FeaturesGenerationTest.FeaturesTest failing on CFI bots |
||
Issue descriptionStarted here: https://build.chromium.org/p/chromium.fyi/builders/ClangToTLinuxUBSanVptr%20tester/builds/934 https://build.chromium.org/p/chromium.fyi/builders/CFI%20Linux%20ToT/builds/5035 FeaturesGenerationTest.FeaturesTest (run #1): [ RUN ] FeaturesGenerationTest.FeaturesTest ../../tools/json_schema_compiler/test/features_generation_unittest.cc:102:12: runtime error: downcast of address 0x35105d02c080 which does not point to an object of type 'APIFeature' (aka 'extensions::SimpleFeature') 0x35105d02c080: note: object is of type 'extensions::ComplexFeature' 00 00 00 00 a8 64 84 20 00 00 00 00 e8 eb 02 5d 10 35 00 00 d8 64 a4 bc 2f 7f 00 00 18 ec 02 5d ^~~~~~~~~~~~~~~~~~~~~~~ vptr for 'extensions::ComplexFeature' #0 0x2d6ef70 (/b/swarm_slave/w/irK2CFMN/out/Release/unit_tests+0x2d6ef70) #1 0xb279d42 (/b/swarm_slave/w/irK2CFMN/out/Release/unit_tests+0xb279d42) #2 0xb27cb92 (/b/swarm_slave/w/irK2CFMN/out/Release/unit_tests+0xb27cb92) #3 0xb27eb42 (/b/swarm_slave/w/irK2CFMN/out/Release/unit_tests+0xb27eb42) #4 0xb2976c7 (/b/swarm_slave/w/irK2CFMN/out/Release/unit_tests+0xb2976c7) #5 0xb296207 (/b/swarm_slave/w/irK2CFMN/out/Release/unit_tests+0xb296207) #6 0xa5b5629 (/b/swarm_slave/w/irK2CFMN/out/Release/unit_tests+0xa5b5629) #7 0xa5ba1b0 (/b/swarm_slave/w/irK2CFMN/out/Release/unit_tests+0xa5ba1b0) #8 0xa5b9fca (/b/swarm_slave/w/irK2CFMN/out/Release/unit_tests+0xa5b9fca) #9 0xa5a55b1 (/b/swarm_slave/w/irK2CFMN/out/Release/unit_tests+0xa5a55b1) #10 0x7f2fbc1a67ec (/lib/x86_64-linux-gnu/libc.so.6+0x217ec) #11 0x951cbc (/b/swarm_slave/w/irK2CFMN/out/Release/unit_tests+0x951cbc) Looks like https://codereview.chromium.org/2494653005 caused this. tbarzic, can you take a look? If it takes a while to diagnose, consider reverting while you debug. https://www.chromium.org/developers/testing/control-flow-integrity has some notes on CFI.
,
Dec 1 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f37d4947c6fd5ccb4189f2e24a6f0031ee37676d commit f37d4947c6fd5ccb4189f2e24a6f0031ee37676d Author: krasin <krasin@chromium.org> Date: Thu Dec 01 21:15:26 2016 Fix invalid casts from ComplexFeature to SimpleFeature. UBSan and CFI made the following invalid cast: ../../tools/json_schema_compiler/test/features_generation_unittest.cc:102:12: runtime error: downcast of address 0x1f55b1c64040 which does not point to an object of type 'APIFeature' (aka 'extensions::SimpleFeat ure') 0x1f55b1c64040: note: object is of type 'extensions::ComplexFeature' It is currently impossible to catch regressions like these with the CQ, but there is a work on getting a UBSan Vptr trybot there. BUG=612594, 670404 Review-Url: https://codereview.chromium.org/2542163002 Cr-Commit-Position: refs/heads/master@{#435713} [modify] https://crrev.com/f37d4947c6fd5ccb4189f2e24a6f0031ee37676d/tools/json_schema_compiler/test/features_generation_unittest.cc
,
Dec 1 2016
|
||
►
Sign in to add a comment |
||
Comment 1 by krasin@chromium.org
, Dec 1 2016