ASAN on Mac stacks sometimes miss source file path and line numbers |
||||||
Issue descriptionI have no clue when it regressed. Some reports miss line numbers completely (verified locally as well) e.g. https://cluster-fuzz.appspot.com/testcase?key=5170337031651328, https://cluster-fuzz.appspot.com/testcase?key=6350731919753216, whereas others do have line numbers like https://cluster-fuzz.appspot.com/testcase?key=6173107731824640, https://cluster-fuzz.appspot.com/testcase?key=5908065169965056. Any idea what could be causing this. Line numbers are extremely important for FindIt culprit CL finder algorithm. Some output from a local run where i added print on the command line. ==64666==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62400014e0f8 at pc 0x00011ae477d5 bp 0x7fff505d8b70 sp 0x7fff505d8b68 READ of size 8 at 0x62400014e0f8 thread T0 ['/b/clusterfuzz/slave-bot/builds/chrome-test-builds_media_mac-release_e6940505d6c387d688e04a7feeb7e2019c3efe81/revisions/asan-mac-release-410263/llvm-symbolizer', '--use-symbol-table=true', '--demangle=False', '--functions=linkage', '--inlining=true', '--default-arch=x86_64'] <subprocess.Popen object at 0x106d21dd0> #0 0x11ae477d4 in blink::getPropertyNameAtomicString(blink::CSSPropertyID) (in Content Shell Framework) + 1348 #1 0x11ae4784d in blink::getPropertyNameString(blink::CSSPropertyID) (in Content Shell Framework) + 45
,
Aug 6 2016
,
Aug 8 2016
Unassigning from myself, as I'm not able to test any Mac-related changes. Unfortunately both https://cluster-fuzz.appspot.com/testcase?key=5170337031651328 and https://cluster-fuzz.appspot.com/testcase?key=6350731919753216 are invalid, so I can't tell what's wrong with them. My wild guess would be that the build system has recently migrated to GN, and something went wrong.
,
Aug 8 2016
That seems like a very valid guess.
,
Aug 8 2016
What does "sometimes" mean? I would expect the behavior to be deterministic. Also, which bot is producing the build artifacts being tested? It would be good to know its gn args.
,
Aug 8 2016
Another guess is that might be a difference between crashes that happen in the Chromium binary and the frameworks (the former is symbolized, the latter is not). At least I've dealt with similar problems in issue 148383 . What we need to check is: - that we still build with debug info (probably yes, since some of the reports do contain file:line info) - that real .dSYM files are produced for every piece of Chromium - that llvm-symbolizer is able to find those .dSYM files It could be that the .dSYM file locations have changed, and we're passing incorrect paths to them from asan_symbolize.py (https://cs.chromium.org/chromium/src/tools/valgrind/asan/asan_symbolize.py?sq=package:chromium&dr=C&l=135)
,
Aug 8 2016
s/that might be/that there might be/
,
Aug 9 2016
Here is another report with missing stuff - https://cluster-fuzz.appspot.com/testcase?key=5170535808106496 (and should not get deleted, since associated with bug). https://cluster-fuzz.appspot.com/testcase?key=6173107731824640 is one with line numbers. Link to builder flags - https://build.chromium.org/p/chromium.lkgr/builders/Mac%20ASAN%20Release/builds/3304/steps/generate_build_files/logs/stdio
,
Aug 9 2016
Alex - I dont see any .dSYM files in the build archive. Any idea what stuff in gyp was creating that before ?
,
Aug 9 2016
I think we are missing integration with enable_dsyms for sanitizer builds - https://cs.chromium.org/chromium/src/tools/gn/docs/cookbook.md?rcl=0&l=226 https://cs.chromium.org/chromium/src/build/config/mac/symbols.gni?rcl=0&l=16 Previously we had that =1 in gyp - https://cs.chromium.org/chromium/src/build/common.gypi?rcl=0&l=461. Dirk, thoughts?
,
Aug 9 2016
See also Issue 628052 in case you were using fake dsyms, these are gone and there are now .unstripped files. Real dsyms are probably still around though, so maybe it's just a config problem.
,
Aug 9 2016
re #10 - yup, looks like you're right, so this should perhaps just change the default for enable_dsyms to (is_chrome_branded || is_asan). (As an aside, the enable_dsyms default is current (is_official_build), but in theory is_official_build is badly named, since it really reflects the optimization level, not whether or not this is an actual official build, so we should change the default as part of this).
,
Aug 10 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/8b0cda7f8d3f9a4f1d53c78600fb0c62c7eec7f9 commit 8b0cda7f8d3f9a4f1d53c78600fb0c62c7eec7f9 Author: dpranke <dpranke@chromium.org> Date: Wed Aug 10 06:17:52 2016 Make sure dSYMs are created by default for Mac sanitizer builds. They should be created by default for sanitizer builds (and were w/ GYP), but that setting got lost in the GN migration. Also, this CL corrects the default logic for enable_dsyms and enable_stripping so that we only do this for internal official builds by default, rather than for all "official" builds ( since is_official_build is really an optimization setting, not a description of how things should be packaged). R=rsesek@chromium.org, thakis@chromium.org, inferno@chromium.org BUG= 635242 Review-Url: https://codereview.chromium.org/2230723002 Cr-Commit-Position: refs/heads/master@{#410979} [modify] https://crrev.com/8b0cda7f8d3f9a4f1d53c78600fb0c62c7eec7f9/build/config/mac/symbols.gni
,
Aug 11 2016
There was one more fix needed. The .dSYMs paths changed and now it does not use .app and .framework at end. Verified and removed in CF source. https://chromereviews.googleplex.com/483457013/ I feel happy that this is fixed, this was really important for FindIt culprit CL finder.
,
Aug 11 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/002fbfa1c30058690e76c010d1b0b8801e8a2d39 commit 002fbfa1c30058690e76c010d1b0b8801e8a2d39 Author: rsesek <rsesek@chromium.org> Date: Thu Aug 11 12:13:21 2016 Partially revert 8b0cda7f8d3f9a4f1d53c78600fb0c62c7eec7f9. That CL modified the conditions under which enable_dsyms and enable_stripping get set, which is not desired. This leaves in place the change for sanitizers. BUG= 635242 R=dpranke@chromium.org Review-Url: https://codereview.chromium.org/2232943003 Cr-Commit-Position: refs/heads/master@{#411306} [modify] https://crrev.com/002fbfa1c30058690e76c010d1b0b8801e8a2d39/build/config/mac/symbols.gni |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by infe...@chromium.org
, Aug 6 2016