Issue 591217 link

Starred by 1 user

Issue metadata

Status:	Fixed
Owner:	dcheng@chromium.org
Closed:	Mar 2016
Cc:	█ sigbjo...@opera.com haraken@chromium.org horo@chromium.org
Components:	Blink
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	2
Type:	Bug
Stability-ThreadSanitizer Merge-Merged-master1 merge-merged-2666

data race in RenderViewImplTest.InsertCharacters/OnHandleKeyboardEvent

Project Member Reported by osh...@chromium.org, Mar 1 2016

Issue description

First observed on this build.

https://build.chromium.org/p/chromium.memory.fyi/builders/Linux%20TSan%20Tests/builds/17619

This failure is in OnHandleKeyboardEvent but it looks basically the same.
https://build.chromium.org/p/chromium.memory.fyi/builders/Linux%20TSan%20Tests/builds/17621/steps/content_browsertests%20on%20Ubuntu-12.04/logs/RenderViewImplTest.OnHandleKeyboardEvent


May be https://codereview.chromium.org/1685003002? dcheng@, can you look into it?

+horo@ in case https://codereview.chromium.org/1750333002 is related.


[ RUN      ] RenderViewImplTest.InsertCharacters
[557:557:0301/114539:4480920111:WARNING:resource_bundle.cc(307)] locale_file_path.empty() for locale
==================
WARNING: ThreadSanitizer: data race (pid=557)
  Write of size 4 at 0x7d0800025a54 by main thread:
    #0 markPageUnused third_party/WebKit/Source/platform/heap/PageMemory.h:77:23 (content_browsertests+0x0000023593e6)
    #1 decommit third_party/WebKit/Source/platform/heap/PageMemory.h:184 (content_browsertests+0x0000023593e6)
    #2 blink::FreePagePool::addFreePage(int, blink::PageMemory*) third_party/WebKit/Source/platform/heap/PagePool.cpp:31 (content_browsertests+0x0000023593e6)
    #3 freePage third_party/WebKit/Source/platform/heap/HeapPage.cpp:481:9 (content_browsertests+0x000002357091)
    #4 blink::NormalPage::removeFromHeap() third_party/WebKit/Source/platform/heap/HeapPage.cpp:1102 (content_browsertests+0x000002357091)
    #5 sweepUnsweptPage third_party/WebKit/Source/platform/heap/HeapPage.cpp:314:9 (content_browsertests+0x0000023548e0)
    #6 blink::BaseHeap::completeSweep() third_party/WebKit/Source/platform/heap/HeapPage.cpp:359 (content_browsertests+0x0000023548e0)
    #7 blink::ThreadState::completeSweep() third_party/WebKit/Source/platform/heap/ThreadState.cpp:1103:13 (content_browsertests+0x00000235bc22)
    #8 blink::ThreadState::preSweep() third_party/WebKit/Source/platform/heap/ThreadState.cpp:1032:9 (content_browsertests+0x0000023628a5)
    #9 blink::ThreadState::leaveSafePoint(blink::SafePointAwareMutexLocker*) third_party/WebKit/Source/platform/heap/ThreadState.cpp:1262:5 (content_browsertests+0x000002362fc6)
    #10 ~SafePointScope third_party/WebKit/Source/platform/heap/SafePoint.h:29:13 (content_browsertests+0x0000023518a8)
    #11 blink::Heap::collectGarbage(blink::BlinkGC::StackState, blink::BlinkGC::GCType, blink::BlinkGC::GCReason) third_party/WebKit/Source/platform/heap/Heap.cpp:440 (content_browsertests+0x0000023518a8)
    #12 blink::V8GCController::gcEpilogue(v8::Isolate*, v8::GCType, v8::GCCallbackFlags) third_party/WebKit/Source/bindings/core/v8/V8GCController.cpp:350:9 (content_browsertests+0x00000424416e)
    #13 CallGCEpilogueCallbacks v8/src/heap/heap.cc:1416:9 (content_browsertests+0x000002739e0b)
    #14 v8::internal::Heap::PerformGarbageCollection(v8::internal::GarbageCollector, v8::GCCallbackFlags) v8/src/heap/heap.cc:1376 (content_browsertests+0x000002739e0b)
    #15 v8::internal::Heap::CollectGarbage(v8::internal::GarbageCollector, char const*, char const*, v8::GCCallbackFlags) v8/src/heap/heap.cc:1016:11 (content_browsertests+0x000002738580)
    #16 CollectGarbage v8/src/heap/heap-inl.h:558:10 (content_browsertests+0x000002737690)
    #17 v8::internal::Heap::CollectAllGarbage(int, char const*, v8::GCCallbackFlags) v8/src/heap/heap.cc:869 (content_browsertests+0x000002737690)
    #18 v8::Isolate::RequestGarbageCollectionForTesting(v8::Isolate::GarbageCollectionType) v8/src/api.cc:7145:5 (content_browsertests+0x00000245277d)
    #19 blink::V8GCController::collectAllGarbageForTesting(v8::Isolate*) third_party/WebKit/Source/bindings/core/v8/V8GCController.cpp:374:9 (content_browsertests+0x0000042447c5)
    #20 blink::(anonymous namespace)::WebLeakDetectorImpl::collectGarbageAndReport() third_party/WebKit/Source/web/WebLeakDetector.cpp:113:5 (content_browsertests+0x000002d282e3)
    #21 content::RenderViewTest::TearDown() content/public/test/render_view_test.cc:407:3 (content_browsertests+0x000000c946d4)
    #22 HandleExceptionsInMethodIfSupported<testing::Test, void> testing/gtest/src/gtest.cc:2458:12 (content_browsertests+0x000000ea805e)
    #23 testing::Test::Run() testing/gtest/src/gtest.cc:2482 (content_browsertests+0x000000ea805e)
    #24 testing::TestInfo::Run() testing/gtest/src/gtest.cc:2656:5 (content_browsertests+0x000000ea8fe3)
    #25 testing::TestCase::Run() testing/gtest/src/gtest.cc:2774:5 (content_browsertests+0x000000ea98c8)
    #26 testing::internal::UnitTestImpl::RunAllTests() testing/gtest/src/gtest.cc:4647:11 (content_browsertests+0x000000eb2c82)
    #27 HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> testing/gtest/src/gtest.cc:2458:12 (content_browsertests+0x000000eb26e6)
    #28 testing::UnitTest::Run() testing/gtest/src/gtest.cc:4255 (content_browsertests+0x000000eb26e6)
    #29 RUN_ALL_TESTS testing/gtest/include/gtest/gtest.h:2237:10 (content_browsertests+0x000000cc1ee0)
    #30 base::TestSuite::Run() base/test/test_suite.cc:231 (content_browsertests+0x000000cc1ee0)
    #31 content::ContentTestLauncherDelegate::RunTestSuite(int, char**) content/test/content_test_launcher.cc:105:12 (content_browsertests+0x000000c09c2b)
    #32 content::LaunchTests(content::TestLauncherDelegate*, int, int, char**) content/public/test/test_launcher.cc:499:12 (content_browsertests+0x000000c9de9e)
    #33 main content/test/content_test_launcher.cc:131:10 (content_browsertests+0x000000c09bb2)

  Previous write of size 4 at 0x7d0800025a54 by thread T5:
    #0 markPageUnused third_party/WebKit/Source/platform/heap/PageMemory.h:77:23 (content_browsertests+0x0000023593e6)
    #1 decommit third_party/WebKit/Source/platform/heap/PageMemory.h:184 (content_browsertests+0x0000023593e6)
    #2 blink::FreePagePool::addFreePage(int, blink::PageMemory*) third_party/WebKit/Source/platform/heap/PagePool.cpp:31 (content_browsertests+0x0000023593e6)
    #3 freePage third_party/WebKit/Source/platform/heap/HeapPage.cpp:481:9 (content_browsertests+0x000002357091)
    #4 blink::NormalPage::removeFromHeap() third_party/WebKit/Source/platform/heap/HeapPage.cpp:1102 (content_browsertests+0x000002357091)
    #5 sweepUnsweptPage third_party/WebKit/Source/platform/heap/HeapPage.cpp:314:9 (content_browsertests+0x0000023548e0)
    #6 blink::BaseHeap::completeSweep() third_party/WebKit/Source/platform/heap/HeapPage.cpp:359 (content_browsertests+0x0000023548e0)
    #7 blink::ThreadState::completeSweep() third_party/WebKit/Source/platform/heap/ThreadState.cpp:1103:13 (content_browsertests+0x00000235bc22)
    #8 blink::ThreadState::preSweep() third_party/WebKit/Source/platform/heap/ThreadState.cpp:1032:9 (content_browsertests+0x0000023628a5)
    #9 blink::ThreadState::safePoint(blink::BlinkGC::StackState) third_party/WebKit/Source/platform/heap/ThreadState.cpp:1210:5 (content_browsertests+0x000002362e06)
    #10 blink::GCTaskObserver::didProcessTask() third_party/WebKit/Source/platform/heap/GCTaskRunner.h:92:9 (content_browsertests+0x000002d27d5a)
    #11 scheduler::WebThreadBase::TaskObserverAdapter::DidProcessTask(base::PendingTask const&) components/scheduler/child/webthread_base.cc:30:5 (content_browsertests+0x0000047246df)
    #12 scheduler::TaskQueueManager::ProcessTaskFromWorkQueue(scheduler::internal::WorkQueue*, scheduler::internal::TaskQueueImpl::Task*) components/scheduler/base/task_queue_manager.cc:298:5 (content_browsertests+0x0000047413ac)
    #13 scheduler::TaskQueueManager::DoWork(base::TimeTicks, bool) components/scheduler/base/task_queue_manager.cc:200:13 (content_browsertests+0x00000473f79f)
    #14 Run<const base::TimeTicks &, const bool &> base/bind_internal.h:181:12 (content_browsertests+0x0000047422e8)
    #15 MakeItSo<base::WeakPtr<scheduler::TaskQueueManager>, const base::TimeTicks &, const bool &> base/bind_internal.h:314 (content_browsertests+0x0000047422e8)
    #16 base::internal::Invoker<base::IndexSequence<0ul, 1ul, 2ul>, base::internal::BindState<base::internal::RunnableAdapter<void (scheduler::TaskQueueManager::*)(base::TimeTicks, bool)>, void (scheduler::TaskQueueManager*, base::TimeTicks, bool), base::WeakPtr<scheduler::TaskQueueManager>, base::TimeTicks, bool>, base::internal::InvokeHelper<true, void, base::internal::RunnableAdapter<void (scheduler::TaskQueueManager::*)(base::TimeTicks, bool)> >, void ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:351 (content_browsertests+0x0000047422e8)
    #17 Run base/callback.h:394:12 (content_browsertests+0x000001083c5d)
    #18 base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&) base/debug/task_annotator.cc:51 (content_browsertests+0x000001083c5d)
    #19 base::MessageLoop::RunTask(base::PendingTask const&) base/message_loop/message_loop.cc:476:3 (content_browsertests+0x000001004612)
    #20 base::MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) base/message_loop/message_loop.cc:485:5 (content_browsertests+0x000001004bad)
    #21 base::MessageLoop::DoWork() base/message_loop/message_loop.cc:597:13 (content_browsertests+0x000001004f95)
    #22 base::MessagePumpDefault::Run(base::MessagePump::Delegate*) base/message_loop/message_pump_default.cc:33:21 (content_browsertests+0x000001008801)
    #23 base::MessageLoop::RunHandler() base/message_loop/message_loop.cc:440:3 (content_browsertests+0x00000100400b)
    #24 base::RunLoop::Run() base/run_loop.cc:35:3 (content_browsertests+0x000001020916)
    #25 base::MessageLoop::Run() base/message_loop/message_loop.cc:293:3 (content_browsertests+0x000001003855)
    #26 base::Thread::Run(base::MessageLoop*) base/threading/thread.cc:202:3 (content_browsertests+0x000001049249)
    #27 base::Thread::ThreadMain() base/threading/thread.cc:254:3 (content_browsertests+0x000001049419)
    #28 base::(anonymous namespace)::ThreadFunc(void*) base/threading/platform_thread_posix.cc:68:3 (content_browsertests+0x0000010437fd)

  Location is heap block of size 32 at 0x7d0800025a40 allocated by main thread:
    #0 malloc <null> (content_browsertests+0x000000498764)
    #1 partitionAllocGenericFlags third_party/WebKit/Source/wtf/PartitionAlloc.h:736:20 (content_browsertests+0x000002358bad)
    #2 partitionAllocGeneric third_party/WebKit/Source/wtf/PartitionAlloc.h:763 (content_browsertests+0x000002358bad)
    #3 fastMalloc third_party/WebKit/Source/wtf/Partitions.h:122 (content_browsertests+0x000002358bad)
    #4 operator new third_party/WebKit/Source/platform/heap/PageMemory.h:21 (content_browsertests+0x000002358bad)
    #5 blink::PageMemoryRegion::allocate(unsigned long, unsigned int) third_party/WebKit/Source/platform/heap/PageMemory.cpp:62 (content_browsertests+0x000002358bad)
    #6 allocateNormalPages third_party/WebKit/Source/platform/heap/PageMemory.h:87:16 (content_browsertests+0x000002355266)
    #7 blink::NormalPageHeap::allocatePage() third_party/WebKit/Source/platform/heap/HeapPage.cpp:428 (content_browsertests+0x000002355266)
    #8 blink::NormalPageHeap::outOfLineAllocate(unsigned long, unsigned long) third_party/WebKit/Source/platform/heap/HeapPage.cpp:742:5 (content_browsertests+0x0000023567cb)
    #9 allocateObject third_party/WebKit/Source/platform/heap/HeapPage.h:890:12 (content_browsertests+0x000003b802f7)
    #10 allocateOnHeapIndex third_party/WebKit/Source/platform/heap/Heap.h:493 (content_browsertests+0x000003b802f7)
    #11 unsigned char* blink::Heap::allocate<blink::FrameHost>(unsigned long, bool) third_party/WebKit/Source/platform/heap/Heap.h:500 (content_browsertests+0x000003b802f7)
    #12 allocateObject third_party/WebKit/Source/platform/heap/Heap.h:397:16 (content_browsertests+0x000003b7eb64)
    #13 operator new third_party/WebKit/Source/platform/heap/Heap.h:392 (content_browsertests+0x000003b7eb64)
    #14 blink::FrameHost::create(blink::Page&) third_party/WebKit/Source/core/frame/FrameHost.cpp:45 (content_browsertests+0x000003b7eb64)
    #15 blink::Page::Page(blink::Page::PageClients&) third_party/WebKit/Source/core/page/Page.cpp:139:19 (content_browsertests+0x000003d07a9a)
    #16 create third_party/WebKit/Source/core/page/Page.h:98:39 (content_browsertests+0x000003d07525)
    #17 blink::Page::createOrdinary(blink::Page::PageClients&) third_party/WebKit/Source/core/page/Page.cpp:110 (content_browsertests+0x000003d07525)
    #18 blink::WebViewImpl::WebViewImpl(blink::WebViewClient*) third_party/WebKit/Source/web/WebViewImpl.cpp:458:14 (content_browsertests+0x000002d5e6e5)
    #19 create third_party/WebKit/Source/web/WebViewImpl.cpp:342:25 (content_browsertests+0x000002d5d79f)
    #20 blink::WebView::create(blink::WebViewClient*) third_party/WebKit/Source/web/WebViewImpl.cpp:336 (content_browsertests+0x000002d5d79f)
    #21 content::RenderViewImpl::Initialize(ViewMsg_New_Params const&, bool) content/renderer/render_view_impl.cc:667:16 (content_browsertests+0x0000009b3fa9)
    #22 content::RenderViewImpl::Create(content::CompositorDependencies*, ViewMsg_New_Params const&, bool) content/renderer/render_view_impl.cc:1149:3 (content_browsertests+0x0000009b8b8b)
    #23 content::RenderViewTest::SetUp() content/public/test/render_view_test.cc:379:7 (content_browsertests+0x000000c944ed)
    #24 content::RenderViewImplTest::SetUp() content/renderer/render_view_browsertest.cc:199:5 (content_browsertests+0x0000008046fd)
    #25 HandleExceptionsInMethodIfSupported<testing::Test, void> testing/gtest/src/gtest.cc:2458:12 (content_browsertests+0x000000ea7e4d)
    #26 testing::Test::Run() testing/gtest/src/gtest.cc:2470 (content_browsertests+0x000000ea7e4d)
    #27 testing::TestInfo::Run() testing/gtest/src/gtest.cc:2656:5 (content_browsertests+0x000000ea8fe3)
    #28 testing::TestCase::Run() testing/gtest/src/gtest.cc:2774:5 (content_browsertests+0x000000ea98c8)
    #29 testing::internal::UnitTestImpl::RunAllTests() testing/gtest/src/gtest.cc:4647:11 (content_browsertests+0x000000eb2c82)
    #30 HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> testing/gtest/src/gtest.cc:2458:12 (content_browsertests+0x000000eb26e6)
    #31 testing::UnitTest::Run() testing/gtest/src/gtest.cc:4255 (content_browsertests+0x000000eb26e6)
    #32 RUN_ALL_TESTS testing/gtest/include/gtest/gtest.h:2237:10 (content_browsertests+0x000000cc1ee0)
    #33 base::TestSuite::Run() base/test/test_suite.cc:231 (content_browsertests+0x000000cc1ee0)
    #34 content::ContentTestLauncherDelegate::RunTestSuite(int, char**) content/test/content_test_launcher.cc:105:12 (content_browsertests+0x000000c09c2b)
    #35 content::LaunchTests(content::TestLauncherDelegate*, int, int, char**) content/public/test/test_launcher.cc:499:12 (content_browsertests+0x000000c9de9e)
    #36 main content/test/content_test_launcher.cc:131:10 (content_browsertests+0x000000c09bb2)

  Thread T5 'HTMLParserThread' (tid=572, running) created by main thread at:
    #0 pthread_create <null> (content_browsertests+0x00000049a8b5)
    #1 base::(anonymous namespace)::CreateThread(unsigned long, bool, base::PlatformThread::Delegate*, base::PlatformThreadHandle*, base::ThreadPriority) base/threading/platform_thread_posix.cc:107:13 (content_browsertests+0x00000104354a)
    #2 base::PlatformThread::CreateWithPriority(unsigned long, base::PlatformThread::Delegate*, base::PlatformThreadHandle*, base::ThreadPriority) base/threading/platform_thread_posix.cc:188:10 (content_browsertests+0x000001043455)
    #3 base::Thread::StartWithOptions(base::Thread::Options const&) base/threading/thread.cc:116:10 (content_browsertests+0x000001048f6e)
    #4 scheduler::WebThreadImplForWorkerScheduler::WebThreadImplForWorkerScheduler(char const*, base::Thread::Options) components/scheduler/child/webthread_impl_for_worker_scheduler.cc:29:18 (content_browsertests+0x000004724a17)
    #5 scheduler::WebThreadImplForWorkerScheduler::WebThreadImplForWorkerScheduler(char const*) components/scheduler/child/webthread_impl_for_worker_scheduler.cc:23:7 (content_browsertests+0x0000047248f2)
    #6 content::BlinkPlatformImpl::createThread(char const*) content/child/blink_platform_impl.cc:472:11 (content_browsertests+0x000004684f10)
    #7 WebThreadSupportingGC third_party/WebKit/Source/platform/WebThreadSupportingGC.cpp:34:35 (content_browsertests+0x00000563f539)
    #8 blink::WebThreadSupportingGC::create(char const*) third_party/WebKit/Source/platform/WebThreadSupportingGC.cpp:15 (content_browsertests+0x00000563f539)
    #9 blink::HTMLParserThread::platformThread() third_party/WebKit/Source/core/html/parser/HTMLParserThread.cpp:92:20 (content_browsertests+0x00000388bc7e)
    #10 blink::HTMLParserThread::postTask(WTF::PassOwnPtr<WTF::Function<void ()> >) third_party/WebKit/Source/core/html/parser/HTMLParserThread.cpp:105:5 (content_browsertests+0x00000388bb35)
    #11 blink::HTMLDocumentParser::startBackgroundParser() third_party/WebKit/Source/core/html/parser/HTMLDocumentParser.cpp:827:5 (content_browsertests+0x00000387f1b0)
    #12 blink::HTMLDocumentParser::appendBytes(char const*, unsigned long) third_party/WebKit/Source/core/html/parser/HTMLDocumentParser.cpp:1127:13 (content_browsertests+0x00000388245b)
    #13 blink::DocumentWriter::addData(char const*, unsigned long) third_party/WebKit/Source/core/loader/DocumentWriter.cpp:93:5 (content_browsertests+0x000003cb92b0)
    #14 blink::DocumentLoader::commitData(char const*, unsigned long) third_party/WebKit/Source/core/loader/DocumentLoader.cpp:497:5 (content_browsertests+0x000003cab016)
    #15 blink::DocumentLoader::processData(char const*, unsigned long) third_party/WebKit/Source/core/loader/DocumentLoader.cpp:551:5 (content_browsertests+0x000003cacac5)
    #16 blink::DocumentLoader::dataReceived(blink::Resource*, char const*, unsigned long) third_party/WebKit/Source/core/loader/DocumentLoader.cpp:526:5 (content_browsertests+0x000003cac905)
    #17 blink::RawResource::appendData(char const*, unsigned long) third_party/WebKit/Source/core/fetch/RawResource.cpp:100:9 (content_browsertests+0x000003b4ae9c)
    #18 blink::ResourceLoader::didReceiveData(blink::WebURLLoader*, char const*, int, int) third_party/WebKit/Source/core/fetch/ResourceLoader.cpp:421:5 (content_browsertests+0x000003b672ac)
    #19 content::WebURLLoaderImpl::Context::OnReceivedData(scoped_ptr<content::RequestPeer::ReceivedData, std::__1::default_delete<content::RequestPeer::ReceivedData> >) content/child/web_url_loader_impl.cc:732:5 (content_browsertests+0x00000470636d)
    #20 content::WebURLLoaderImpl::Context::HandleDataURL() content/child/web_url_loader_impl.cc:871:7 (content_browsertests+0x00000470692d)
    #21 content::WebURLLoaderImpl::Context::HandleDataURLTask::run() content/child/web_url_loader_impl.cc:330:7 (content_browsertests+0x000004707673)
    #22 scheduler::WebTaskRunnerImpl::runTask(scoped_ptr<blink::WebTaskRunner::Task, std::__1::default_delete<blink::WebTaskRunner::Task> >) components/scheduler/child/web_task_runner_impl.cc:68:3 (content_browsertests+0x0000047362bd)
    #23 Run<scoped_ptr<blink::WebTaskRunner::Task, std::__1::default_delete<blink::WebTaskRunner::Task> > > base/bind_internal.h:159:12 (content_browsertests+0x000004736710)
    #24 MakeItSo<scoped_ptr<blink::WebTaskRunner::Task, std::__1::default_delete<blink::WebTaskRunner::Task> > > base/bind_internal.h:301 (content_browsertests+0x000004736710)
    #25 base::internal::Invoker<base::IndexSequence<0ul>, base::internal::BindState<base::internal::RunnableAdapter<void (*)(scoped_ptr<blink::WebTaskRunner::Task, std::__1::default_delete<blink::WebTaskRunner::Task> >)>, void (scoped_ptr<blink::WebTaskRunner::Task, std::__1::default_delete<blink::WebTaskRunner::Task> >), base::internal::PassedWrapper<scoped_ptr<blink::WebTaskRunner::Task, std::__1::default_delete<blink::WebTaskRunner::Task> > > >, base::internal::InvokeHelper<false, void, base::internal::RunnableAdapter<void (*)(scoped_ptr<blink::WebTaskRunner::Task, std::__1::default_delete<blink::WebTaskRunner::Task> >)> >, void ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:351 (content_browsertests+0x000004736710)
    #26 Run base/callback.h:394:12 (content_browsertests+0x000001083c5d)
    #27 base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&) base/debug/task_annotator.cc:51 (content_browsertests+0x000001083c5d)
    #28 scheduler::TaskQueueManager::ProcessTaskFromWorkQueue(scheduler::internal::WorkQueue*, scheduler::internal::TaskQueueImpl::Task*) components/scheduler/base/task_queue_manager.cc:288:3 (content_browsertests+0x000004741180)
    #29 scheduler::TaskQueueManager::DoWork(base::TimeTicks, bool) components/scheduler/base/task_queue_manager.cc:200:13 (content_browsertests+0x00000473f79f)
    #30 Run<const base::TimeTicks &, const bool &> base/bind_internal.h:181:12 (content_browsertests+0x0000047422e8)
    #31 MakeItSo<base::WeakPtr<scheduler::TaskQueueManager>, const base::TimeTicks &, const bool &> base/bind_internal.h:314 (content_browsertests+0x0000047422e8)
    #32 base::internal::Invoker<base::IndexSequence<0ul, 1ul, 2ul>, base::internal::BindState<base::internal::RunnableAdapter<void (scheduler::TaskQueueManager::*)(base::TimeTicks, bool)>, void (scheduler::TaskQueueManager*, base::TimeTicks, bool), base::WeakPtr<scheduler::TaskQueueManager>, base::TimeTicks, bool>, base::internal::InvokeHelper<true, void, base::internal::RunnableAdapter<void (scheduler::TaskQueueManager::*)(base::TimeTicks, bool)> >, void ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:351 (content_browsertests+0x0000047422e8)
    #33 Run base/callback.h:394:12 (content_browsertests+0x000001083c5d)
    #34 base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&) base/debug/task_annotator.cc:51 (content_browsertests+0x000001083c5d)
    #35 base::MessageLoop::RunTask(base::PendingTask const&) base/message_loop/message_loop.cc:476:3 (content_browsertests+0x000001004612)
    #36 base::MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) base/message_loop/message_loop.cc:485:5 (content_browsertests+0x000001004bad)
    #37 base::MessageLoop::DoWork() base/message_loop/message_loop.cc:597:13 (content_browsertests+0x000001004f95)
    #38 base::MessagePumpDefault::Run(base::MessagePump::Delegate*) base/message_loop/message_pump_default.cc:33:21 (content_browsertests+0x000001008701)
    #39 base::MessageLoop::RunHandler() base/message_loop/message_loop.cc:440:3 (content_browsertests+0x00000100400b)
    #40 base::RunLoop::Run() base/run_loop.cc:35:3 (content_browsertests+0x000001020916)
    #41 content::FrameLoadWaiter::Wait() content/public/test/frame_load_waiter.cc:19:3 (content_browsertests+0x000000c920ad)
    #42 content::RenderViewTest::LoadHTML(char const*) content/public/test/render_view_test.cc:251:3 (content_browsertests+0x000000c93686)
    #43 content::RenderViewImplTest_InsertCharacters_Test::TestBody() content/renderer/render_view_browsertest.cc:1749:5 (content_browsertests+0x0000007f4446)
    #44 HandleExceptionsInMethodIfSupported<testing::Test, void> testing/gtest/src/gtest.cc:2458:12 (content_browsertests+0x000000ea7f5c)
    #45 testing::Test::Run() testing/gtest/src/gtest.cc:2474 (content_browsertests+0x000000ea7f5c)
    #46 testing::TestInfo::Run() testing/gtest/src/gtest.cc:2656:5 (content_browsertests+0x000000ea8fe3)
    #47 testing::TestCase::Run() testing/gtest/src/gtest.cc:2774:5 (content_browsertests+0x000000ea98c8)
    #48 testing::internal::UnitTestImpl::RunAllTests() testing/gtest/src/gtest.cc:4647:11 (content_browsertests+0x000000eb2c82)
    #49 HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> testing/gtest/src/gtest.cc:2458:12 (content_browsertests+0x000000eb26e6)
    #50 testing::UnitTest::Run() testing/gtest/src/gtest.cc:4255 (content_browsertests+0x000000eb26e6)
    #51 RUN_ALL_TESTS testing/gtest/include/gtest/gtest.h:2237:10 (content_browsertests+0x000000cc1ee0)
    #52 base::TestSuite::Run() base/test/test_suite.cc:231 (content_browsertests+0x000000cc1ee0)
    #53 content::ContentTestLauncherDelegate::RunTestSuite(int, char**) content/test/content_test_launcher.cc:105:12 (content_browsertests+0x000000c09c2b)
    #54 content::LaunchTests(content::TestLauncherDelegate*, int, int, char**) content/public/test/test_launcher.cc:499:12 (content_browsertests+0x000000c9de9e)
    #55 main content/test/content_test_launcher.cc:131:10 (content_browsertests+0x000000c09bb2)

Comment 1 by dcheng@chromium.org, Mar 1 2016

Cc: haraken@chromium.org sigbjo...@opera.com

Looks like some race in Oilpan marking?

  Write of size 4 at 0x7d0800025a54 by main thread:
    #0 markPageUnused third_party/WebKit/Source/platform/heap/PageMemory.h:77:23 (content_browsertests+0x0000023593e6)
    #1 decommit third_party/WebKit/Source/platform/heap/PageMemory.h:184 (content_browsertests+0x0000023593e6)
    #2 blink::FreePagePool::addFreePage(int, blink::PageMemory*) third_party/WebKit/Source/platform/heap/PagePool.cpp:31 (content_browsertests+0x0000023593e6)


  Previous write of size 4 at 0x7d0800025a54 by thread T5:
    #0 markPageUnused third_party/WebKit/Source/platform/heap/PageMemory.h:77:23 (content_browsertests+0x0000023593e6)
    #1 decommit third_party/WebKit/Source/platform/heap/PageMemory.h:184 (content_browsertests+0x0000023593e6)
    #2 blink::FreePagePool::addFreePage(int, blink::PageMemory*) third_party/WebKit/Source/platform/heap/PagePool.cpp:31 (content_browsertests+0x0000023593e6)

T5 is the background parser thread. I don't see any oilpan CLs though... so I'm not sure what's going on here.

+haraken and +sigbjornf, any ideas?

Project Member

Comment 2 by bugdroid1@chromium.org, Mar 2 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/845040e25e15d3c747349c4549b794fde1559722

commit 845040e25e15d3c747349c4549b794fde1559722
Author: oshima <oshima@chromium.org>
Date: Wed Mar 02 00:44:13 2016

Suppress data race for  crbug.com/591217 

BUG= 591217 
TBR=dcheng@chromium.org

Review URL: https://codereview.chromium.org/1758463003

Cr-Commit-Position: refs/heads/master@{#378631}

[modify] https://crrev.com/845040e25e15d3c747349c4549b794fde1559722/build/sanitizers/tsan_suppressions.cc

Comment 3 by haraken@chromium.org, Mar 2 2016

Sigbjorn: Maybe https://codereview.chromium.org/1748363005/ is the culprit of the threading race?

Comment 4 by sigbjo...@opera.com, Mar 2 2016

It most definitely is. Unexpected thread interference, let me take in the details a bit first/next.

Project Member

Comment 5 by bugdroid1@chromium.org, Mar 2 2016

Labels: Merge-Merged-master1

The following revision refers to this bug:
  https://chrome-internal.googlesource.com/bling/chromium.git/+/845040e25e15d3c747349c4549b794fde1559722

commit 845040e25e15d3c747349c4549b794fde1559722
Author: oshima <oshima@chromium.org>
Date: Wed Mar 02 00:44:13 2016

Comment 6 by sigbjo...@opera.com, Mar 2 2016

Reverted https://codereview.chromium.org/1748363005/ in https://crrev.com/378756 , so the suppression can be reverted once bot results come through.

Will follow up with a clarifying code comment re: PageMemoryRegion "in-use" representation so as to prevent future mishaps.

Comment 7 by osh...@chromium.org, Mar 2 2016

Thanks.

BTW, the test started timing-out, so if it didn't help, I will just disable the test on msan bot. (and revert the suppression)

Project Member

Comment 8 by bugdroid1@chromium.org, Mar 3 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f306fbd26e12644faab71369d2a1e7c248115048

commit f306fbd26e12644faab71369d2a1e7c248115048
Author: oshima <oshima@chromium.org>
Date: Thu Mar 03 02:20:07 2016

Revert of Suppress data race for  crbug.com/591217  (patchset #1 id:1 of https://codereview.chromium.org/1758463003/ )

Reason for revert:
Culprit CL has been reverted.

Original issue's description:
> Suppress data race for  crbug.com/591217 
>
> BUG= 591217 
> TBR=dcheng@chromium.org
>
> Committed: https://crrev.com/845040e25e15d3c747349c4549b794fde1559722
> Cr-Commit-Position: refs/heads/master@{#378631}

TBR=dcheng@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG= 591217 

Review URL: https://codereview.chromium.org/1755813004

Cr-Commit-Position: refs/heads/master@{#378920}

[modify] https://crrev.com/f306fbd26e12644faab71369d2a1e7c248115048/build/sanitizers/tsan_suppressions.cc

Comment 9 by sigbjo...@opera.com, Mar 3 2016

Status: Fixed (was: Assigned)

Project Member

Comment 10 by bugdroid1@chromium.org, Mar 3 2016

Labels: merge-merged-2666

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f306fbd26e12644faab71369d2a1e7c248115048

commit f306fbd26e12644faab71369d2a1e7c248115048
Author: oshima <oshima@chromium.org>
Date: Thu Mar 03 02:20:07 2016

Revert of Suppress data race for  crbug.com/591217  (patchset #1 id:1 of https://codereview.chromium.org/1758463003/ )

Reason for revert:
Culprit CL has been reverted.

Original issue's description:
> Suppress data race for  crbug.com/591217 
>
> BUG= 591217 
> TBR=dcheng@chromium.org
>
> Committed: https://crrev.com/845040e25e15d3c747349c4549b794fde1559722
> Cr-Commit-Position: refs/heads/master@{#378631}

TBR=dcheng@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG= 591217 

Review URL: https://codereview.chromium.org/1755813004

Cr-Commit-Position: refs/heads/master@{#378920}

[modify] https://crrev.com/f306fbd26e12644faab71369d2a1e7c248115048/build/sanitizers/tsan_suppressions.cc

Project Member

Comment 11 by bugdroid1@chromium.org, Mar 4 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/952c987b1f6344ea202e6140b7cc32a5b7c61b9f

commit 952c987b1f6344ea202e6140b7cc32a5b7c61b9f
Author: sigbjornf <sigbjornf@opera.com>
Date: Fri Mar 04 06:30:55 2016

Avoid PageMemoryRegion::m_numPages data race.

R=haraken
BUG= 591217 

Review URL: https://codereview.chromium.org/1762093002

Cr-Commit-Position: refs/heads/master@{#379228}

[modify] https://crrev.com/952c987b1f6344ea202e6140b7cc32a5b7c61b9f/third_party/WebKit/Source/platform/heap/PageMemory.cpp
[modify] https://crrev.com/952c987b1f6344ea202e6140b7cc32a5b7c61b9f/third_party/WebKit/Source/platform/heap/PageMemory.h

Comment 12 by tkent@chromium.org, Apr 12 2016

Components: -Blink>Memory Blink

Remove unofficial Blink>Memory component.

►

Issue 591217 link

Issue metadata

data race in RenderViewImplTest.InsertCharacters/OnHandleKeyboardEvent

Issue description

Comment 1 by dcheng@chromium.org, Mar 1 2016

Comment 1 Deleted

Comment 2 by bugdroid1@chromium.org, Mar 2 2016

Comment 2 Deleted

Comment 3 by haraken@chromium.org, Mar 2 2016

Comment 3 Deleted

Comment 4 by sigbjo...@opera.com, Mar 2 2016

Comment 4 Deleted

Comment 5 by bugdroid1@chromium.org, Mar 2 2016

Comment 5 Deleted

Comment 6 by sigbjo...@opera.com, Mar 2 2016

Comment 6 Deleted

Comment 7 by osh...@chromium.org, Mar 2 2016

Comment 7 Deleted

Comment 8 by bugdroid1@chromium.org, Mar 3 2016

Comment 8 Deleted

Comment 9 by sigbjo...@opera.com, Mar 3 2016

Comment 9 Deleted

Comment 10 by bugdroid1@chromium.org, Mar 3 2016

Comment 10 Deleted

Comment 11 by bugdroid1@chromium.org, Mar 4 2016

Comment 11 Deleted

Comment 12 by tkent@chromium.org, Apr 12 2016

Comment 12 Deleted

Sign in to add a comment