ConditionalCacheDeletionHelperBrowserTest.Condition fails with segfault |
||
Issue descriptionThis failure caused the Linux_ChromiumOS_Tests bot to fail in this[1] build. Failing test logs are at [2]. I don't see any obvious changes in the builder that would have caused this flake. 1: https://build.chromium.org/p/chromium.chromiumos/builders/Linux%20ChromiumOS%20Tests%20%28dbg%29%281%29/builds/18519 2: https://paste.googleplex.com/6473130180608000?raw
,
Oct 6 2016
LSAN just caught a heap-user-after-free, could be related. https://uberchromegw.corp.google.com/i/chromium.memory/builders/Linux%20Chromium%20OS%20ASan%20LSan%20Tests%20%281%29/builds/16722 (view as text) ConditionalCacheDeletionHelperBrowserTest.Condition (run #1): [ RUN ] ConditionalCacheDeletionHelperBrowserTest.Condition [11211:11211:1006/080132:WARNING:chrome_browser_main_chromeos.cc(339)] Running as stub user with profile dir: test-user [11211:11211:1006/080132:WARNING:audio_manager.cc(317)] Multiple instances of AudioManager detected [11211:11211:1006/080132:WARNING:audio_manager.cc(278)] Multiple instances of AudioManager detected [11211:11211:1006/080132:ERROR:logging_chrome.cc(173)] Unable to create symlink /tmp/.org.chromium.Chromium.cejQHg/dlXNzlq/test-user/chrome_debug.log pointing at /tmp/.org.chromium.Chromium.cejQHg/dlXNzlq/test-user/chrome_debug_20161006-080132.log: No such file or directory Xlib: extension "RANDR" missing on display ":9". [11211:11279:1006/080132:ERROR:drive_integration_service.cc(120)] /tmp should have been created as clear. [11211:11280:1006/080132:WARNING:local_extension_cache.cc(259)] Extensions will not be installed from update URLs until /tmp/.org.chromium.Chromium.cejQHg/dlXNzlq/stub_device_local_extension_cache/.initialized exists. [11211:11283:1006/080132:WARNING:freezer_cgroup_process_manager.cc(59)] Cgroup freezer does not exist or is not writable. Unable to freeze renderer processes. [11293:11338:1006/080133:ERROR:interface_registry.cc(99)] Capability spec prevented service service:content_browser from binding interface: mojom::ResourceUsageReporter ================================================================= ==11211==ERROR: AddressSanitizer: heap-use-after-free on address 0x60400073b925 at pc 0x00000957b2d2 bp 0x7ffd88c673c0 sp 0x7ffd88c673b8 WRITE of size 1 at 0x60400073b925 thread T0 (browser_tests) #0 0x957b2d1 in base::RunLoop::Quit() base/run_loop.cc:47:16 #1 0x968798e in Run base/callback.h:64:12 #2 0x968798e in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&) base/debug/task_annotator.cc:54 #3 0x94fd825 in base::MessageLoop::RunTask(base::PendingTask const&) base/message_loop/message_loop.cc:405:19 #4 0x94fe4eb in base::MessageLoop::DeferOrRunPendingTask(base::PendingTask) base/message_loop/message_loop.cc:414:5 #5 0x94ff3ed in base::MessageLoop::DoWork() base/message_loop/message_loop.cc:513:13 #6 0x9507e37 in base::MessagePumpGlib::Run(base::MessagePump::Delegate*) base/message_loop/message_pump_glib.cc:313:49 #7 0x94fcfd5 in base::MessageLoop::RunHandler() base/message_loop/message_loop.cc:370:10 #8 0x957ad5e in base::RunLoop::Run() base/run_loop.cc:35:10 #9 0xc611de in ConditionalCacheDeletionHelperBrowserTest::WaitForTasksOnIOThread() chrome/browser/browsing_data/conditional_cache_deletion_helper_browsertest.cc:96:22 #10 0xc60328 in ConditionalCacheDeletionHelperBrowserTest_Condition_Test::RunTestOnMainThread() chrome/browser/browsing_data/conditional_cache_deletion_helper_browsertest.cc:235:3 #11 0x97053b3 in InProcessBrowserTest::RunTestOnMainThreadLoop() chrome/test/base/in_process_browser_test.cc:559:5 #12 0xa9c5079 in content::BrowserTestBase::ProxyRunTestOnMainThreadLoop() content/public/test/browser_test_base.cc:336:3 #13 0x97ccd62 in Run base/callback.h:64:12 #14 0x97ccd62 in ChromeBrowserMainParts::PreMainMessageLoopRunImpl() chrome/browser/chrome_browser_main.cc:2059 #15 0x97ca839 in ChromeBrowserMainParts::PreMainMessageLoopRun() chrome/browser/chrome_browser_main.cc:1383:18 #16 0x396fcfb in chromeos::ChromeBrowserMainPartsChromeos::PreMainMessageLoopRun() chrome/browser/chromeos/chrome_browser_main_chromeos.cc:423:32 #17 0x6e87919 in content::BrowserMainLoop::PreMainMessageLoopRun() content/browser/browser_main_loop.cc:965:13 #18 0x7a6776b in Run base/callback.h:64:12 #19 0x7a6776b in content::StartupTaskRunner::RunAllTasksNow() content/browser/startup_task_runner.cc:45 #20 0x6e83275 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:855:25 #21 0x6e90c9d in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:140:17 #22 0x6e7baa3 in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #23 0x9175fcc in content::RunNamedProcessTypeMain(std::string const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:417:14 #24 0x91779b3 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:785:12 #25 0x917412a in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #26 0xa9c3e5f in content::BrowserTestBase::SetUp() content/public/test/browser_test_base.cc:308:3 #27 0x9700ce3 in InProcessBrowserTest::SetUp() chrome/test/base/in_process_browser_test.cc:250:20 #28 0xbec2086 in HandleExceptionsInMethodIfSupported<testing::Test, void> testing/gtest/src/gtest.cc:2458:12 #29 0xbec2086 in testing::Test::Run() testing/gtest/src/gtest.cc:2470 #30 0xbec438b in testing::TestInfo::Run() testing/gtest/src/gtest.cc:2656:11 #31 0xbec5146 in testing::TestCase::Run() testing/gtest/src/gtest.cc:2774:28 #32 0xbed9196 in testing::internal::UnitTestImpl::RunAllTests() testing/gtest/src/gtest.cc:4647:43 #33 0xbed87f7 in HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> testing/gtest/src/gtest.cc:2458:12 #34 0xbed87f7 in testing::UnitTest::Run() testing/gtest/src/gtest.cc:4255 #35 0x973139b in RUN_ALL_TESTS testing/gtest/include/gtest/gtest.h:2237:46 #36 0x973139b in base::TestSuite::Run() base/test/test_suite.cc:246 #37 0x946e5b3 in ChromeTestSuiteRunner::RunTestSuite(int, char**) chrome/test/base/chrome_test_launcher.cc:58:38 #38 0xaa79792 in content::LaunchTests(content::TestLauncherDelegate*, int, int, char**) content/public/test/test_launcher.cc:521:31 #39 0x9468da8 in main chrome/test/base/browser_tests_main_chromeos.cc:20:10 #40 0x7f142f20d7ec in __libc_start_main /build/eglibc-oqps9y/eglibc-2.15/csu/libc-start.c:226 0x60400073b925 is located 21 bytes inside of 40-byte region [0x60400073b910,0x60400073b938) freed by thread T0 (browser_tests) here: #0 0x98f62b in operator delete(void*) (/b/swarming/w/ir_LRI9u/out/Release/browser_tests+0x98f62b) #1 0xc611be in operator() build/linux/ubuntu_precise_amd64-sysroot/usr/lib/gcc/x86_64-linux-gnu/4.6/../../../../include/c++/4.6/bits/unique_ptr.h:63:2 #2 0xc611be in reset build/linux/ubuntu_precise_amd64-sysroot/usr/lib/gcc/x86_64-linux-gnu/4.6/../../../../include/c++/4.6/bits/unique_ptr.h:245 #3 0xc611be in ConditionalCacheDeletionHelperBrowserTest::WaitForTasksOnIOThread() chrome/browser/browsing_data/conditional_cache_deletion_helper_browsertest.cc:95 #4 0xc60328 in ConditionalCacheDeletionHelperBrowserTest_Condition_Test::RunTestOnMainThread() chrome/browser/browsing_data/conditional_cache_deletion_helper_browsertest.cc:235:3 #5 0x97053b3 in InProcessBrowserTest::RunTestOnMainThreadLoop() chrome/test/base/in_process_browser_test.cc:559:5 #6 0xa9c5079 in content::BrowserTestBase::ProxyRunTestOnMainThreadLoop() content/public/test/browser_test_base.cc:336:3 #7 0x97ccd62 in Run base/callback.h:64:12 #8 0x97ccd62 in ChromeBrowserMainParts::PreMainMessageLoopRunImpl() chrome/browser/chrome_browser_main.cc:2059 #9 0x97ca839 in ChromeBrowserMainParts::PreMainMessageLoopRun() chrome/browser/chrome_browser_main.cc:1383:18 #10 0x396fcfb in chromeos::ChromeBrowserMainPartsChromeos::PreMainMessageLoopRun() chrome/browser/chromeos/chrome_browser_main_chromeos.cc:423:32 #11 0x6e87919 in content::BrowserMainLoop::PreMainMessageLoopRun() content/browser/browser_main_loop.cc:965:13 #12 0x7a6776b in Run base/callback.h:64:12 #13 0x7a6776b in content::StartupTaskRunner::RunAllTasksNow() content/browser/startup_task_runner.cc:45 #14 0x6e83275 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:855:25 #15 0x6e90c9d in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:140:17 #16 0x6e7baa3 in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #17 0x9175fcc in content::RunNamedProcessTypeMain(std::string const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:417:14 #18 0x91779b3 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:785:12 #19 0x917412a in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #20 0xa9c3e5f in content::BrowserTestBase::SetUp() content/public/test/browser_test_base.cc:308:3 #21 0x9700ce3 in InProcessBrowserTest::SetUp() chrome/test/base/in_process_browser_test.cc:250:20 #22 0xbec2086 in HandleExceptionsInMethodIfSupported<testing::Test, void> testing/gtest/src/gtest.cc:2458:12 #23 0xbec2086 in testing::Test::Run() testing/gtest/src/gtest.cc:2470 #24 0xbec438b in testing::TestInfo::Run() testing/gtest/src/gtest.cc:2656:11 #25 0xbec5146 in testing::TestCase::Run() testing/gtest/src/gtest.cc:2774:28 #26 0xbed9196 in testing::internal::UnitTestImpl::RunAllTests() testing/gtest/src/gtest.cc:4647:43 #27 0xbed87f7 in HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> testing/gtest/src/gtest.cc:2458:12 #28 0xbed87f7 in testing::UnitTest::Run() testing/gtest/src/gtest.cc:4255 #29 0x973139b in RUN_ALL_TESTS testing/gtest/include/gtest/gtest.h:2237:46 #30 0x973139b in base::TestSuite::Run() base/test/test_suite.cc:246 #31 0x946e5b3 in ChromeTestSuiteRunner::RunTestSuite(int, char**) chrome/test/base/chrome_test_launcher.cc:58:38 #32 0xaa79792 in content::LaunchTests(content::TestLauncherDelegate*, int, int, char**) content/public/test/test_launcher.cc:521:31 #33 0x9468da8 in main chrome/test/base/browser_tests_main_chromeos.cc:20:10 #34 0x7f142f20d7ec in __libc_start_main /build/eglibc-oqps9y/eglibc-2.15/csu/libc-start.c:226 previously allocated by thread T0 (browser_tests) here: #0 0x98e9eb in operator new(unsigned long) (/b/swarming/w/ir_LRI9u/out/Release/browser_tests+0x98e9eb) #1 0xc6116f in ConditionalCacheDeletionHelperBrowserTest::WaitForTasksOnIOThread() chrome/browser/browsing_data/conditional_cache_deletion_helper_browsertest.cc:95:27 #2 0xc6024b in ConditionalCacheDeletionHelperBrowserTest_Condition_Test::RunTestOnMainThread() chrome/browser/browsing_data/conditional_cache_deletion_helper_browsertest.cc:228:3 #3 0x97053b3 in InProcessBrowserTest::RunTestOnMainThreadLoop() chrome/test/base/in_process_browser_test.cc:559:5 #4 0xa9c5079 in content::BrowserTestBase::ProxyRunTestOnMainThreadLoop() content/public/test/browser_test_base.cc:336:3 #5 0x97ccd62 in Run base/callback.h:64:12 #6 0x97ccd62 in ChromeBrowserMainParts::PreMainMessageLoopRunImpl() chrome/browser/chrome_browser_main.cc:2059 #7 0x97ca839 in ChromeBrowserMainParts::PreMainMessageLoopRun() chrome/browser/chrome_browser_main.cc:1383:18 #8 0x396fcfb in chromeos::ChromeBrowserMainPartsChromeos::PreMainMessageLoopRun() chrome/browser/chromeos/chrome_browser_main_chromeos.cc:423:32 #9 0x6e87919 in content::BrowserMainLoop::PreMainMessageLoopRun() content/browser/browser_main_loop.cc:965:13 #10 0x7a6776b in Run base/callback.h:64:12 #11 0x7a6776b in content::StartupTaskRunner::RunAllTasksNow() content/browser/startup_task_runner.cc:45 #12 0x6e83275 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:855:25 #13 0x6e90c9d in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:140:17 #14 0x6e7baa3 in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #15 0x9175fcc in content::RunNamedProcessTypeMain(std::string const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:417:14 #16 0x91779b3 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:785:12 #17 0x917412a in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #18 0xa9c3e5f in content::BrowserTestBase::SetUp() content/public/test/browser_test_base.cc:308:3 #19 0x9700ce3 in InProcessBrowserTest::SetUp() chrome/test/base/in_process_browser_test.cc:250:20 #20 0xbec2086 in HandleExceptionsInMethodIfSupported<testing::Test, void> testing/gtest/src/gtest.cc:2458:12 #21 0xbec2086 in testing::Test::Run() testing/gtest/src/gtest.cc:2470 #22 0xbec438b in testing::TestInfo::Run() testing/gtest/src/gtest.cc:2656:11 #23 0xbec5146 in testing::TestCase::Run() testing/gtest/src/gtest.cc:2774:28 #24 0xbed9196 in testing::internal::UnitTestImpl::RunAllTests() testing/gtest/src/gtest.cc:4647:43 #25 0xbed87f7 in HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> testing/gtest/src/gtest.cc:2458:12 #26 0xbed87f7 in testing::UnitTest::Run() testing/gtest/src/gtest.cc:4255 #27 0x973139b in RUN_ALL_TESTS testing/gtest/include/gtest/gtest.h:2237:46 #28 0x973139b in base::TestSuite::Run() base/test/test_suite.cc:246 #29 0x946e5b3 in ChromeTestSuiteRunner::RunTestSuite(int, char**) chrome/test/base/chrome_test_launcher.cc:58:38 #30 0xaa79792 in content::LaunchTests(content::TestLauncherDelegate*, int, int, char**) content/public/test/test_launcher.cc:521:31 #31 0x9468da8 in main chrome/test/base/browser_tests_main_chromeos.cc:20:10 #32 0x7f142f20d7ec in __libc_start_main /build/eglibc-oqps9y/eglibc-2.15/csu/libc-start.c:226 SUMMARY: AddressSanitizer: heap-use-after-free base/run_loop.cc:47:16 in base::RunLoop::Quit() Shadow bytes around the buggy address: 0x0c08800df6d0: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fd 0x0c08800df6e0: fa fa 00 00 00 00 00 fa fa fa 00 00 00 00 00 00 0x0c08800df6f0: fa fa 00 00 00 00 00 00 fa fa 00 00 00 00 00 fa 0x0c08800df700: fa fa 00 00 00 00 00 00 fa fa fd fd fd fd fd fd 0x0c08800df710: fa fa 00 00 00 00 00 00 fa fa 00 00 00 00 00 00 =>0x0c08800df720: fa fa fd fd[fd]fd fd fa fa fa fd fd fd fd fd fa 0x0c08800df730: fa fa fd fd fd fd fd fd fa fa fd fd fd fd fd fa 0x0c08800df740: fa fa 00 00 00 00 00 fa fa fa 00 00 00 00 00 fa 0x0c08800df750: fa fa 00 00 00 00 00 fa fa fa 00 00 00 00 00 fa 0x0c08800df760: fa fa fd fd fd fd fd fa fa fa 00 00 00 00 00 fa 0x0c08800df770: fa fa 00 00 00 00 00 fa fa fa 00 00 00 00 00 fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==11211==ABORTING [1006/150135:ERROR:nacl_helper_linux.cc(311)] NaCl helper process running without a sandbox! Most likely you need to configure your SUID sandbox correctly [1006/080135:ERROR:nacl_helper_linux.cc(311)] NaCl helper process running without a sandbox! Most likely you need to configure your SUID sandbox correctly ConditionalCacheDeletionHelperBrowserTest.Condition (run #2): [ RUN ] ConditionalCacheDeletionHelperBrowserTest.Condition [19660:19660:1006/082841:WARNING:chrome_browser_main_chromeos.cc(339)] Running as stub user with profile dir: test-user [19660:19660:1006/082841:WARNING:audio_manager.cc(317)] Multiple instances of AudioManager detected [19660:19660:1006/082841:WARNING:audio_manager.cc(278)] Multiple instances of AudioManager detected [19660:19660:1006/082841:ERROR:logging_chrome.cc(173)] Unable to create symlink /tmp/.org.chromium.Chromium.cejQHg/dzR8ELg/test-user/chrome_debug.log pointing at /tmp/.org.chromium.Chromium.cejQHg/dzR8ELg/test-user/chrome_debug_20161006-082841.log: No such file or directory Xlib: extension "RANDR" missing on display ":9". [19660:19744:1006/082842:ERROR:drive_integration_service.cc(120)] /tmp should have been created as clear. [19660:19743:1006/082842:WARNING:local_extension_cache.cc(259)] Extensions will not be installed from update URLs until /tmp/.org.chromium.Chromium.cejQHg/dzR8ELg/stub_device_local_extension_cache/.initialized exists. [19660:19746:1006/082842:WARNING:freezer_cgroup_process_manager.cc(59)] Cgroup freezer does not exist or is not writable. Unable to freeze renderer processes. [19758:19770:1006/082842:ERROR:interface_registry.cc(99)] Capability spec prevented service service:content_browser from binding interface: mojom::ResourceUsageReporter ================================================================= ==19660==ERROR: AddressSanitizer: heap-use-after-free on address 0x60400072c4e5 at pc 0x00000957b2d2 bp 0x7fff1a789800 sp 0x7fff1a7897f8 WRITE of size 1 at 0x60400072c4e5 thread T0 (browser_tests) #0 0x957b2d1 in base::RunLoop::Quit() base/run_loop.cc:47:16 #1 0x968798e in Run base/callback.h:64:12 #2 0x968798e in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&) base/debug/task_annotator.cc:54 #3 0x94fd825 in base::MessageLoop::RunTask(base::PendingTask const&) base/message_loop/message_loop.cc:405:19 #4 0x94fe4eb in base::MessageLoop::DeferOrRunPendingTask(base::PendingTask) base/message_loop/message_loop.cc:414:5 #5 0x94ff3ed in base::MessageLoop::DoWork() base/message_loop/message_loop.cc:513:13 #6 0x9508886 in HandleDispatch base/message_loop/message_pump_glib.cc:267:25 #7 0x9508886 in base::(anonymous namespace)::WorkSourceDispatch(_GSource*, int (*)(void*), void*) base/message_loop/message_pump_glib.cc:109 #8 0x7f57c775fd12 in g_main_dispatch /build/buildd/glib2.0-2.32.4/./glib/gmain.c:2539 #9 0x7f57c775fd12 in g_main_context_dispatch /build/buildd/glib2.0-2.32.4/./glib/gmain.c:3075 0x60400072c4e5 is located 21 bytes inside of 40-byte region [0x60400072c4d0,0x60400072c4f8) freed by thread T0 (browser_tests) here: #0 0x98f62b in operator delete(void*) (/b/swarming/w/ir_LRI9u/out/Release/browser_tests+0x98f62b) #1 0xc611be in operator() build/linux/ubuntu_precise_amd64-sysroot/usr/lib/gcc/x86_64-linux-gnu/4.6/../../../../include/c++/4.6/bits/unique_ptr.h:63:2 #2 0xc611be in reset build/linux/ubuntu_precise_amd64-sysroot/usr/lib/gcc/x86_64-linux-gnu/4.6/../../../../include/c++/4.6/bits/unique_ptr.h:245 #3 0xc611be in ConditionalCacheDeletionHelperBrowserTest::WaitForTasksOnIOThread() chrome/browser/browsing_data/conditional_cache_deletion_helper_browsertest.cc:95 #4 0xc60328 in ConditionalCacheDeletionHelperBrowserTest_Condition_Test::RunTestOnMainThread() chrome/browser/browsing_data/conditional_cache_deletion_helper_browsertest.cc:235:3 #5 0x97053b3 in InProcessBrowserTest::RunTestOnMainThreadLoop() chrome/test/base/in_process_browser_test.cc:559:5 #6 0xa9c5079 in content::BrowserTestBase::ProxyRunTestOnMainThreadLoop() content/public/test/browser_test_base.cc:336:3 #7 0x97ccd62 in Run base/callback.h:64:12 #8 0x97ccd62 in ChromeBrowserMainParts::PreMainMessageLoopRunImpl() chrome/browser/chrome_browser_main.cc:2059 #9 0x97ca839 in ChromeBrowserMainParts::PreMainMessageLoopRun() chrome/browser/chrome_browser_main.cc:1383:18 #10 0x396fcfb in chromeos::ChromeBrowserMainPartsChromeos::PreMainMessageLoopRun() chrome/browser/chromeos/chrome_browser_main_chromeos.cc:423:32 #11 0x6e87919 in content::BrowserMainLoop::PreMainMessageLoopRun() content/browser/browser_main_loop.cc:965:13 #12 0x7a6776b in Run base/callback.h:64:12 #13 0x7a6776b in content::StartupTaskRunner::RunAllTasksNow() content/browser/startup_task_runner.cc:45 #14 0x6e83275 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:855:25 #15 0x6e90c9d in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:140:17 #16 0x6e7baa3 in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #17 0x9175fcc in content::RunNamedProcessTypeMain(std::string const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:417:14 #18 0x91779b3 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:785:12 #19 0x917412a in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #20 0xa9c3e5f in content::BrowserTestBase::SetUp() content/public/test/browser_test_base.cc:308:3 #21 0x9700ce3 in InProcessBrowserTest::SetUp() chrome/test/base/in_process_browser_test.cc:250:20 #22 0xbec2086 in HandleExceptionsInMethodIfSupported<testing::Test, void> testing/gtest/src/gtest.cc:2458:12 #23 0xbec2086 in testing::Test::Run() testing/gtest/src/gtest.cc:2470 #24 0xbec438b in testing::TestInfo::Run() testing/gtest/src/gtest.cc:2656:11 #25 0xbec5146 in testing::TestCase::Run() testing/gtest/src/gtest.cc:2774:28 #26 0xbed9196 in testing::internal::UnitTestImpl::RunAllTests() testing/gtest/src/gtest.cc:4647:43 #27 0xbed87f7 in HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> testing/gtest/src/gtest.cc:2458:12 #28 0xbed87f7 in testing::UnitTest::Run() testing/gtest/src/gtest.cc:4255 #29 0x973139b in RUN_ALL_TESTS testing/gtest/include/gtest/gtest.h:2237:46 #30 0x973139b in base::TestSuite::Run() base/test/test_suite.cc:246 #31 0x946e5b3 in ChromeTestSuiteRunner::RunTestSuite(int, char**) chrome/test/base/chrome_test_launcher.cc:58:38 #32 0xaa79792 in content::LaunchTests(content::TestLauncherDelegate*, int, int, char**) content/public/test/test_launcher.cc:521:31 #33 0x9468da8 in main chrome/test/base/browser_tests_main_chromeos.cc:20:10 #34 0x7f57c28827ec in __libc_start_main /build/eglibc-oqps9y/eglibc-2.15/csu/libc-start.c:226 previously allocated by thread T0 (browser_tests) here: #0 0x98e9eb in operator new(unsigned long) (/b/swarming/w/ir_LRI9u/out/Release/browser_tests+0x98e9eb) #1 0xc6116f in ConditionalCacheDeletionHelperBrowserTest::WaitForTasksOnIOThread() chrome/browser/browsing_data/conditional_cache_deletion_helper_browsertest.cc:95:27 #2 0xc6024b in ConditionalCacheDeletionHelperBrowserTest_Condition_Test::RunTestOnMainThread() chrome/browser/browsing_data/conditional_cache_deletion_helper_browsertest.cc:228:3 #3 0x97053b3 in InProcessBrowserTest::RunTestOnMainThreadLoop() chrome/test/base/in_process_browser_test.cc:559:5 #4 0xa9c5079 in content::BrowserTestBase::ProxyRunTestOnMainThreadLoop() content/public/test/browser_test_base.cc:336:3 #5 0x97ccd62 in Run base/callback.h:64:12 #6 0x97ccd62 in ChromeBrowserMainParts::PreMainMessageLoopRunImpl() chrome/browser/chrome_browser_main.cc:2059 #7 0x97ca839 in ChromeBrowserMainParts::PreMainMessageLoopRun() chrome/browser/chrome_browser_main.cc:1383:18 #8 0x396fcfb in chromeos::ChromeBrowserMainPartsChromeos::PreMainMessageLoopRun() chrome/browser/chromeos/chrome_browser_main_chromeos.cc:423:32 #9 0x6e87919 in content::BrowserMainLoop::PreMainMessageLoopRun() content/browser/browser_main_loop.cc:965:13 #10 0x7a6776b in Run base/callback.h:64:12 #11 0x7a6776b in content::StartupTaskRunner::RunAllTasksNow() content/browser/startup_task_runner.cc:45 #12 0x6e83275 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:855:25 #13 0x6e90c9d in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:140:17 #14 0x6e7baa3 in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #15 0x9175fcc in content::RunNamedProcessTypeMain(std::string const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:417:14 #16 0x91779b3 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:785:12 #17 0x917412a in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #18 0xa9c3e5f in content::BrowserTestBase::SetUp() content/public/test/browser_test_base.cc:308:3 #19 0x9700ce3 in InProcessBrowserTest::SetUp() chrome/test/base/in_process_browser_test.cc:250:20 #20 0xbec2086 in HandleExceptionsInMethodIfSupported<testing::Test, void> testing/gtest/src/gtest.cc:2458:12 #21 0xbec2086 in testing::Test::Run() testing/gtest/src/gtest.cc:2470 #22 0xbec438b in testing::TestInfo::Run() testing/gtest/src/gtest.cc:2656:11 #23 0xbec5146 in testing::TestCase::Run() testing/gtest/src/gtest.cc:2774:28 #24 0xbed9196 in testing::internal::UnitTestImpl::RunAllTests() testing/gtest/src/gtest.cc:4647:43 #25 0xbed87f7 in HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> testing/gtest/src/gtest.cc:2458:12 #26 0xbed87f7 in testing::UnitTest::Run() testing/gtest/src/gtest.cc:4255 #27 0x973139b in RUN_ALL_TESTS testing/gtest/include/gtest/gtest.h:2237:46 #28 0x973139b in base::TestSuite::Run() base/test/test_suite.cc:246 #29 0x946e5b3 in ChromeTestSuiteRunner::RunTestSuite(int, char**) chrome/test/base/chrome_test_launcher.cc:58:38 #30 0xaa79792 in content::LaunchTests(content::TestLauncherDelegate*, int, int, char**) content/public/test/test_launcher.cc:521:31 #31 0x9468da8 in main chrome/test/base/browser_tests_main_chromeos.cc:20:10 #32 0x7f57c28827ec in __libc_start_main /build/eglibc-oqps9y/eglibc-2.15/csu/libc-start.c:226
,
Oct 6 2016
Issues I'm seeing: 1) The |io_thread_loop_| pointer isn't protected by a lock and therefore its access from two threads is incorrect (i.e. DoneCallback()'s call on the IO thread isn't synchronized with WaitForTasksOnIOThread() which can result in a race -- e.g. DoneCallback() binding the old |io_thread_loop_|'s Quit. 2) Using it a member is atypical as, unless sequencing care is taken, there might be pending task to quit it when the member is reset (e.g. per (1)). Unless you truly need the UI thread to keep pumping messages while waiting in your test. A better approach would be to use a WaitableEvent(AUTOMATIC, NOT_SIGNALED) and wait for it on UI thread and signal it from DoneCallback.
,
Oct 6 2016
Thanks, this is helpful! If I'm reading it correctly, it's a use-after-free on the RunLoop used for synchronization in tests, so hopefully there's at least not a leak in the tested class itself. Still need time to find out what exactly is the problem though...
,
Oct 6 2016
Heh, so there's a race condition in this comment thread as well. Thanks for confirming my suspicion.
,
Oct 10 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5263a0fd408925936e119912e6a7c318413861d9 commit 5263a0fd408925936e119912e6a7c318413861d9 Author: msramek <msramek@chromium.org> Date: Mon Oct 10 13:08:24 2016 Replace RunLoop with WaitableEvent in ConditionalCacheDeletionHelperBrowserTest ...to synchronize the UI and IO threads. WaitableEvent correctly handles the situation where the waited IO thread tasks finishes first (i.e. Signal() is called first, Wait() later) which was not the case in the previous implementation with RunLoop(). BUG= 651505 Review-Url: https://codereview.chromium.org/2405803003 Cr-Commit-Position: refs/heads/master@{#424136} [modify] https://crrev.com/5263a0fd408925936e119912e6a7c318413861d9/chrome/browser/browsing_data/conditional_cache_deletion_helper_browsertest.cc
,
Oct 10 2016
Should be fixed now, assuming that the original report is indeed the same problem as the stack trace from gab@. |
||
►
Sign in to add a comment |
||
Comment 1 by msramek@chromium.org
, Sep 29 2016