LayerTreeHostTestReadyToActivateNonEmpty.RunRemote_DelegatingRenderer failing under ubsan vptr |
||||
Issue descriptionFrom https://build.chromium.org/p/chromium.fyi/builders/ClangToTLinuxUBSanVptr%20tester/builds/851/steps/cc_unittests%20on%20Ubuntu-12.04/logs/LayerTreeHostTestReadyToActivateNonEmpty.RunRemote_DelegatingRenderer LayerTreeHostTestReadyToActivateNonEmpty.RunRemote_DelegatingRenderer (run #1): [ RUN ] LayerTreeHostTestReadyToActivateNonEmpty.RunRemote_DelegatingRenderer ../../cc/trees/layer_tree_host_unittest.cc:234:11: runtime error: downcast of address 0x2564ce08f500 which does not point to an object of type 'cc::FakePictureLayerImpl' 0x2564ce08f500: note: object is of type 'cc::PictureLayerImpl' 00 00 00 00 d8 64 7b 05 00 00 00 00 0d 00 00 00 ff ff ff ff 00 da 11 ce 64 25 00 00 00 00 00 00 ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'cc::PictureLayerImpl' #0 0x24d25e5 (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x24d25e5) #1 0x329649e (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x329649e) #2 0x2fee466 (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x2fee466) #3 0x2ff2fe4 (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x2ff2fe4) #4 0x328cabe (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x328cabe) #5 0x3753806 (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x3753806) #6 0x36630a6 (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x36630a6) #7 0x3663a87 (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x3663a87) #8 0x36649ce (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x36649ce) #9 0x366afb1 (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x366afb1) #10 0x36624f2 (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x36624f2) #11 0x36ab6a5 (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x36ab6a5) #12 0x36df545 (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x36df545) #13 0x36d15d8 (/b/swarming/w/ir69VOS0/out/Release/cc_unittests+0x36d15d8) #14 0x7f00e4faae99 (/lib/x86_64-linux-gnu/libpthread.so.0+0x7e99) #15 0x7f00e4ac236c (/lib/x86_64-linux-gnu/libc.so.6+0xf336c) It looks like a legit failure, but I don't see any obvious Chromium change that would cause it. pcc: did anything change on the vptr sanitization front recently? xingliu: I think you're the last to touch this test file. Any idea what might be going on?
,
Oct 20 2016
> I'll create a CL to fix this Thanks! > do we have trybot in the CQ to try to catch this? No, I don't think there is a trybot for this. I think it's still considered somewhat experimental, with clusterfuzz being the main user. I'm not even sure we have a bot for it on the regular waterfall.
,
Oct 20 2016
> pcc: did anything change on the vptr sanitization front recently? Could be this? https://reviews.llvm.org/D25448
,
Oct 20 2016
,
Oct 20 2016
This is because the code in state deserialization on the client side will create PictureLayers, while the test code expects it to have FakePictureLayers. Probably just need to add FakePictureLayer to the serialization code for tests?
,
Oct 20 2016
I'll land the fix CL first, so we won't block other people. Will add serialization code for FakePictureLayer later.
,
Oct 20 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/143414007952491b458bbd5bb55116fbde7d2caa commit 143414007952491b458bbd5bb55116fbde7d2caa Author: xingliu <xingliu@chromium.org> Date: Thu Oct 20 19:57:17 2016 Disable a remote LTH test, we don't deserialize FakePictureLayer. Currently for LTH remote test, we deserialize FakePictureLayer into PictureLayer, so on the compositor impl thread, FakePictureLayerImpl is not created but PictureLayerImpl, which cause downcasting failure. BUG= 657871 CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_precise_blink_rel Review-Url: https://chromiumcodereview.appspot.com/2441673003 Cr-Commit-Position: refs/heads/master@{#426571} [modify] https://crrev.com/143414007952491b458bbd5bb55116fbde7d2caa/cc/trees/layer_tree_host_unittest.cc
,
Oct 27 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b67229217f5b54fad888c74f6528be4af51e5a6e commit b67229217f5b54fad888c74f6528be4af51e5a6e Author: xingliu <xingliu@chromium.org> Date: Thu Oct 27 00:06:06 2016 Add serialization/deserialization for FakePictureLayer for testing. Previously we serialize/deserialize FakePictureLayer into PictureLayer. This introduced an issue in LayerTreeHostTestReadyToActivateNonEmpty and other unit test cases in layer_tree_host_unittests.cc that downcasting from PictureLayerImpl to FakePictureLayerImpl will fail. The data flow was: FakePictureLayer==>PictureLayer==>PictureLayerImpl==> FakePictureLayerImpl(downcast failure). This CL adds procedure to process FakePictureLayer, so it can be deserialized and down cast correctly. The data flow becomes: FakePictureLayer==>FakePictureLayer==>FakePictureLayerImpl BUG= 657871 CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_precise_blink_rel Review-Url: https://codereview.chromium.org/2451913002 Cr-Commit-Position: refs/heads/master@{#427886} [modify] https://crrev.com/b67229217f5b54fad888c74f6528be4af51e5a6e/cc/blimp/compositor_state_deserializer.cc [modify] https://crrev.com/b67229217f5b54fad888c74f6528be4af51e5a6e/cc/blimp/layer_factory.h [modify] https://crrev.com/b67229217f5b54fad888c74f6528be4af51e5a6e/cc/layers/layer_proto_converter.cc [modify] https://crrev.com/b67229217f5b54fad888c74f6528be4af51e5a6e/cc/proto/layer.proto [modify] https://crrev.com/b67229217f5b54fad888c74f6528be4af51e5a6e/cc/test/fake_picture_layer.cc [modify] https://crrev.com/b67229217f5b54fad888c74f6528be4af51e5a6e/cc/test/fake_picture_layer.h [modify] https://crrev.com/b67229217f5b54fad888c74f6528be4af51e5a6e/cc/test/remote_client_layer_factory.cc [modify] https://crrev.com/b67229217f5b54fad888c74f6528be4af51e5a6e/cc/test/remote_client_layer_factory.h
,
Nov 30 2016
|
||||
►
Sign in to add a comment |
||||
Comment 1 by xingliu@chromium.org
, Oct 20 2016