Find it tools information
==================
Analysis of failed component others is not supported by Findit.

Suspected Project: others
===========================
Through code search on file "request_context.cc" seen some recent changes to the file.

Possible suspect 
===========
https://chromium.googlesource.com/chromium/src/+/6aca885ca93bb6194e67be3c62ac409745595e3c%5E%21/

rockot @ Could you please look into this issue if it is related to your change,else please route this to an appropriate owner for this issue.

Thanks,

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/6897439afeea04f28bb3bc2f9573d47b1e232eeb

commit 6897439afeea04f28bb3bc2f9573d47b1e232eeb
Author: rockot <rockot@chromium.org>
Date: Mon May 02 00:02:05 2016

Fix lock-order-inversion in ChannelMojo

The following lock sequences are possible:

 1. ChannelMojo lock (A) is held for Connect when calling
    bootstrap_->Connect(), which in turn binds the
    Binding, starting a MojoWatch which locks the internal
    lock (B) for the watcher. So A => B.

 2. An incoming IPC wakes the watcher (B) and calls
    SyncMessageFilter::OnMessageReceived which locks SMF's
    lock (C). So B => C.

 3. Sending an IPC locks SMF's lock (C) and then locks
    ChannelMojo's lock (A) while holding C. So C => A.

This CL eliminates the A => B => C => A cycle by avoiding
case 1. There's no need to hold ChannelMojo's lock while
connecting the Bootstrap.

BUG= 606701 
R=amistry@chromium.org

Review-Url: https://codereview.chromium.org/1937733002
Cr-Commit-Position: refs/heads/master@{#390880}

[modify] https://crrev.com/6897439afeea04f28bb3bc2f9573d47b1e232eeb/ipc/mojo/ipc_channel_mojo.cc

ClusterFuzz has detected this issue as fixed in range 390873:390881.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6018778516684800

Fuzzer: tokenfuzz_pdf_march16
Job Type: linux_tsan_chrome_mp
Platform Id: linux

Crash Type: Lock-order-inversion
Crash Address: 
Crash State:
  pthread_mutex_lock
  base::internal::LockImpl::Lock
  mojo::edk::Watcher::MaybeInvokeCallback
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_tsan_chrome_mp&range=389460:389506
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_tsan_chrome_mp&range=390873:390881

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97QddLzEKnxaKTL_jEgTFWoKQnbhMribnKn7w61Q7U5pAvsQiE7_sbMVtWp1C2cgZ25Pac8Qfk4N9HiEZ2MqCk5RZ6YuhksUNTmT3YR9EfZY-bVFiy3gYRdduMTme6K9ze8TRccwDF2HnmrRH5-EoGXdYrs7xKvuGiKyV5tM4YopHLkybs


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot