Data race in cc::TaskState::DidStart |
||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5125589560459264 Fuzzer: attekett_dom_fuzzer Job Type: linux_tsan_chrome_mp Platform Id: linux Crash Type: Data race WRITE 2 Crash Address: 0x7d30000174cc Crash State: cc::TaskState::DidStart cc::TaskGraphWorkQueue::GetNextTaskToRun content::RasterWorkerPool::RunTaskInCategoryWithLockAcquired Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_tsan_chrome_mp&range=396125:396253 Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97NqpRlvE4Pxuf-U1bjWPnBFTLYhbcf6tg7I4IFB8MdSAxBCb-e4FpwYCHu0g9fL4PaJ-SinuCYIaR0_V-0XuEBfd97mAKliGfjUcM8xWlwY_R407qUXg5Vny4sy84tj5pJKM-f2z2PsN9Ka4vpM-asWj9ylpX0UwAN7pwGU0EjJGHNVqI Filer: nyerramilli See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
May 27 2016
The callstack is involving my related changes, but let me see how can I reproduce this.
,
May 27 2016
Few links from https://cluster-fuzz.appspot.com/testcase?key=5125589560459264, I'm not able to access (not authorized error). reveman@, would you pls. assist me on how I can reproduce this locally on my computer?
,
May 27 2016
nyerramilli@, Can you pls. run this once again on latest code?
,
May 30 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/535763c29025109f45c9230ca57e35e535a1175a commit 535763c29025109f45c9230ca57e35e535a1175a Author: prashant.n <prashant.n@samsung.com> Date: Mon May 30 17:39:00 2016 cc: Fix data race in cc::TaskState::IsFinished. The https://codereview.chromium.org/1866043006/ caused data race, as the worker and origin threads try to access the Task::state() at the same time. The member to be accessed on origin thread is now kept different as it was previously. Now Task::state() is used in worker thread. It also used in origin thread, when it is safe to be used. e.g. Task has been processed completely by task graph runner. BUG= 615809 , 615340 CQ_INCLUDE_TRYBOTS=tryserver.blink:linux_blink_rel Review-Url: https://codereview.chromium.org/2018353005 Cr-Commit-Position: refs/heads/master@{#396741} [modify] https://crrev.com/535763c29025109f45c9230ca57e35e535a1175a/cc/raster/raster_buffer_provider_perftest.cc [modify] https://crrev.com/535763c29025109f45c9230ca57e35e535a1175a/cc/raster/tile_task.cc [modify] https://crrev.com/535763c29025109f45c9230ca57e35e535a1175a/cc/raster/tile_task.h [modify] https://crrev.com/535763c29025109f45c9230ca57e35e535a1175a/cc/test/fake_tile_task_manager.cc [modify] https://crrev.com/535763c29025109f45c9230ca57e35e535a1175a/cc/test/test_tile_task_runner.cc [modify] https://crrev.com/535763c29025109f45c9230ca57e35e535a1175a/cc/tiles/tile_manager.cc [modify] https://crrev.com/535763c29025109f45c9230ca57e35e535a1175a/cc/tiles/tile_task_manager.cc
,
May 31 2016
,
Oct 18 2016
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
||||
►
Sign in to add a comment |
||||
Comment 1 by nyerramilli@chromium.org
, May 27 2016Components: Tools>Test>FindIt>NoResult
Labels: findit-wrong M-51 Te-Logged
Owner: prashan...@samsung.com
Status: Assigned (was: Available)