LSAN leak in extensions_unittests:SerialApiTest.SetControlSignals |
|||||||
Issue descriptionSee https://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_asan_rel_ng/builds/142216 SerialApiTest.SetControlSignals (run #1): [ RUN ] SerialApiTest.SetControlSignals [16214:16214:0407/041450:41728261375:WARNING:console.cc(109)] Could not log "[SUCCESS] testSetControlSignals": no render frame found [ OK ] SerialApiTest.SetControlSignals (1354 ms) [----------] 1 test from SerialApiTest (1354 ms total) [----------] Global test environment tear-down [==========] 1 test from 1 test case ran. (1355 ms total) [ PASSED ] 1 test. ================================================================= ==16214==ERROR: LeakSanitizer: detected memory leaks Direct leak of 640 byte(s) in 10 object(s) allocated from: #0 0x54d05b in operator new(unsigned long) (/tmp/runY50y7p/out/Release/extensions_unittests+0x54d05b) #1 0xe4a413 in Create mojo/edk/js/handle.h:30:39 #2 0xe4a413 in gin::Converter<mojo::Handle, void>::ToV8(v8::Isolate*, mojo::Handle const&) mojo/edk/js/handle.cc:53 #3 0xb49e9f in ConvertToV8<mojo::Handle> gin/converter.h:211:10 #4 0xb49e9f in TryConvertToV8 gin/converter.h:239 #5 0xb49e9f in TryConvertToV8<mojo::Handle> gin/converter.h:248 #6 0xb49e9f in Return<mojo::Handle> gin/arguments.h:72 #7 0xb49e9f in DispatchToCallback<mojo::Handle> gin/function_template.h:176 #8 0xb49e9f in gin::internal::Dispatcher<mojo::Handle (extensions::TestServiceProvider*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)>::DispatchToCallback(v8::FunctionCallbackInfo<v8::Value> const&) gin/function_template.h:217 #9 0x41603dd in v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) v8/src/api-arguments.cc:16:3 #10 0x3216f33 in v8::internal::MaybeHandle<v8::internal::Object> v8::internal::(anonymous namespace)::HandleApiCallHelper<false>(v8::internal::Isolate*, v8::internal::(anonymous namespace)::BuiltinArguments<(v8::internal::BuiltinExtraArguments)1>) v8/src/builtins.cc:4344:29 #11 0x32b1b25 in v8::internal::Builtin_Impl_HandleApiCall(v8::internal::(anonymous namespace)::BuiltinArguments<(v8::internal::BuiltinExtraArguments)1>, v8::internal::Isolate*) v8/src/builtins.cc:4362:3 #12 0x324834c in v8::internal::Builtin_HandleApiCall(int, v8::internal::Object**, v8::internal::Isolate*) v8/src/builtins.cc:4359:1 #13 0x7fddd5b09326 (<unknown module>) #14 0x7fddd5c5a3f5 (<unknown module>) #15 0x7fddd5b34a9a (<unknown module>) #16 0x7fddd5c5a29a (<unknown module>) #17 0x7fddd5c5a1af (<unknown module>) #18 0x7fddd5c596a5 (<unknown module>) #19 0x7fddd5c59316 (<unknown module>) #20 0x7fddd5b3c2e2 (<unknown module>) #21 0x7fddd5b24cae (<unknown module>) #22 0x3781ff1 in v8::internal::(anonymous namespace)::Invoke(v8::internal::Isolate*, bool, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*, v8::internal::Handle<v8::internal::Object>) v8/src/execution.cc:97:13 #23 0x3781664 in v8::internal::Execution::Call(v8::internal::Isolate*, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*) v8/src/execution.cc:153:10 #24 0x3782a3b in v8::internal::Execution::TryCall(v8::internal::Isolate*, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*, v8::internal::MaybeHandle<v8::internal::Object>*) v8/src/execution.cc:191:20 #25 0x3a020da in v8::internal::Isolate::RunMicrotasksInternal() v8/src/isolate.cc:2784:5 #26 0x3a0083f in v8::internal::Isolate::RunMicrotasks() v8/src/isolate.cc:2769:3 #27 0xb473be in extensions::ApiTestEnvironment::RunPromisesAgain() extensions/renderer/api_test_base.cc:217:3 #28 0xc97091 in Run base/callback.h:397:12 #29 0xc97091 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&) base/debug/task_annotator.cc:51 #30 0xbb52d3 in base::MessageLoop::RunTask(base::PendingTask const&) base/message_loop/message_loop.cc:479:3 #31 0xbb5ea5 in base::MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) base/message_loop/message_loop.cc:488:5 #32 0xbb67fc in base::MessageLoop::DoWork() base/message_loop/message_loop.cc:600:13 #33 0xbbee8c in base::MessagePumpDefault::Run(base::MessagePump::Delegate*) base/message_loop/message_pump_default.cc:33:21 #34 0xbb44d9 in base::MessageLoop::RunHandler() base/message_loop/message_loop.cc:443:3 #35 0xbe9afa in base::RunLoop::Run() base/run_loop.cc:35:3 #36 0xb46be7 in extensions::ApiTestEnvironment::RunTest(std::__1::basic_string<char, std::__1::char_traits<char>, s
,
Apr 7 2016
,
Apr 7 2016
Note that links to build logs are short lived. Here are some repro instructions: In a chromium checkout: git checkout e939d0314bc6ae82b04def09c58972ab121de51e GYP_GENERATORS=ninja GYP_DEFINES='asan=1 clang=1 component=static_library dcheck_always_on=1 fastbuild=1 lsan=1 target_arch=x64 test_isolation_mode=noop use_goma=1' gclient sync --revision src/v8@d2eb555ee11f54ca6b227839831ca5419cf2287e ninja -C out/Release -j1000 extensions_unittests testing/xvfb.py out/Release out/Release/extensions_unittests --brave-new-test-launcher --test-launcher-bot-mode --asan=1 --test-launcher-print-test-stdio=always --test-launcher-batch-limit=1 --lsan=1 --gtest_filter=SerialApiTest.SetControlSignals
,
Apr 7 2016
,
Apr 7 2016
FYI: The v8-side commit that revealed the behavior: https://chromium.googlesource.com/v8/v8/+/d2eb555ee11f54ca6b227839831ca5419cf2287e
,
Apr 7 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e80910d680dc22e174bd35ddbfae2c4e6843c53f commit e80910d680dc22e174bd35ddbfae2c4e6843c53f Author: hablich <hablich@chromium.org> Date: Thu Apr 07 13:50:50 2016 Suppress a leak report in mojo's mojo/edk/js/handle.h BUG= chromium:601435 R=glider@chromium.org,machenbach@chromium.org Review URL: https://codereview.chromium.org/1867003002 Cr-Commit-Position: refs/heads/master@{#385743} [modify] https://crrev.com/e80910d680dc22e174bd35ddbfae2c4e6843c53f/build/sanitizers/lsan_suppressions.cc
,
Apr 7 2016
Hi, Sam. Is this something that you are familiar with? Please feel free to reassign if you are not the right owner. Thanks!
,
Jun 8 2016
This seems to be caused by gin::Wrappable objects not being deleted. Oddly enough, storing the handles that were lost somewhere (https://codereview.chromium.org/2044183004/diff/1/mojo/public/js/connector.js and https://codereview.chromium.org/2044183004/diff/1/extensions/renderer/resources/keep_alive.js) causes them to be cleaned up properly and makes this leak go away. On the other hand, if a handle is created and becomes eligible for cleanup too early (https://codereview.chromium.org/2044183004/diff/1/extensions/renderer/resources/serial_service.js with the 7 changed into a 6), those don't get cleaned up when the GC runs at the end of the test. I don't see anything specific to mojo here.
,
May 29 2017
,
Dec 5 2017
The old JS bindings is no longer used. |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by hablich@chromium.org
, Apr 7 2016