travis: war on leaks #4558
travis: war on leaks #4558
Conversation
tiennou
force-pushed
the
travis/war-on-leaks
branch
from
63a1e2f
to
c9d58bc
Compare
script/citest.sh
Outdated
| ctest -V -R libgit2_clar-proxy_credentials || exit $? | ||
| else | ||
| echo "Cannot find java in path, skipping proxy test" | ||
| fi |
There was a problem hiding this comment.
Why are you making this change? Are there instances where travis doesn't have java installed? Or is this for running locally? If the latter, then let's make it some explicit opt-out.
Otherwise I fear that travis will change its images without us noticing, we'll stop running these tests silently, and then we'll break something without knowing.
There was a problem hiding this comment.
Yeah, this is slightly conflated with being able to run those scripts in a VM, hence this change (I didn't have java at first).
I understand the concern though, but on the other hand, changing that test made the proxy test run on the osx machines too. If I find a way to tell if the script is Travis run, I'll be able to make it hard error.
script/cileaks.sh
Outdated
| @@ -9,5 +9,5 @@ then | |||
| fi | |||
|
|
|||
| if [ -n "$VALGRIND" -a -e "$(which valgrind)" ]; then | |||
| valgrind --leak-check=full --show-reachable=yes --error-exitcode=125 --suppressions=./libgit2_clar.supp $@ _build/libgit2_clar -ionline | |||
| valgrind --leak-check=full --show-reachable=yes --error-exitcode=125 --suppressions=./libgit2_clar.supp $@ _build/libgit2_clar -ionline -xbuf::oom | |||
There was a problem hiding this comment.
Is this test still useful at all? Maybe we should remove it entirely.
There was a problem hiding this comment.
I was originally planning to try and make leaks works too, but I can remove it in the mean time.
script/citest.sh
Outdated
| @@ -10,7 +10,7 @@ fi | |||
|
|
|||
| if [ ! -d _build ]; then | |||
| echo "no _build dir found; you should run cibuild.sh first" | |||
| exit 1 | |||
| exit 0 | |||
There was a problem hiding this comment.
I need some more explanation here - why does this fail the coverity build? Again, this seems like something that might could use an explicit flag that the coverity build can pass in so that we don't stop running our build+tests because of some subtle change.
There was a problem hiding this comment.
All of the three new "build" steps (cibuild, citest & cileaks) will be run in order now, hence the need to "fail" successfully those 2 new steps so we don't. Alternatively, I could make the coverity.sh explicit instead of calling that from cibuild.sh…
tiennou
force-pushed
the
travis/war-on-leaks
branch
from
0787701
to
e0581fa
Compare
|
I've removed all changes caused by my trying to reuse the scripts inside VMs. I've also run I've noticed that Travis has build stages, which can accept conditions, so maybe there's a way to make the Coverity/Valgrind scans be less "hacky": right now COVERITY completely shortcuts the build, and VALGRIND will run the test suite twice (once as part of cibuild.sh, and again as part of cileaks.sh). As this is likely to end up in a mess of pushes, and I can't control AppVeyor builds, I favored being cautious. |
script/cileaks.sh
Outdated
| exit $?; | ||
| fi | ||
|
|
||
| if [ -n "$VALGRIND" -a -e "$(which valgrind)" ]; then |
There was a problem hiding this comment.
I'd say we should error out if we request a Valgrind build without Valgrind being installed. Otherwise, we'll get a green CI even if the job doesn't do what it's supposed to do
script/cileaks.sh
Outdated
| # If this platform doesn't support test execution, bail out now | ||
| if [ -n "$SKIP_TESTS" ]; | ||
| then | ||
| exit $?; |
There was a problem hiding this comment.
Why do you pass back the value of the previous test? Shouldn't this just exit success?
There was a problem hiding this comment.
This is a vanilla copy-paste of the block just above, which appeared in 8f426d7. I honestly have no idea why it's written that way, but it seems to predate AppVeyor, so there's that.
There was a problem hiding this comment.
True. Let's leave it as-is, then. But I'd be grateful if you at least remove these useless semicolons ;)
script/cileaks.sh
Outdated
| @@ -9,5 +9,5 @@ then | |||
| fi | |||
|
|
|||
| if [ -n "$VALGRIND" -a -e "$(which valgrind)" ]; then | |||
| valgrind --leak-check=full --show-reachable=yes --error-exitcode=125 --suppressions=./libgit2_clar.supp _build/libgit2_clar -ionline | |||
| valgrind --leak-check=full --show-reachable=yes --error-exitcode=125 --suppressions=./libgit2_clar.supp $@ _build/libgit2_clar -ionline | |||
There was a problem hiding this comment.
It's intentional, the purpose is that you can VALGRIND=1 ./script/cileaks.sh -stestcase in a VM and get just that valgrinded (note that I actually changed the location of the %@, this one is outdated).
| Memcheck:Leak | ||
| ... | ||
| fun:curl_global_init | ||
| } |
There was a problem hiding this comment.
Oh, cool that we can do this now with our global curl initialization.
.travis.yml
Outdated
| @@ -48,13 +48,11 @@ matrix: | |||
| - compiler: gcc | |||
| env: COVERITY=1 | |||
| os: linux | |||
| dist: trusty | |||
There was a problem hiding this comment.
I'd rather prefer if we'd delete the global "dist" key. It's nice to have all that information directly in the build matrix.
There was a problem hiding this comment.
dist is a global key though, so I can't really use the other. Else I'd have kept the other one 😉.
There was a problem hiding this comment.
I don't think this is true. For some time, our matrix contained jobs for both Trusty and Precise, and it worked perfectly fine
tiennou
force-pushed
the
travis/war-on-leaks
branch
from
e0581fa
to
5deecc5
Compare
|
Rebased. I yanked the |
tiennou
force-pushed
the
travis/war-on-leaks
branch
2 times, most recently
from
2dd99c0
to
4d37949
Compare
|
🎶 Please stand by while the leaks are getting plugged, and the coverity scans appeased 🎶 |
tiennou
force-pushed
the
travis/war-on-leaks
branch
2 times, most recently
from
2cba134
to
a88db36
Compare
|
This is ready ! |
There was a problem hiding this comment.
Looks all good to me. I'd love if you'd split out the "real" fixes into a separate PR such that we can fast-track them in case this PR here doesn't get merged fast, as I'd like to include them for #4632. Would also make handling on the backport-label a bit easier for me.
src/transports/local.c
Outdated
| return 0; | ||
| } |
There was a problem hiding this comment.
Would you care to put this into an extra PR? It's worthy to be included in v0.27.1, as I've just introduced that leak with v0.27.0
src/worktree.c
Outdated
| @@ -131,7 +131,7 @@ static int open_worktree_dir(git_worktree **out, const char *parent, const char | |||
| goto out; | |||
| } | |||
|
|
|||
| if ((wt = git__calloc(1, sizeof(struct git_repository))) == NULL) { | |||
| if ((wt = git__calloc(1, sizeof(*wt))) == NULL) { | |||
tests/worktree/worktree.c
Outdated
| @@ -300,6 +300,7 @@ void test_worktree_worktree__add_with_explicit_branch(void) | |||
| git_reference_free(branch); | |||
| git_reference_free(wthead); | |||
| git_repository_free(wtrepo); | |||
| git_worktree_free(wt); | |||
tiennou
force-pushed
the
travis/war-on-leaks
branch
from
aa65a48
to
55abdd4
Compare
tiennou
force-pushed
the
travis/war-on-leaks
branch
from
55abdd4
to
34aa29d
Compare
|
The PR work as advertised ;) Can't merge it due to that, unfortunately, as we got new leaks in our submodule code |
|
I've locally tested that #4641 fixes the leaks (at least from Valgrind's POV), so this depends on that. |
|
#4641 is merged now. Could you please rebase on latest master? |
==18109== 664 bytes in 1 blocks are still reachable in loss record 279 of 339 ==18109== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==18109== by 0x675B120: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==18109== by 0x675C13C: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==18109== by 0x675C296: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==18109== by 0x679BD14: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==18109== by 0x679CC64: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==18109== by 0x6A64946: ??? (in /usr/lib/x86_64-linux-gnu/libgnutls.so.26.22.6) ==18109== by 0x6A116E8: ??? (in /usr/lib/x86_64-linux-gnu/libgnutls.so.26.22.6) ==18109== by 0x6A01114: gnutls_global_init (in /usr/lib/x86_64-linux-gnu/libgnutls.so.26.22.6) ==18109== by 0x52A6C78: ??? (in /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.3.0) ==18109== by 0x5285ADC: curl_global_init (in /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.3.0) ==18109== by 0x663524: git_curl_stream_global_init (curl.c:44)
==2957== 912 bytes in 19 blocks are still reachable in loss record 323 of 369 ==2957== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2957== by 0x675B120: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x675BDF8: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x675FE0D: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x6761DC4: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x676477E: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x675B071: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x675B544: ??? (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x675914B: gcry_control (in /lib/x86_64-linux-gnu/libgcrypt.so.11.8.2) ==2957== by 0x5D30EC9: libssh2_init (in /usr/lib/x86_64-linux-gnu/libssh2.so.1.0.1) ==2957== by 0x66BCCD: git_transport_ssh_global_init (ssh.c:910) ==2957== by 0x616443: init_common (global.c:65)
==17851== Invalid free() / delete / delete[] / realloc() ==17851== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==17851== by 0x60BBE2B: __libc_freeres (in /lib/x86_64-linux-gnu/libc-2.19.so) ==17851== by 0x4A256BC: _vgnU_freeres (in /usr/lib/valgrind/vgpreload_core-amd64-linux.so) ==17851== by 0x5F8F16A: __run_exit_handlers (exit.c:97) ==17851== by 0x5F8F1F4: exit (exit.c:104) ==17851== by 0x5F74F4B: (below main) (libc-start.c:321) ==17851== Address 0x63153c0 is 0 bytes inside data symbol "noai6ai_cached"
The goal is to let cmake manage the parallelism
tiennou
force-pushed
the
travis/war-on-leaks
branch
from
34aa29d
to
61eaaad
Compare
|
Rebased! |
|
Cool, we can finally merge this! Thanks for your awesome work |
This should make Travis fail the build when leaks are detected.
There's a prototype implementation on osx, because I just noticedRemoved for the time being because it depends on undocumentation.leaksgained an-atExitargument, which I can't test locally for update-laziness reasons.Supersedes #4416.