPLES: ext_art-samples

	steps:
	- name: checkout code
	uses: actions/checkout@v3

	- name: download test samples
	uses: actions/checkout@v3
	with:
	repository: libass/libass-tests
	path: ${{ env.ART_SAMPLES }}

	- name: Start Docker
	if: matrix.docker_image
	shell: bash
	run: \|
	# Note: Many containers default to the root user
	docker pull "${{ matrix.docker_pullprefix }}${{ matrix.docker_image }}"
	docker create --name dockerciimage \
	-v "/home/runner/work:/home/runner/work" --workdir "$PWD" \
	--entrypoint "tail" \
	"${{ matrix.docker_pullprefix }}${{ matrix.docker_image }}" \
	"-f" "/dev/null"
	docker start dockerciimage

	# Create a proxy-shell for Docker containers
	# Scripts for each step and the output file are inside the mounted
	# directories, but some environment variable must be forwarded.
	echo '#!/bin/sh
	set -eu
	if [ "$#" -ne 1 ] ; then
	echo "Usage: $0 <script file>"
	exit 1
	fi
	exec /usr/bin/docker exec \
	--env GITHUB_OUTPUT --env GITHUB_ENV --env GITHUB_PATH --env GITHUB_STATE \
	dockerciimage sh -e "$1"
	' > /tmp/docker_shell
	chmod a+x /tmp/docker_shell

	- name: Setup MSys2
	uses: msys2/setup-msys2@v2
	if: matrix.msystem
	with:
	msystem: ${{ matrix.msystem }}
	update: false

	- name: install deps
	run: \|
	case "${{ matrix.docker_image \|\| matrix.os }}" in
	macos-*)
	#brew update
	brew install autoconf automake libtool nasm pkg-config \
	harfbuzz freetype fribidi fontconfig
	;;
	windows-*)
	pre="$MINGW_PACKAGE_PREFIX"
	pacman --noconfirm -S \
	automake autoconf libtool nasm make \
	$pre-pkg-config $pre-gcc \
	$pre-fribidi $pre-freetype $pre-harfbuzz $pre-fontconfig \
	$pre-libpng
	;;
	alpine:*)
	apk add nasm ${{ matrix.cc }} musl-dev \
	make automake autoconf libtool pkgconf \
	fontconfig-dev freetype-dev fribidi-dev harfbuzz-dev \
	libpng-dev
	;;
	oldlibs)
	: # Everything is preinstalled
	;;
	*)
	sudo apt-get update #&& sudo apt-get upgrade
	ubver="$(apt-cache search libubsan \| awk '/^libubsan[0-9]* / {print substr($1, 9)}' \| sort -rn \| head -n1)"
	asver="$(apt-cache search libasan \| awk '/^libasan[0-9]* / {print substr($1, 8)}' \| sort -rn \| head -n1)"
	sudo apt-get install -y --no-install-recommends \
	autoconf automake make libtool \
	libfontconfig1-dev libfreetype6-dev libfribidi-dev \
	libharfbuzz-dev nasm ${{ matrix.cc }} \
	libpng-dev libubsan"$ubver" libasan"$asver"
	;;
	esac

	- name: Determine Sanitizer Flags
	id: sanitizer
	run: \|
	aflags="-fsanitize=address"
	uflags="-fsanitize=undefined -fsanitize=float-cast-overflow"
	if [ "${{ startsWith(matrix.cc, 'clang') }}" = "true" ] ; then
	# Clang's UBSAN exits with code zero even if issues were found
	# This options will instead force an SIGILL, but remove a report being printed
	# see https://reviews.llvm.org/D35085
	uflags="$uflags -fsanitize-undefined-trap-on-error"
	fi

	# UBSAN: Alpine and MSys2 doesn't ship the UBSAN library,
	# but when SIGILL'ing the lib is not needed
	# ASAN: Not supported with musl and in Windows
	case "${{ matrix.docker_image \|\| matrix.os }}" in
	alpine\|windows-)
	flags="$uflags -fsanitize-undefined-trap-on-error" ;;
	*)
	flags="$aflags $uflags" ;;
	esac

	if [ -n "$flags" ] ; then
	flags="$flags -fno-sanitize-recover=all"
	fi

	if [ "${{ matrix.cc }}" = "tcc" ] \|\| [ "${{ matrix.skip_tests }}" = "yes" ] ; then
	flags=""
	fi


	echo "SANFLAGS=$flags"
	echo "flags=${flags}" >> $GITHUB_OUTPUT

	- name: Customize compiler
	if: matrix.api == 'app' && matrix.cc == 'gcc'
	run: >
	gcc -dumpspecs
	\| sed 's/-lmsvcrt/-lucrtapp/g; s/-lkernel32/-lwindowsapp/g;
	s/-ladvapi32//g; s/-lshell32//g; s/-luser32//g'
	> /tmp/windowsapp.specs

	- name: configure
	run: \|
	export CC="${{ matrix.cc }}\
	${{ matrix.extra_cflags && ' ' }}${{ matrix.extra_cflags }}\
	${{ steps.sanitizer.outputs.flags && ' ' }}${{ steps.sanitizer.outputs.flags }}"
	export LD="${{ matrix.ld }}"
	export ART_SAMPLES="${{ env.ART_SAMPLES }}"

	./autogen.sh
	./configure --enable-compare --enable-fuzz

	- name: distcheck
	if: matrix.do_distc == 'yes'
	run: make -j 2 distcheck

	- name: compile
	run: make -j 2

	- name: ensure internal functions are namespaced
	if: startsWith(matrix.os, 'ubuntu-')
	run: \|
	test -f libass/.libs/libass.a \|\| (echo "Static lib is missing!"; exit 1)
	set +e
	list="$(nm libass/.libs/libass.a \| grep ' T ' \| grep -v ' ass_')"
	case "$?" in
	1)
	: # All good
	;;
	0)
	echo "There are non-namespaced functions! Prefix them with 'ass_'."
	echo "$list"
	exit 1
	;;
	*)
	echo "Internal grep error occured!"
	echo "$list"
	exit 2
	;;
	esac

	- name: run tests
	if: matrix.skip_tests != 'yes'
	run: \|
	ART_REG_SKIP="${{ matrix.art_reg_skip }}" make -j 1 check


	- name: Coverity scan
	if: >
	matrix.do_coverity == 'yes'
	&& github.repository == 'libass/libass'
	&& github.event_name != 'pull_request'
	env:
	COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
	PROJECT_NAME: libass/libass
	NOTIFY_EMAIL: none@example.com
	TOOL_URL: https://scan.coverity.com/download/
	UPLOAD_URL: https://scan.coverity.com/builds?project=libass%2Flibass
	SCAN_URL: https://scan.coverity.com
	RES_DIR: cov-int
	run: \|
	exit_code=0
	echo "Running Coverity ..."
	# Remove previous build output
	make clean
	# The upstream script is borked and always exits with 1 even on success
	# To get meaningful success/error status we're using our own script
	# but we still want to be informed about upstream script changes
	if curl -s https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh \
	\| shasum -a 256 \
	\| grep -Eq '^234d71b4a5257a79559e66dd3ba5765576d2af4845da83af4975b77b14ab536b '
	then
	: remote unchanged
	else
	echo "Coverity's travis script changed!"
	exit_code=1
	fi

	# Check if we are within quoata
	quota_res="$(curl -s --form project="$PROJECT_NAME" \
	--form token="$COVERITY_SCAN_TOKEN" \
	"$SCAN_URL"/api/upload_permitted)"
	if [ "$?" -ne 0 ] \|\| [ "x$quota_res" = "xAccess denied" ] ; then
	echo "Coverity denied access or did not respond!"
	exit 1
	elif echo "$quota_res" \| grep -Eq 'upload_permitted": *true' ; then
	echo "Within Coverity quota."
	else
	echo "Exceeding Coverity quota! Try again later."
	echo "$quota_res" \| grep -Eo 'next_upload_permitted_at":[^,}]*'
	exit 0
	fi

	# Download cov tool and make it available
	wget -nv "$TOOL_URL""$(uname)" \
	--post-data "project=$PROJECT_NAME&token=$COVERITY_SCAN_TOKEN" \
	-O cov-analysis-tool.tar.gz
	mkdir cov-analysis-tool
	tar xzf cov-analysis-tool.tar.gz --strip 1 -C cov-analysis-tool
	export PATH="$(pwd)/cov-analysis-tool/bin:$PATH"

	# Coverity Build
	echo "Starting Coverity build..."
	#mkdir "$RES_DIR" # already done by cov-build
	COVERITY_UNSUPPORTED=1 cov-build --dir "$RES_DIR" make -j 2
	cov-import-scm --dir "$RES_DIR" --scm git --log "$RES_DIR/scm_log.txt" 2>&1

	# Submit results to Coverity's server
	tar czf libass.tar.gz "$RES_DIR"
	upstat="$(curl --silent --write-out "\n%{http_code}\n" \
	--form project="PROJECT_NAME" \
	--form token="$COVERITY_SCAN_TOKEN" \
	--form email="$NOTIFY_EMAIL" \
	--form file=@libass.tar.gz \
	--form version="${{ github.sha }}" \
	--form description="GitHubActions CI build" \
	"$UPLOAD_URL")"
	if [ "$?" -ne 0 ] ; then
	echo "Upload failed (curl error)"
	exit_code=1
	elif echo "$upstat" \| tail -n 1 \| grep -Eq '^2[0-9]{2}$' ; then
	echo "Upload successful."
	else
	echo "Upload failed (server error)"
	exit_code=1
	fi
	echo "$upstat" \| head

	exit $exit_code


	- name: Stop Docker
	if: matrix.docker_image
	shell: bash
	run: \|
	docker rm --force dockerciimage

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

directwrite: fix outdated dealloc code that has become leaky #50

Workflow file

directwrite: fix outdated dealloc code that has become leaky #50

Jobs

Run details

Workflow file for this run