New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 601743 link

Starred by 2 users
Status: WontFix
Owner:
apaci...@chromium.org
no longer active
Closed: Jul 10
Cc:
stevet@chromium.org
rdevlin....@chromium.org
isherman@chromium.org
lazyboy@chromium.org
roc...@chromium.org
jamescook@chromium.org
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 3
Type: Bug



Sign in to add a comment

Dr.Memory reports flaky NULL derefs in PlatformAppBrowserTest::InstallPlatformApp()

Project Member Reported by glider@chromium.org, Apr 8 2016 
See https://build.chromium.org/p/chromium.memory.fyi/builders/Windows%20Browser%20%28DrMemory%20full%29%20%288%29/builds/5271/steps/memory%20test%3A%20browser_tests_2/logs/stdio

 Below is the report for drmemory wrapper PID=3360_3.
 It was used while running the `ExtensionViewTest.ShimSrcAttribute` test.
-----------------------------------------------------
Suppressions used:
  count name
      1 bug_347967_all_osmesa
      1 bug_493167
      1 bug_571553
      1 https://github.com/DynamoRIO/drmemory/issues/113 rpcrt4.dll wildcard
      1 https://github.com/DynamoRIO/drmemory/issues/18 d
      1 https://github.com/DynamoRIO/drmemory/issues/412 h
      1 https://github.com/DynamoRIO/drmemory/issues/513 d
      1 https://github.com/DynamoRIO/dynamorio/issues/1443 (another instance)
      2 bug_580636_a
      2 bug_594829a
      2 bug_594829b
      2 http://crbug.com/371368
      3 bug_595093b
      3 bug_595149
      6 bug_595093a
      8 https://github.com/DynamoRIO/drmemory/issues/512 b
     12 https://github.com/DynamoRIO/drmemory/issues/68 a
     13 https://github.com/DynamoRIO/drmemory/issues/412 c
     14 http://crbug.com/487500b
     16 http://crbug.com/346993
     18 http://crbug.com/371942
     36  http://crbug.com/379000 
     66 http://crbug.com/449989
     81 http://crbug.com/371357
    628 sqlite3_randomness A
-----------------------------------------------------
13:09:51 drmemory_analyze.py [INFO] Found 3 error reports
13:09:51 drmemory_analyze.py [INFO] Report #1
### BEGIN MEMORY TOOL REPORT (error hash=#252F3C37BF5E304B#)
UNADDRESSABLE ACCESS: reading 0x0000013c-0x00000140 4 byte(s)
# 0 extensions::Extension::id                                                  [extensions\common\extension.cc:394]
# 1 ExtensionViewTest_ShimSrcAttribute_Test::RunTestOnMainThread               [chrome\browser\apps\guest_view\extension_view\extension_view_browsertest.cc:100]
# 2 InProcessBrowserTest::RunTestOnMainThreadLoop                              [chrome\test\base\in_process_browser_test.cc:559]
# 3 content::BrowserTestBase::ProxyRunTestOnMainThreadLoop                     [content\public\test\browser_test_base.cc:309]
# 4 ChromeBrowserMainParts::PreMainMessageLoopRunImpl                          [chrome\browser\chrome_browser_main.cc:1800]
# 5 ChromeBrowserMainParts::PreMainMessageLoopRun                              [chrome\browser\chrome_browser_main.cc:1156]
# 6 content.dll!content::BrowserMainLoop::PreMainMessageLoopRun                [content\browser\browser_main_loop.cc:928]
# 7 content.dll!base::internal::Invoker<>::Run                                 [base\bind_internal.h:362]
# 8 content.dll!content::StartupTaskRunner::RunAllTasksNow                     [content\browser\startup_task_runner.cc:45]
# 9 content.dll!content::BrowserMainLoop::CreateStartupTasks                   [content\browser\browser_main_loop.cc:801]
#10 content.dll!content::BrowserMainRunnerImpl::Initialize                     [content\browser\browser_main_runner.cc:139]
#11 content.dll!content::BrowserMain                                           [content\browser\browser_main.cc:41]
#12 content.dll!content::RunNamedProcessTypeMain                               [content\app\content_main_runner.cc:380]
#13 content.dll!content::ContentMainRunnerImpl::Run                            [content\app\content_main_runner.cc:741]
#14 content.dll!content::ContentMain                                           [content\app\content_main.cc:19]
#15 content::BrowserTestBase::SetUp                                            [content\public\test\browser_test_base.cc:282]
#16 InProcessBrowserTest::SetUp                                                [chrome\test\base\in_process_browser_test.cc:254]
#17 testing::internal::HandleExceptionsInMethodIfSupported<>                   [testing\gtest\src\gtest.cc:2458]
Note: @0:04:53.587 in thread 4716
Note: instruction: mov    0x0000013c(%ecx) -> %eax
The report came from the `ExtensionViewTest.ShimSrcAttribute` test.
Suppression (error hash=#252F3C37BF5E304B#):
  For more info on using suppressions see http://dev.chromium.org/developers/how-tos/using-drmemory#TOC-Suppressing-error-reports-from-the-
{
UNADDRESSABLE ACCESS
name=<insert_a_suppression_name_here>
*!extensions::Extension::id
*!ExtensionViewTest_ShimSrcAttribute_Test::RunTestOnMainThread
*!InProcessBrowserTest::RunTestOnMainThreadLoop
*!content::BrowserTestBase::ProxyRunTestOnMainThreadLoop
*!ChromeBrowserMainParts::PreMainMessageLoopRunImpl
*!ChromeBrowserMainParts::PreMainMessageLoopRun
content.dll!content::BrowserMainLoop::PreMainMessageLoopRun
content.dll!base::internal::Invoker<>::Run
content.dll!content::StartupTaskRunner::RunAllTasksNow
content.dll!content::BrowserMainLoop::CreateStartupTasks
content.dll!content::BrowserMainRunnerImpl::Initialize
content.dll!content::BrowserMain
content.dll!content::RunNamedProcessTypeMain
content.dll!content::ContentMainRunnerImpl::Run
content.dll!content::ContentMain
*!content::BrowserTestBase::SetUp
*!InProcessBrowserTest::SetUp
*!testing::internal::HandleExceptionsInMethodIfSupported<>
}
### END MEMORY TOOL REPORT (error hash=#252F3C37BF5E304B#)

Comment 1 by lazyboy@chromium.org, Apr 8 2016 

It's strange that the complaint is |skeleton_app| is 0x0 here:

IN_PROC_BROWSER_TEST_F(ExtensionViewTest, ShimSrcAttribute) {
  const extensions::Extension* skeleton_app =
      InstallPlatformApp("extension_view/skeleton");
  TestHelper("testSrcAttribute", "extension_view/src_attribute",
             skeleton_app->id(), "");
}

The next build 5272 was green [1], was there a suppression added already? I can't seem to find any CL.

[1] https://build.chromium.org/p/chromium.memory.fyi/builders/Windows%20Browser%20%28DrMemory%20full%29%20%288%29/builds/5272/

Comment 2 by glider@chromium.org, Jun 9 2016

Cc: stevet@chromium.org jamescook@chromium.org
Summary: Dr.Memory reports flaky NULL derefs in PlatformAppBrowserTest::InstallPlatformApp() (was: Dr.Memory reports a NULL deref in ExtensionViewTest.ShimSrcAttribute)
I've noticed another NULL deref in a different test at https://build.chromium.org/p/chromium.memory.fyi/builders/Windows%20Browser%20%28DrMemory%20full%29%20%283%29/builds/6086/steps/memory%20test%3A%20browser_tests/logs/stdio:

[ RUN      ] AppViewTests/AppViewTest.TestAppViewMultipleConnects/1
[3716:1828:0609/052741:WARNING:chrome_browser_main_win.cc(420)] Command line too long for RegisterApplicationRestart
c:\b\build\slave\drm-cr\build\src\chrome\browser\apps\app_browsertest_util.cc(95): error: Value of: extension
  Actual: false
Expected: true
~~Dr.M~~ 
~~Dr.M~~ Error #1: UNADDRESSABLE ACCESS: reading 0x0000013c-0x00000140 4 byte(s)
~~Dr.M~~ # 0 extensions::Extension::id                                                  [extensions\common\extension.cc:393]
~~Dr.M~~ # 1 AppViewTest_TestAppViewMultipleConnects_Test::RunTestOnMainThread          [chrome\browser\apps\guest_view\app_view_browsertest.cc:193]
~~Dr.M~~ # 2 InProcessBrowserTest::RunTestOnMainThreadLoop                              [chrome\test\base\in_process_browser_test.cc:544]
~~Dr.M~~ # 3 content::BrowserTestBase::ProxyRunTestOnMainThreadLoop                     [content\public\test\browser_test_base.cc:333]
~~Dr.M~~ # 4 ChromeBrowserMainParts::PreMainMessageLoopRunImpl                          [chrome\browser\chrome_browser_main.cc:1845]
~~Dr.M~~ # 5 ChromeBrowserMainParts::PreMainMessageLoopRun                              [chrome\browser\chrome_browser_main.cc:1165]
~~Dr.M~~ # 6 content.dll!content::BrowserMainLoop::PreMainMessageLoopRun                [content\browser\browser_main_loop.cc:941]
~~Dr.M~~ # 7 content.dll!content::StartupTaskRunner::RunAllTasksNow                     [content\browser\startup_task_runner.cc:45]
~~Dr.M~~ # 8 content.dll!content::BrowserMainLoop::CreateStartupTasks                   [content\browser\browser_main_loop.cc:831]
~~Dr.M~~ # 9 content.dll!content::BrowserMainRunnerImpl::Initialize                     [content\browser\browser_main_runner.cc:139]
~~Dr.M~~ #10 content.dll!content::BrowserMain                                           [content\browser\browser_main.cc:42]
~~Dr.M~~ #11 content.dll!content::RunNamedProcessTypeMain                               [content\app\content_main_runner.cc:420]
~~Dr.M~~ #12 content.dll!content::ContentMainRunnerImpl::Run                            [content\app\content_main_runner.cc:787]
~~Dr.M~~ #13 content.dll!content::ContentMain                                           [content\app\content_main.cc:20]
~~Dr.M~~ #14 content::BrowserTestBase::SetUp                                            [content\public\test\browser_test_base.cc:306]
~~Dr.M~~ #15 InProcessBrowserTest::SetUp                                                [chrome\test\base\in_process_browser_test.cc:238]
~~Dr.M~~ #16 testing::internal::HandleExceptionsInMethodIfSupported<>                   [testing\gtest\src\gtest.cc:2458]
~~Dr.M~~ Note: @0:02:31.188 in thread 1828
~~Dr.M~~ Note: instruction: mov    0x0000013c(%ecx) -> %eax
Backtrace:
	extensions::Extension::id [0x0320C010+0] (c:\b\build\slave\drm-cr\build\src\extensions\common\extension.cc:393)
	AppViewTest_TestAppViewMultipleConnects_Test::RunTestOnMainThread [0x015F36C1+113] (c:\b\build\slave\drm-cr\build\src\chrome\browser\apps\guest_view\app_view_browsertest.cc:193)
	InProcessBrowserTest::RunTestOnMainThreadLoop [0x028066FA+138] (c:\b\build\slave\drm-cr\build\src\chrome\test\base\in_process_browser_test.cc:549)
	content::BrowserTestBase::ProxyRunTestOnMainThreadLoop [0x02866918+232] (c:\b\build\slave\drm-cr\build\src\content\public\test\browser_test_base.cc:335)
	ChromeBrowserMainParts::PreMainMessageLoopRunImpl [0x0211452E+3502] (c:\b\build\slave\drm-cr\build\src\chrome\browser\chrome_browser_main.cc:1846)
	ChromeBrowserMainParts::PreMainMessageLoopRun [0x02113703+163] (c:\b\build\slave\drm-cr\build\src\chrome\browser\chrome_browser_main.cc:1165)
	content::BrowserMainLoop::PreMainMessageLoopRun [0x68A41085+181] (c:\b\build\slave\drm-cr\build\src\content\browser\browser_main_loop.cc:942)
	content::StartupTaskRunner::RunAllTasksNow [0x68E2C7D0+32] (c:\b\build\slave\drm-cr\build\src\content\browser\startup_task_runner.cc:45)
	content::BrowserMainLoop::CreateStartupTasks [0x68A3E2B2+466] (c:\b\build\slave\drm-cr\build\src\content\browser\browser_main_loop.cc:833)
	content::BrowserMainRunnerImpl::Initialize [0x68A437D8+792] (c:\b\build\slave\drm-cr\build\src\content\browser\browser_main_runner.cc:140)
	content::BrowserMain [0x68A3A4E8+136] (c:\b\build\slave\drm-cr\build\src\content\browser\browser_main.cc:42)
	content::RunNamedProcessTypeMain [0x68940650+256] (c:\b\build\slave\drm-cr\build\src\content\app\content_main_runner.cc:420)
	content::ContentMainRunnerImpl::Run [0x689404C8+184] (c:\b\build\slave\drm-cr\build\src\content\app\content_main_runner.cc:787)
	content::ContentMain [0x689397E3+35] (c:\b\build\slave\drm-cr\build\src\content\app\content_main.cc:20)
	content::BrowserTestBase::SetUp [0x028673AF+1471] (c:\b\build\slave\drm-cr\build\src\content\public\test\browser_test_base.cc:306)
	InProcessBrowserTest::SetUp [0x02806B71+257] (c:\b\build\slave\drm-cr\build\src\chrome\test\base\in_process_browser_test.cc:238)
	testing::internal::HandleExceptionsInMethodIfSupported<testing::Test,void> [0x02A474C0+32] (c:\b\build\slave\drm-cr\build\src\testing\gtest\src\gtest.cc:2460)
	testing::Test::Run [0x02A59B03+51] (c:\b\build\slave\drm-cr\build\src\testing\gtest\src\gtest.cc:2470)
	testing::TestInfo::Run [0x02A59D25+133] (c:\b\build\slave\drm-cr\build\src\testing\gtest\src\gtest.cc:2660)
	testing::TestCase::Run [0x02A59C0F+143] (c:\b\build\slave\drm-cr\build\src\testing\gtest\src\gtest.cc:2774)
	testing::internal::UnitTestImpl::RunAllTests [0x02A5A09E+462] (c:\b\build\slave\drm-cr\build\src\testing\gtest\src\gtest.cc:4647)
	testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl,bool> [0x02A47550+32] (c:\b\build\slave\drm-cr\build\src\testing\gtest\src\gtest.cc:2460)
	testing::UnitTest::Run [0x02A59E6E+190] (c:\b\build\slave\drm-cr\build\src\testing\gtest\src\gtest.cc:4255)
	base::TestSuite::Run [0x02833704+132] (c:\b\build\slave\drm-cr\build\src\base\test\test_suite.cc:230)
	ChromeTestSuiteRunner::RunTestSuite [0x027AE638+40] (c:\b\build\slave\drm-cr\build\src\chrome\test\base\chrome_test_launcher.cc:58)
	content::LaunchTests [0x044DB9D9+617] (c:\b\build\slave\drm-cr\build\src\content\public\test\test_launcher.cc:517)
	LaunchChromeTests [0x027AE5C3+51] (c:\b\build\slave\drm-cr\build\src\chrome\test\base\chrome_test_launcher.cc:114)
	main [0x01F989B2+66] (c:\b\build\slave\drm-cr\build\src\chrome\test\base\browser_tests_main.cc:25)
	__scrt_common_main_seh [0x050E244E+255] (f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:255)
	BaseThreadInitThunk [0x7689337A+18]
	RtlInitializeExceptionChain [0x77A192B2+99]
	RtlInitializeExceptionChain [0x77A19285+54]
~~Dr.M~~ WARNING: application exited with abnormal code 0xc0000005

For some reason InstallPlatformApp("app_view/shim/skeleton") also sometimes returns NULL, which results in flaky crashes.

Comment 3 by jamescook@chromium.org, Jun 9 2016

Cc: roc...@chromium.org
It's been about 18 months since I've been in the extensions code, but I vaguely recall we sometimes randomly fail to load an extension off disk during tests. I don't know why, or if anyone has investigated.

+rockot - does this sound familiar?

Comment 4 by roc...@chromium.org, Jun 9 2016

Cc: rdevlin....@chromium.org
That doesn't sound familiar to me, but it does sound plausible.

Comment 5 by apaci...@chromium.org, Jul 10

Status: WontFix (was: Assigned)

Sign in to add a comment