Hopper GUI test crash (Job Failed #1575798309)
Job #1575798309 failed for 2e73c167:
[[ ^L clears screen, ^U kills line. F12 controller, F11 3D view (press "h" in 3D view for help), F10 both, F9 generator, F8 plot. ]]
Test 'Hopper', stage:1 iter:4700 moving yade.qt.Controller()
Test 'Hopper', stage:2 iter:9400 opening yade.qt.View()
Test 'Hopper', stage:3 iter:14100 opening yade.qt.Inspector() , setting wire=True, setting intrGeom=True
Test 'Hopper', stage:4 iter:18800 changing tab to bodies, setting intrPhys=True, setting bound=True
Test 'Hopper', stage:5 iter:23500 clicking on interaction, setting wire=False, setting intrWire=True
Test 'Hopper', stage:6 iter:28200 changing tab to interactions, setting wire=False, setting intrWire=True
Test 'Hopper', stage:7 iter:32900 changing tab to cell, setting intrPhys=False
Real time spent: 7m28.105s
python3.9: /usr/include/boost/multiprecision/cpp_bin_float.hpp:707: void boost::multiprecision::backends::do_eval_add(boost::multiprecision::backends::cpp_bin_float<Digits, DigitBase, Allocator, Exponent, MinE, MaxE>&, const boost::multiprecision::backends::cpp_bin_float<Digits, DigitBase, Allocator, Exponent, MinE, MaxE>&, const boost::multiprecision::backends::cpp_bin_float<Digits, DigitBase, Allocator, Exponent, MinE, MaxE>&) [with unsigned int Digits = 45; boost::multiprecision::backends::digit_base_type DigitBase = boost::multiprecision::backends::digit_base_10; Allocator = void; Exponent = int; Exponent MinE = 0; Exponent MaxE = 0]: Assertion `e_diff >= 0' failed.
The GUI test hopper crash happens quite rarely. This is the first time when I observed it on the ASAN HP build. I am not sure if all these rare hopper crashes are about the same thing. But we could assume they are. Let's collect info about them here.
We could expect they have something to do with erasing bodies and drawing (that is what happens in this test). This time however the error (possibly after erasing a body) propagated into some high precision code.
EDIT: another crash with more debug info: https://gitlab.com/yade-dev/trunk/-/jobs/2309222532
Test 'Hopper', stage:6 iter:28200 changing tab to interactions, setting wire=False, setting intrWire=True
Test 'Hopper', stage:7 iter:32900 changing tab to cell, setting intrPhys=False
=================================================================
==5082==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffc15747630 at pc 0x7feca0ec312c bp 0x7ffc15747170 sp 0x7ffc15747168
READ of size 1 at 0x7ffc15747630 thread T0
#0 0x7feca0ec312b in boost::python::converter::arg_to_python<bool>::arg_to_python(bool const&) /usr/include/boost/python/converter/builtin_converters.hpp:113
#1 0x7feca0ec312b in _object* boost::python::api::object_initializer_impl<false, false>::get<bool>(bool const&, std::integral_constant<bool, false>) /usr/include/boost/python/object_core.hpp:289
#2 0x7feca0ec312b in _object* boost::python::api::object_base_initializer<bool>(bool const&) /usr/include/boost/python/object_core.hpp:232
#3 0x7feca0ecbe40 in yade::Engine::pyDict() const (/builds/yade-dev/trunk/install/lib/x86_64-linux-gnu/yade-ci/libyade.so+0x660e40)
#4 0x7feca03db321 in yade::DynLibDispatcher<boost::mpl::vector<yade::IGeom, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na>, yade::GlIGeomFunctor, void, boost::mpl::vector<boost::shared_ptr<yade::IGeom> const&, boost::shared_ptr<yade::Interaction> const&, boost::shared_ptr<yade::Body> const&, boost::shared_ptr<yade::Body> const&, bool, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na>, true>::locateMultivirtualFunctor1D(int&, boost::shared_ptr<yade::IGeom>&) /builds/yade-dev/trunk/lib/multimethods/DynLibDispatcher.hpp:256
#5 0x7fec9f216b12 in void yade::DynLibDispatcher<boost::mpl::vector<yade::IGeom, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na>, yade::GlIGeomFunctor, void, boost::mpl::vector<boost::shared_ptr<yade::IGeom> const&, boost::shared_ptr<yade::Interaction> const&, boost::shared_ptr<yade::Body> const&, boost::shared_ptr<yade::Body> const&, bool, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na>, true>::operator()<boost::shared_ptr<yade::Interaction>, boost::shared_ptr<yade::Body>, boost::shared_ptr<yade::Body>, bool>(boost::shared_ptr<yade::IGeom>&, boost::shared_ptr<yade::Interaction>, boost::shared_ptr<yade::Body>, boost::shared_ptr<yade::Body>, bool) /builds/yade-dev/trunk/lib/multimethods/DynLibDispatcher.hpp:358
#6 0x7fec9f216b12 in yade::OpenGLRenderer::renderIGeom() /builds/yade-dev/trunk/pkg/common/OpenGLRenderer.cpp:328
#7 0x7fec9f239449 in yade::OpenGLRenderer::render(boost::shared_ptr<yade::Scene> const&, int) /builds/yade-dev/trunk/pkg/common/OpenGLRenderer.cpp:243
#8 0x7feca060df9e in yade::GLViewer::draw() /builds/yade-dev/trunk/gui/qt5/GLViewerDisplay.cpp:178
#9 0x7fec9ffb2964 in QGLViewer::paintGL() (/usr/lib/x86_64-linux-gnu/libQGLViewer-qt5.so.2+0x2f964)
#10 0x7fec93776e24 in QGLWidget::glDraw() (/usr/lib/x86_64-linux-gnu/libQt5OpenGL.so.5+0x23e24)
#11 0x7feca05f399e in yade::GLViewer::updateGLViewer() /builds/yade-dev/trunk/gui/qt5/GLViewer.hpp:83
#12 0x7feca05f399e in yade::OpenGLManager::timerEvent(QTimerEvent*) /builds/yade-dev/trunk/gui/qt5/OpenGLManager.cpp:29
#13 0x7fec92784f2e in QObject::event(QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2d9f2e)
#14 0x7fec9322615e in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x16315e)
#15 0x7fec80566b0d (/usr/lib/python3/dist-packages/PyQt5/QtWidgets.abi3.so+0x3bbb0d)
#16 0x7fec92758fc9 in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2adfc9)
#17 0x7fec927af8e2 in QTimerInfoList::activateTimers() (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x3048e2)
#18 0x7fec927b019b (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x30519b)
#19 0x7fec8fa5ce6a in g_main_context_dispatch (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x51e6a)
#20 0x7fec8fa5d117 (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x52117)
#21 0x7fec8fa5d1ce in g_main_context_iteration (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x521ce)
#22 0x7fec927b051e in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x30551e)
#23 0x7fec9275798a in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2ac98a)
#24 0x7fec81ccac2e (/usr/lib/python3/dist-packages/PyQt5/QtCore.abi3.so+0x17fc2e)
#25 0x53f34f (/usr/bin/python3.9+0x53f34f)
#26 0x51d89a in _PyObject_MakeTpCall (/usr/bin/python3.9+0x51d89a)
#27 0x5175b9 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x5175b9)
#28 0x510fe6 (/usr/bin/python3.9+0x510fe6)
#29 0x528d20 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528d20)
#30 0x516e75 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x516e75)
#31 0x510fe6 (/usr/bin/python3.9+0x510fe6)
#32 0x528d20 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528d20)
#33 0x512191 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x512191)
#34 0x528b62 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528b62)
#35 0x512191 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x512191)
#36 0x528b62 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528b62)
#37 0x512191 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x512191)
#38 0x528b62 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528b62)
#39 0x512191 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x512191)
#40 0x5106ec (/usr/bin/python3.9+0x5106ec)
#41 0x528d20 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528d20)
#42 0x53bcfa (/usr/bin/python3.9+0x53bcfa)
#43 0x513455 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x513455)
#44 0x510fe6 (/usr/bin/python3.9+0x510fe6)
#45 0x528d20 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528d20)
#46 0x53bcfa (/usr/bin/python3.9+0x53bcfa)
#47 0x53c360 in PyObject_Call (/usr/bin/python3.9+0x53c360)
#48 0x513e8a in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x513e8a)
#49 0x528b62 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528b62)
#50 0x512191 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x512191)
#51 0x5106ec (/usr/bin/python3.9+0x5106ec)
#52 0x528d20 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528d20)
#53 0x512191 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x512191)
#54 0x510fe6 (/usr/bin/python3.9+0x510fe6)
#55 0x528d20 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528d20)
#56 0x53bcfa (/usr/bin/python3.9+0x53bcfa)
#57 0x513455 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x513455)
#58 0x5106ec (/usr/bin/python3.9+0x5106ec)
#59 0x528d20 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528d20)
#60 0x51cf94 in _PyObject_FastCallDictTstate (/usr/bin/python3.9+0x51cf94)
#61 0x538544 in _PyObject_Call_Prepend (/usr/bin/python3.9+0x538544)
#62 0x5b81f2 (/usr/bin/python3.9+0x5b81f2)
#63 0x51d89a in _PyObject_MakeTpCall (/usr/bin/python3.9+0x51d89a)
#64 0x5170e3 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x5170e3)
#65 0x510fe6 (/usr/bin/python3.9+0x510fe6)
#66 0x528d20 in _PyFunction_Vectorcall (/usr/bin/python3.9+0x528d20)
#67 0x513455 in _PyEval_EvalFrameDefault (/usr/bin/python3.9+0x513455)
#68 0x5106ec (/usr/bin/python3.9+0x5106ec)
#69 0x510496 in _PyEval_EvalCodeWithName (/usr/bin/python3.9+0x510496)
#70 0x5f5be2 in PyEval_EvalCode (/usr/bin/python3.9+0x5f5be2)
#71 0x619de6 (/usr/bin/python3.9+0x619de6)
#72 0x61560f (/usr/bin/python3.9+0x61560f)
#73 0x619d78 (/usr/bin/python3.9+0x619d78)
#74 0x619815 in PyRun_SimpleFileExFlags (/usr/bin/python3.9+0x619815)
#75 0x60d4e2 in Py_RunMain (/usr/bin/python3.9+0x60d4e2)
#76 0x5ea6e8 in Py_BytesMain (/usr/bin/python3.9+0x5ea6e8)
#77 0x7feca5d19d09 in __libc_start_main ../csu/libc-start.c:308
#78 0x5ea5e9 in _start (/usr/bin/python3.9+0x5ea5e9)
Address 0x7ffc15747630 is located in stack of thread T0 at offset 112 in frame
#0 0x7fec9f215821 in yade::OpenGLRenderer::renderIGeom() /builds/yade-dev/trunk/pkg/common/OpenGLRenderer.cpp:315
This frame has 18 object(s):
[48, 52) 'index'
[64, 72) 'lockB' (line 319)
[96, 104) 'lock' (line 320) <== Memory access at offset 112 overflows this variable
[128, 136) '__for_begin' (line 321)
[160, 168) '__for_end' (line 321)
[192, 200) '<unknown>'
[224, 232) '<unknown>'
[256, 264) '__for_begin'
[288, 296) '__for_end'
[320, 328) '<unknown>'
[352, 360) '<unknown>'
[384, 400) 'ig' (line 323)
[416, 432) '<unknown>'
[448, 464) 'b2' (line 325)
[480, 496) '<unknown>'
[512, 528) '<unknown>'
[544, 560) '<unknown>'
[576, 592) '<unknown>'
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow /usr/include/boost/python/converter/builtin_converters.hpp:113 in boost::python::converter::arg_to_python<bool>::arg_to_python(bool const&)
Shadow bytes around the buggy address:
0x100002ae0e70: f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 00 00
0x100002ae0e80: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f8 f2
0x100002ae0e90: f2 f2 f8 f2 f2 f2 f8 f2 f2 f2 f8 f2 f2 f2 00 00
0x100002ae0ea0: f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x100002ae0eb0: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f1 f1 04 f2
=>0x100002ae0ec0: 00 f2 f2 f2 00 f2[f2]f2 00 f2 f2 f2 00 f2 f2 f2
0x100002ae0ed0: f8 f2 f2 f2 f8 f2 f2 f2 f8 f2 f2 f2 f8 f2 f2 f2
0x100002ae0ee0: f8 f2 f2 f2 f8 f2 f2 f2 00 00 f2 f2 f8 f8 f2 f2
0x100002ae0ef0: 00 00 f2 f2 f8 f8 f2 f2 00 00 f2 f2 00 00 f2 f2
0x100002ae0f00: 00 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
0x100002ae0f10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==5082==ABORTING