Data race in blink::SQLTransactionBackend::getNextStatement |
||||||||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5520833347059712 Fuzzer: inferno_layout_test_unmodified Job Type: linux_tsan_chrome_mp Platform Id: linux Crash Type: Data race ATOMIC WRITE 8 Crash Address: 0x7e97c31793f0 Crash State: blink::SQLTransactionBackend::getNextStatement blink::SQLTransactionBackend::runStatements blink::SQLTransactionBackend::performNextStep Minimized Testcase (0.27 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96HgbAfnnSJ64y7qFI99B7AuZxV3vmi1krad1ZIkIhe-5TFZd8hMk4G4pSmvHI_GJAgbUmDmJWvCtTHQTjjsDPzgUxEhRMQxzHTn-gPOUiUmB3WHcLXi-7EAbNPrraGtoa-CN6pWQZ7sxbPn_KKu6Rws6RFKg Filer: ashejole See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jun 10 2016
,
Jul 6 2016
ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5520833347059712 Fuzzer: inferno_layout_test_unmodified Job Type: linux_tsan_chrome_mp Platform Id: linux Crash Type: Data race ATOMIC WRITE 8 Crash Address: 0x7e97c31793f0 Crash State: blink::SQLTransactionBackend::getNextStatement blink::SQLTransactionBackend::runStatements blink::SQLTransactionBackend::performNextStep Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_tsan_chrome_mp&range=398496:398598 Minimized Testcase (0.27 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96HgbAfnnSJ64y7qFI99B7AuZxV3vmi1krad1ZIkIhe-5TFZd8hMk4G4pSmvHI_GJAgbUmDmJWvCtTHQTjjsDPzgUxEhRMQxzHTn-gPOUiUmB3WHcLXi-7EAbNPrraGtoa-CN6pWQZ7sxbPn_KKu6Rws6RFKg?testcase_id=5520833347059712 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jul 6 2016
ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5520833347059712 Fuzzer: inferno_layout_test_unmodified Job Type: linux_tsan_chrome_mp Platform Id: linux Crash Type: Data race ATOMIC WRITE 8 Crash Address: 0x7e97c31793f0 Crash State: blink::SQLTransactionBackend::getNextStatement blink::SQLTransactionBackend::runStatements blink::SQLTransactionBackend::performNextStep Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_tsan_chrome_mp&range=398496:398598 Minimized Testcase (0.27 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96HgbAfnnSJ64y7qFI99B7AuZxV3vmi1krad1ZIkIhe-5TFZd8hMk4G4pSmvHI_GJAgbUmDmJWvCtTHQTjjsDPzgUxEhRMQxzHTn-gPOUiUmB3WHcLXi-7EAbNPrraGtoa-CN6pWQZ7sxbPn_KKu6Rws6RFKg?testcase_id=5520833347059712 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jul 11 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6699617802780672 Fuzzer: inferno_layout_test_unmodified Job Type: linux_tsan_chrome_mp Platform Id: linux Crash Type: Data race ATOMIC WRITE 8 Crash Address: 0x7e8cae7d8e38 Crash State: blink::SQLTransactionBackend::getNextStatement blink::SQLTransactionBackend::runStatements blink::SQLTransactionBackend::performNextStep Minimized Testcase (0.27 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97WcAVUfNq2YKAXHgW-6v8j1AeNOWsQPYPM99baVwMSHMlAH907iVc4kN7R9lbcHHUGxPCL4QIz9QN36JnYuBzaPsCw9Ixen1ZIf9FK7RCXZtSwokGOAMNbEYGyOJxkk6plZJnzL8p7tcrg4Jaw9tqY1ahTpA?testcase_id=6699617802780672 Filer: mmohammad See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Jul 16 2016
,
Oct 18 2016
,
Nov 14 2016
,
Nov 16 2016
As per Comment# 5, assigning to the concern owner and adding related devs in Cc using find it results -- Suspected CLs Regression information is not available. The result is the blame information. Author: haraken@chromium.org Project: chromium Changelist: https://chromium.googlesource.com/chromium/src/+/965739ad7a15fde21861a5b7a2f4e1cf9c4ae6fe Time: Thu Apr 09 04:20:48 2015 The CL last changed line 163 of file Atomics.h, which is stack frame 1. Author: beidson@apple.com Project: chromium Changelist: https://chromium.googlesource.com/chromium/src/+/765b1a8942d10bcbac42053f1f460e326ead9d11 Time: Fri Dec 07 00:50:32 2007 The CL last changed line 647 of file SQLTransactionBackend.cpp, which is stack frame 2. Author: mark.lam@apple.com Project: chromium Changelist: https://chromium.googlesource.com/chromium/src/+/ecb31f786a7d4292e24f6aa12d9034fe5204cbe0 Time: Thu Feb 14 22:31:20 2013 The CL last changed line 102 of file SQLTransactionStateMachine.h, which is stack frame 3. Author: jochen@chromium.org Project: chromium Changelist: https://chromium.googlesource.com/chromium/src/+/480340ce8592fab342d9bbd217afd485a6607dc8 Time: Fri Nov 29 09:57:59 2013 The CL last changed line 145 of file DatabaseTask.cpp, which is stack frame 4. Author: ap@webkit.org Project: chromium Changelist: https://chromium.googlesource.com/chromium/src/+/fc425328069536d74fa09d94200d624f469bf9cf Time: Tue Feb 12 19:37:03 2008 The CL last changed line 72 of file DatabaseTask.cpp, which is stack frame 5. Author: tzik Project: chromium Changelist: https://chromium.googlesource.com/chromium/src/+/99de02ba952b0a69291f81c5b8ca14d81cc1f74f Time: Fri Jul 01 05:54:12 2016 The CL last changed line 214 of file bind_internal.h, which is stack frame 6. Author: tzik Project: chromium Changelist: https://chromium.googlesource.com/chromium/src/+/77d41139d261342a429d2775c59d8e8a386d4c81 Time: Wed Mar 09 09:47:03 2016 The CL last changed line 389 of file callback.h, which is stack frame 7. Suspected Project: chromium Suspecting the following CLs from find it, https://chromium.googlesource.com/chromium/src/+/965739ad7a15fde21861a5b7a2f4e1cf9c4ae6fe https://chromium.googlesource.com/chromium/src/+/765b1a8942d10bcbac42053f1f460e326ead9d11 @haraken -- Could you please look into the issue, kindly re-assign if it is not related to your changes. Thank You.
,
Nov 16 2016
This issue was reported 2 days after https://codereview.chromium.org/1909813002 , so likely to be some overlap.
,
Nov 22 2016
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Feb 11 2017
ClusterFuzz has detected this issue as fixed in range 449378:449549. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6699617802780672 Fuzzer: inferno_layout_test_unmodified Job Type: linux_tsan_chrome_mp Platform Id: linux Crash Type: Data race ATOMIC WRITE 8 Crash Address: 0x7e8cae7d8e38 Crash State: blink::SQLTransactionBackend::getNextStatement blink::SQLTransactionBackend::runStatements blink::SQLTransactionBackend::performNextStep Sanitizer: thread (TSAN) Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_tsan_chrome_mp&range=449378:449549 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97WcAVUfNq2YKAXHgW-6v8j1AeNOWsQPYPM99baVwMSHMlAH907iVc4kN7R9lbcHHUGxPCL4QIz9QN36JnYuBzaPsCw9Ixen1ZIf9FK7RCXZtSwokGOAMNbEYGyOJxkk6plZJnzL8p7tcrg4Jaw9tqY1ahTpA?testcase_id=6699617802780672 See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Feb 11 2017
ClusterFuzz testcase 6699617802780672 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by ashej...@chromium.org
, Jun 10 2016Labels: Te-Logged