TSAN startup crash |
|||||||
Issue descriptionlinux_tsan_chrome_mp (r436291) /mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436291/chrome --user-data-dir=/mnt/scratch0/tmp/user_profile_0 --log-net-log=/mnt/scratch0/tmp/net_log_0 --ignore-gpu-blacklist --allow-file-access-from-files --disable-gesture-requirement-for-media-playback --disable-click-to-play --disable-hang-monitor --dns-prefetch-disable --disable-default-apps --disable-component-update --safebrowsing-disable-auto-update --metrics-recording-only --disable-gpu-watchdog --disable-metrics --disable-popup-blocking --disable-prompt-on-repost --enable-experimental-extension-apis --enable-extension-apps --js-flags="--expose-gc" --new-window --no-default-browser-check --no-first-run --no-process-singleton-dialog --enable-shadow-dom --enable-media-stream --disable-gpu --no-sandbox Xlib: extension "RANDR" missing on display ":1". Xlib: extension "RANDR" missing on display ":1". ================== WARNING: ThreadSanitizer: data race (pid=2756) Read of size 1 at 0x7fbf532524d0 by thread T18: #0 0x7fbf4a0ec8a2 in tracked_objects::ScopedTracker::ScopedTracker(tracked_objects::Location const&) base/profiler/scoped_tracker.cc:23:7 #1 0x7fbf4937d9c9 in content::CreateCookieStore(content::CookieStoreConfig const&) content/browser/net/quota_policy_cookie_store.cc:135:34 #2 0x7fbf49da0461 in IOThread::Init() chrome/browser/io_thread.cc:610:7 #3 0x7fbf490d71a5 in content::BrowserThreadImpl::Init() content/browser/browser_thread_impl.cc:205:15 #4 0x7fbf490d602f in content::BrowserProcessSubThread::Init() content/browser/browser_process_sub_thread.cc:38:22 #5 0x7fbf4a127900 in base::Thread::ThreadMain() base/threading/thread.cc:317:3 #6 0x7fbf4a120a1e in base::(anonymous namespace)::ThreadFunc(void*) base/threading/platform_thread_posix.cc:71:13 Previous write of size 1 at 0x7fbf532524d0 by main thread: [failed to restore the stack] Location is global 'tracked_objects::(anonymous namespace)::g_scoped_profile_mode' of size 1 at 0x7fbf532524d0 (chrome+0x00000c1eb4d0) Thread T18 'Chrome_IOThread' (tid=2778, running) created by main thread at: #0 0x7fbf47c500a6 in pthread_create (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436291/chrome+0xbe90a5) #1 0x7fbf4a120518 in base::(anonymous namespace)::CreateThread(unsigned long, bool, base::PlatformThread::Delegate*, base::PlatformThreadHandle*, base::ThreadPriority) base/threading/platform_thread_posix.cc:110:13 #2 0x7fbf4a120416 in base::PlatformThread::CreateWithPriority(unsigned long, base::PlatformThread::Delegate*, base::PlatformThreadHandle*, base::ThreadPriority) base/threading/platform_thread_posix.cc:191:10 #3 0x7fbf4a1272b6 in base::Thread::StartWithOptions(base::Thread::Options const&) base/threading/thread.cc:112:15 #4 0x7fbf490d7f35 in content::BrowserThreadImpl::StartWithOptions(base::Thread::Options const&) content/browser/browser_thread_impl.cc:359:25 #5 0x7fbf490c5f0b in content::BrowserMainLoop::CreateThreads() content/browser/browser_main_loop.cc:956:32 #6 0x7fbf490ca926 in base::internal::Invoker<base::internal::BindState<int (content::BrowserMainLoop::*)(), base::internal::UnretainedWrapper<content::BrowserMainLoop> >, int ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:214:12 #7 0x7fbf4956304b in content::StartupTaskRunner::RunAllTasksNow() base/callback.h:85:12 #8 0x7fbf490c54b0 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:864:25 #9 0x7fbf490cb2c1 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:126:17 #10 0x7fbf490c20ae in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #11 0x7fbf49b82c35 in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:14 #12 0x7fbf49b83918 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:786:12 #13 0x7fbf49b81a6f in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #14 0x7fbf47caee15 in ChromeMain chrome/app/chrome_main.cc:108:12 #15 0x7fbf47caedaf in main chrome/app/chrome_exe_main_aura.cc:17:10 SUMMARY: ThreadSanitizer: data race base/profiler/scoped_tracker.cc:23:7 in tracked_objects::ScopedTracker::ScopedTracker(tracked_objects::Location const&) ================== Xlib: extension "RANDR" missing on display ":1". Xlib: extension "RANDR" missing on display ":1". ================== WARNING: ThreadSanitizer: data race (pid=2756) Read of size 1 at 0x7fbf532524d0 by thread T18: #0 0x7fbf4a0ec8a2 in tracked_objects::ScopedTracker::ScopedTracker(tracked_objects::Location const&) base/profiler/scoped_tracker.cc:23:7 #1 0x7fbf4937d9c9 in content::CreateCookieStore(content::CookieStoreConfig const&) content/browser/net/quota_policy_cookie_store.cc:135:34 #2 0x7fbf49da0461 in IOThread::Init() chrome/browser/io_thread.cc:610:7 #3 0x7fbf490d71a5 in content::BrowserThreadImpl::Init() content/browser/browser_thread_impl.cc:205:15 #4 0x7fbf490d602f in content::BrowserProcessSubThread::Init() content/browser/browser_process_sub_thread.cc:38:22 #5 0x7fbf4a127900 in base::Thread::ThreadMain() base/threading/thread.cc:317:3 #6 0x7fbf4a120a1e in base::(anonymous namespace)::ThreadFunc(void*) base/threading/platform_thread_posix.cc:71:13 Previous write of size 1 at 0x7fbf532524d0 by main thread: [failed to restore the stack] Location is global 'tracked_objects::(anonymous namespace)::g_scoped_profile_mode' of size 1 at 0x7fbf532524d0 (chrome+0x00000c1eb4d0) Thread T18 'Chrome_IOThread' (tid=2778, running) created by main thread at: #0 0x7fbf47c500a6 in pthread_create (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436291/chrome+0xbe90a5) #1 0x7fbf4a120518 in base::(anonymous namespace)::CreateThread(unsigned long, bool, base::PlatformThread::Delegate*, base::PlatformThreadHandle*, base::ThreadPriority) base/threading/platform_thread_posix.cc:110:13 #2 0x7fbf4a120416 in base::PlatformThread::CreateWithPriority(unsigned long, base::PlatformThread::Delegate*, base::PlatformThreadHandle*, base::ThreadPriority) base/threading/platform_thread_posix.cc:191:10 #3 0x7fbf4a1272b6 in base::Thread::StartWithOptions(base::Thread::Options const&) base/threading/thread.cc:112:15 #4 0x7fbf490d7f35 in content::BrowserThreadImpl::StartWithOptions(base::Thread::Options const&) content/browser/browser_thread_impl.cc:359:25 #5 0x7fbf490c5f0b in content::BrowserMainLoop::CreateThreads() content/browser/browser_main_loop.cc:956:32 #6 0x7fbf490ca926 in base::internal::Invoker<base::internal::BindState<int (content::BrowserMainLoop::*)(), base::internal::UnretainedWrapper<content::BrowserMainLoop> >, int ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:214:12 #7 0x7fbf4956304b in content::StartupTaskRunner::RunAllTasksNow() base/callback.h:85:12 #8 0x7fbf490c54b0 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:864:25 #9 0x7fbf490cb2c1 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:126:17 #10 0x7fbf490c20ae in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #11 0x7fbf49b82c35 in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:14 #12 0x7fbf49b83918 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:786:12 #13 0x7fbf49b81a6f in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #14 0x7fbf47caee15 in ChromeMain chrome/app/chrome_main.cc:108:12 #15 0x7fbf47caedaf in main chrome/app/chrome_exe_main_aura.cc:17:10 SUMMARY: ThreadSanitizer: data race base/profiler/scoped_tracker.cc:23:7 in tracked_objects::ScopedTracker::ScopedTracker(tracked_objects::Location const&) ==================
,
Dec 5 2016
More TSAN crashes linux_tsan_chrome_mp (r436323) /mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436323/chrome --user-data-dir=/mnt/scratch0/tmp/user_profile_0 --log-net-log=/mnt/scratch0/tmp/net_log_0 --ignore-gpu-blacklist --allow-file-access-from-files --disable-gesture-requirement-for-media-playback --disable-click-to-play --disable-hang-monitor --dns-prefetch-disable --disable-default-apps --disable-component-update --safebrowsing-disable-auto-update --metrics-recording-only --disable-gpu-watchdog --disable-metrics --disable-popup-blocking --disable-prompt-on-repost --enable-experimental-extension-apis --enable-extension-apps --js-flags="--expose-gc" --new-window --no-default-browser-check --no-first-run --no-process-singleton-dialog --enable-shadow-dom --enable-media-stream --disable-gpu --no-sandbox Xlib: extension "RANDR" missing on display ":1". Xlib: extension "RANDR" missing on display ":1". ================== WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock) (pid=24253) Cycle in lock order graph: M422 (0x7b100001a0c0) => M413 (0x7b2000009100) => M422 Mutex M413 acquired here while holding mutex M422 in main thread: #0 0x7fda58f521cf in pthread_mutex_lock (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436323/chrome+0xc021ce) #1 0x7fda5b3f09b6 in base::internal::LockImpl::Lock() base/synchronization/lock_impl_posix.cc:64:12 #2 0x7fda5b3ac65b in base::FieldTrialList::IsTrialActive(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) base/synchronization/lock.h:26:26 #3 0x7fda5b3b1696 in base::FieldTrialParamAssociator::AssociateFieldTrialParams(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::map<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::less<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >, std::__1::allocator<std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > > const&) base/metrics/field_trial_param_associator.cc:26:7 #4 0x7fda5c35ace2 in variations::AssociateVariationParams(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::map<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::less<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >, std::__1::allocator<std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > > const&) components/variations/variations_associated_data.cc:150:9 #5 0x7fda5e25ecdc in variations::AssociateParamsFromFieldTrialConfig(variations::FieldTrialTestingConfig const&, base::FeatureList*) components/variations/field_trial_config/field_trial_util.cc:41:5 #6 0x7fda5e25ef31 in variations::AssociateDefaultFieldTrialConfig(base::FeatureList*) components/variations/field_trial_config/field_trial_util.cc:150:3 #7 0x7fda5b1de948 in ChromeBrowserMainParts::SetupFieldTrials() chrome/browser/chrome_browser_main.cc:730:5 #8 0x7fda5b1e1116 in ChromeBrowserMainParts::PreCreateThreadsImpl() chrome/browser/chrome_browser_main.cc:1211:3 #9 0x7fda5b1dfc7f in ChromeBrowserMainParts::PreCreateThreads() chrome/browser/chrome_browser_main.cc:933:18 #10 0x7fda5a3ade24 in content::BrowserMainLoop::PreCreateThreads() content/browser/browser_main_loop.cc:749:28 #11 0x7fda5a3b3b36 in base::internal::Invoker<base::internal::BindState<int (content::BrowserMainLoop::*)(), base::internal::UnretainedWrapper<content::BrowserMainLoop> >, int ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:214:12 #12 0x7fda5a84c34b in content::StartupTaskRunner::RunAllTasksNow() base/callback.h:85:12 #13 0x7fda5a3ae6c0 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:864:25 #14 0x7fda5a3b44d1 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:126:17 #15 0x7fda5a3ab2be in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #16 0x7fda5ae6bed5 in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:14 #17 0x7fda5ae6cbb8 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:786:12 #18 0x7fda5ae6ad5f in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #19 0x7fda58f97e15 in ChromeMain chrome/app/chrome_main.cc:108:12 #20 0x7fda58f97daf in main chrome/app/chrome_exe_main_aura.cc:17:10 Mutex M422 previously acquired by the same thread here: #0 0x7fda58f521cf in pthread_mutex_lock (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436323/chrome+0xc021ce) #1 0x7fda5b3f09b6 in base::internal::LockImpl::Lock() base/synchronization/lock_impl_posix.cc:64:12 #2 0x7fda5b3b168e in base::FieldTrialParamAssociator::AssociateFieldTrialParams(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::map<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::less<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >, std::__1::allocator<std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > > const&) base/synchronization/lock.h:26:26 #3 0x7fda5c35ace2 in variations::AssociateVariationParams(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::map<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::less<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >, std::__1::allocator<std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > > const&) components/variations/variations_associated_data.cc:150:9 #4 0x7fda5e25ecdc in variations::AssociateParamsFromFieldTrialConfig(variations::FieldTrialTestingConfig const&, base::FeatureList*) components/variations/field_trial_config/field_trial_util.cc:41:5 #5 0x7fda5e25ef31 in variations::AssociateDefaultFieldTrialConfig(base::FeatureList*) components/variations/field_trial_config/field_trial_util.cc:150:3 #6 0x7fda5b1de948 in ChromeBrowserMainParts::SetupFieldTrials() chrome/browser/chrome_browser_main.cc:730:5 #7 0x7fda5b1e1116 in ChromeBrowserMainParts::PreCreateThreadsImpl() chrome/browser/chrome_browser_main.cc:1211:3 #8 0x7fda5b1dfc7f in ChromeBrowserMainParts::PreCreateThreads() chrome/browser/chrome_browser_main.cc:933:18 #9 0x7fda5a3ade24 in content::BrowserMainLoop::PreCreateThreads() content/browser/browser_main_loop.cc:749:28 #10 0x7fda5a3b3b36 in base::internal::Invoker<base::internal::BindState<int (content::BrowserMainLoop::*)(), base::internal::UnretainedWrapper<content::BrowserMainLoop> >, int ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:214:12 #11 0x7fda5a84c34b in content::StartupTaskRunner::RunAllTasksNow() base/callback.h:85:12 #12 0x7fda5a3ae6c0 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:864:25 #13 0x7fda5a3b44d1 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:126:17 #14 0x7fda5a3ab2be in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #15 0x7fda5ae6bed5 in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:14 #16 0x7fda5ae6cbb8 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:786:12 #17 0x7fda5ae6ad5f in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #18 0x7fda58f97e15 in ChromeMain chrome/app/chrome_main.cc:108:12 #19 0x7fda58f97daf in main chrome/app/chrome_exe_main_aura.cc:17:10 Mutex M422 acquired here while holding mutex M413 in main thread: #0 0x7fda58f521cf in pthread_mutex_lock (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436323/chrome+0xc021ce) #1 0x7fda5b3f09b6 in base::internal::LockImpl::Lock() base/synchronization/lock_impl_posix.cc:64:12 #2 0x7fda5b3b192e in base::FieldTrialParamAssociator::GetFieldTrialParamsWithoutFallback(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::map<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::less<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >, std::__1::allocator<std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > >*) base/synchronization/lock.h:26:26 #3 0x7fda5b3aefa5 in base::FieldTrialList::AddToAllocatorWhileLocked(base::FieldTrial*) base/metrics/field_trial.cc:157:45 #4 0x7fda5b3ae0d2 in base::FieldTrialList::InstantiateFieldTrialAllocatorIfNeeded() base/metrics/field_trial.cc:1213:5 #5 0x7fda5b3ae248 in base::FieldTrialList::CopyFieldTrialStateToFlags(char const*, char const*, char const*, base::CommandLine*) base/metrics/field_trial.cc:908:5 #6 0x7fda5a3a488f in content::BrowserChildProcessHostImpl::CopyFeatureAndFieldTrialFlags(base::CommandLine*) content/browser/browser_child_process_host_impl.cc:224:3 #7 0x7fda5a71cf52 in content::RenderProcessHostImpl::PropagateBrowserCommandLineToRenderer(base::CommandLine const&, base::CommandLine*) content/browser/renderer_host/render_process_host_impl.cc:1833:3 #8 0x7fda5a7196f1 in content::RenderProcessHostImpl::AppendRendererCommandLine(base::CommandLine*) content/browser/renderer_host/render_process_host_impl.cc:1596:3 #9 0x7fda5a716db9 in content::RenderProcessHostImpl::Init() content/browser/renderer_host/render_process_host_impl.cc:886:5 #10 0x7fda5a51d5b0 in content::RenderFrameHostManager::CreatePendingRenderFrameHost(content::SiteInstance*, content::SiteInstance*) content/browser/frame_host/render_frame_host_manager.cc:1599:36 #11 0x7fda5a51742a in content::RenderFrameHostManager::UpdateStateForNavigate(GURL const&, content::SiteInstance*, content::SiteInstance*, ui::PageTransition, bool, bool, content::GlobalRequestID const&, int, bool) content/browser/frame_host/render_frame_host_manager.cc:2324:7 #12 0x7fda5a516b95 in content::RenderFrameHostManager::Navigate(GURL const&, content::FrameNavigationEntry const&, content::NavigationEntryImpl const&, bool) content/browser/frame_host/render_frame_host_manager.cc:210:49 #13 0x7fda5a4f2f71 in content::NavigatorImpl::NavigateToEntry(content::FrameTreeNode*, content::FrameNavigationEntry const&, content::NavigationEntryImpl const&, content::ReloadType, bool, bool, bool, scoped_refptr<content::ResourceRequestBodyImpl> const&) content/browser/frame_host/navigator_impl.cc:380:44 #14 0x7fda5a4f3c96 in content::NavigatorImpl::NavigateToPendingEntry(content::FrameTreeNode*, content::FrameNavigationEntry const&, content::ReloadType, bool) content/browser/frame_host/navigator_impl.cc:474:10 #15 0x7fda5a4ddfc3 in content::NavigationControllerImpl::NavigateToPendingEntryInternal(content::ReloadType) content/browser/frame_host/navigation_controller_impl.cc:1864:36 #16 0x7fda5a4d83ec in content::NavigationControllerImpl::NavigateToPendingEntry(content::ReloadType) content/browser/frame_host/navigation_controller_impl.cc:1806:18 #17 0x7fda5a4d9a16 in content::NavigationControllerImpl::LoadURLWithParams(content::NavigationController::LoadURLParams const&) content/browser/frame_host/navigation_controller_impl.cc:433:3 #18 0x7fda5ddcbb98 in (anonymous namespace)::LoadURLInContents(content::WebContents*, GURL const&, chrome::NavigateParams*) chrome/browser/ui/browser_navigator.cc:285:36 #19 0x7fda5ddcb3d1 in chrome::Navigate(chrome::NavigateParams*) chrome/browser/ui/browser_navigator.cc:551:9 #20 0x7fda5dde7651 in StartupBrowserCreatorImpl::OpenTabsInBrowser(Browser*, bool, std::__1::vector<StartupTab, std::__1::allocator<StartupTab> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:480:5 #21 0x7fda5dde9473 in StartupBrowserCreatorImpl::ProcessSpecifiedURLs(std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:1065:22 #22 0x7fda5dde8de7 in StartupBrowserCreatorImpl::ProcessStartupURLs(std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:1006:22 #23 0x7fda5dde6d56 in StartupBrowserCreatorImpl::ProcessLaunchURLs(bool, std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:893:26 #24 0x7fda5dde6620 in StartupBrowserCreatorImpl::Launch(Profile*, std::__1::vector<GURL, std::__1::allocator<GURL> > const&, bool) chrome/browser/ui/startup/startup_browser_creator_impl.cc:382:7 #25 0x7fda5dde34ad in StartupBrowserCreator::LaunchBrowser(base::CommandLine const&, Profile*, base::FilePath const&, chrome::startup::IsProcessStartup, chrome::startup::IsFirstRun) chrome/browser/ui/startup/startup_browser_creator.cc:373:13 #26 0x7fda5dde3017 in StartupBrowserCreator::ProcessCmdLineImpl(base::CommandLine const&, base::FilePath const&, bool, Profile*, std::__1::vector<Profile*, std::__1::allocator<Profile*> > const&) chrome/browser/ui/startup/startup_browser_creator.cc:750:10 #27 0x7fda5dde2229 in StartupBrowserCreator::Start(base::CommandLine const&, base::FilePath const&, Profile*, std::__1::vector<Profile*, std::__1::allocator<Profile*> > const&) chrome/browser/ui/startup/startup_browser_creator.cc:328:10 #28 0x7fda5b1e2e6c in ChromeBrowserMainParts::PreMainMessageLoopRunImpl() chrome/browser/chrome_browser_main.cc:1865:42 #29 0x7fda5b1e1b40 in ChromeBrowserMainParts::PreMainMessageLoopRun() chrome/browser/chrome_browser_main.cc:1246:18 #30 0x7fda5a3b0731 in content::BrowserMainLoop::PreMainMessageLoopRun() content/browser/browser_main_loop.cc:979:13 #31 0x7fda5a3b3b36 in base::internal::Invoker<base::internal::BindState<int (content::BrowserMainLoop::*)(), base::internal::UnretainedWrapper<content::BrowserMainLoop> >, int ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:214:12 #32 0x7fda5a84c34b in content::StartupTaskRunner::RunAllTasksNow() base/callback.h:85:12 #33 0x7fda5a3ae6c0 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:864:25 #34 0x7fda5a3b44d1 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:126:17 #35 0x7fda5a3ab2be in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #36 0x7fda5ae6bed5 in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:14 #37 0x7fda5ae6cbb8 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:786:12 #38 0x7fda5ae6ad5f in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #39 0x7fda58f97e15 in ChromeMain chrome/app/chrome_main.cc:108:12 #40 0x7fda58f97daf in main chrome/app/chrome_exe_main_aura.cc:17:10 Mutex M413 previously acquired by the same thread here: #0 0x7fda58f521cf in pthread_mutex_lock (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436323/chrome+0xc021ce) #1 0x7fda5b3f09b6 in base::internal::LockImpl::Lock() base/synchronization/lock_impl_posix.cc:64:12 #2 0x7fda5b3adf3b in base::FieldTrialList::InstantiateFieldTrialAllocatorIfNeeded() base/synchronization/lock.h:26:26 #3 0x7fda5b3ae248 in base::FieldTrialList::CopyFieldTrialStateToFlags(char const*, char const*, char const*, base::CommandLine*) base/metrics/field_trial.cc:908:5 #4 0x7fda5a3a488f in content::BrowserChildProcessHostImpl::CopyFeatureAndFieldTrialFlags(base::CommandLine*) content/browser/browser_child_process_host_impl.cc:224:3 #5 0x7fda5a71cf52 in content::RenderProcessHostImpl::PropagateBrowserCommandLineToRenderer(base::CommandLine const&, base::CommandLine*) content/browser/renderer_host/render_process_host_impl.cc:1833:3 #6 0x7fda5a7196f1 in content::RenderProcessHostImpl::AppendRendererCommandLine(base::CommandLine*) content/browser/renderer_host/render_process_host_impl.cc:1596:3 #7 0x7fda5a716db9 in content::RenderProcessHostImpl::Init() content/browser/renderer_host/render_process_host_impl.cc:886:5 #8 0x7fda5a51d5b0 in content::RenderFrameHostManager::CreatePendingRenderFrameHost(content::SiteInstance*, content::SiteInstance*) content/browser/frame_host/render_frame_host_manager.cc:1599:36 #9 0x7fda5a51742a in content::RenderFrameHostManager::UpdateStateForNavigate(GURL const&, content::SiteInstance*, content::SiteInstance*, ui::PageTransition, bool, bool, content::GlobalRequestID const&, int, bool) content/browser/frame_host/render_frame_host_manager.cc:2324:7 #10 0x7fda5a516b95 in content::RenderFrameHostManager::Navigate(GURL const&, content::FrameNavigationEntry const&, content::NavigationEntryImpl const&, bool) content/browser/frame_host/render_frame_host_manager.cc:210:49 #11 0x7fda5a4f2f71 in content::NavigatorImpl::NavigateToEntry(content::FrameTreeNode*, content::FrameNavigationEntry const&, content::NavigationEntryImpl const&, content::ReloadType, bool, bool, bool, scoped_refptr<content::ResourceRequestBodyImpl> const&) content/browser/frame_host/navigator_impl.cc:380:44 #12 0x7fda5a4f3c96 in content::NavigatorImpl::NavigateToPendingEntry(content::FrameTreeNode*, content::FrameNavigationEntry const&, content::ReloadType, bool) content/browser/frame_host/navigator_impl.cc:474:10 #13 0x7fda5a4ddfc3 in content::NavigationControllerImpl::NavigateToPendingEntryInternal(content::ReloadType) content/browser/frame_host/navigation_controller_impl.cc:1864:36 #14 0x7fda5a4d83ec in content::NavigationControllerImpl::NavigateToPendingEntry(content::ReloadType) content/browser/frame_host/navigation_controller_impl.cc:1806:18 #15 0x7fda5a4d9a16 in content::NavigationControllerImpl::LoadURLWithParams(content::NavigationController::LoadURLParams const&) content/browser/frame_host/navigation_controller_impl.cc:433:3 #16 0x7fda5ddcbb98 in (anonymous namespace)::LoadURLInContents(content::WebContents*, GURL const&, chrome::NavigateParams*) chrome/browser/ui/browser_navigator.cc:285:36 #17 0x7fda5ddcb3d1 in chrome::Navigate(chrome::NavigateParams*) chrome/browser/ui/browser_navigator.cc:551:9 #18 0x7fda5dde7651 in StartupBrowserCreatorImpl::OpenTabsInBrowser(Browser*, bool, std::__1::vector<StartupTab, std::__1::allocator<StartupTab> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:480:5 #19 0x7fda5dde9473 in StartupBrowserCreatorImpl::ProcessSpecifiedURLs(std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:1065:22 #20 0x7fda5dde8de7 in StartupBrowserCreatorImpl::ProcessStartupURLs(std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:1006:22 #21 0x7fda5dde6d56 in StartupBrowserCreatorImpl::ProcessLaunchURLs(bool, std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:893:26 #22 0x7fda5dde6620 in StartupBrowserCreatorImpl::Launch(Profile*, std::__1::vector<GURL, std::__1::allocator<GURL> > const&, bool) chrome/browser/ui/startup/startup_browser_creator_impl.cc:382:7 #23 0x7fda5dde34ad in StartupBrowserCreator::LaunchBrowser(base::CommandLine const&, Profile*, base::FilePath const&, chrome::startup::IsProcessStartup, chrome::startup::IsFirstRun) chrome/browser/ui/startup/startup_browser_creator.cc:373:13 #24 0x7fda5dde3017 in StartupBrowserCreator::ProcessCmdLineImpl(base::CommandLine const&, base::FilePath const&, bool, Profile*, std::__1::vector<Profile*, std::__1::allocator<Profile*> > const&) chrome/browser/ui/startup/startup_browser_creator.cc:750:10 #25 0x7fda5dde2229 in StartupBrowserCreator::Start(base::CommandLine const&, base::FilePath const&, Profile*, std::__1::vector<Profile*, std::__1::allocator<Profile*> > const&) chrome/browser/ui/startup/startup_browser_creator.cc:328:10 #26 0x7fda5b1e2e6c in ChromeBrowserMainParts::PreMainMessageLoopRunImpl() chrome/browser/chrome_browser_main.cc:1865:42 #27 0x7fda5b1e1b40 in ChromeBrowserMainParts::PreMainMessageLoopRun() chrome/browser/chrome_browser_main.cc:1246:18 #28 0x7fda5a3b0731 in content::BrowserMainLoop::PreMainMessageLoopRun() content/browser/browser_main_loop.cc:979:13 #29 0x7fda5a3b3b36 in base::internal::Invoker<base::internal::BindState<int (content::BrowserMainLoop::*)(), base::internal::UnretainedWrapper<content::BrowserMainLoop> >, int ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:214:12 #30 0x7fda5a84c34b in content::StartupTaskRunner::RunAllTasksNow() base/callback.h:85:12 #31 0x7fda5a3ae6c0 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:864:25 #32 0x7fda5a3b44d1 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:126:17 #33 0x7fda5a3ab2be in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #34 0x7fda5ae6bed5 in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:14 #35 0x7fda5ae6cbb8 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:786:12 #36 0x7fda5ae6ad5f in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #37 0x7fda58f97e15 in ChromeMain chrome/app/chrome_main.cc:108:12 #38 0x7fda58f97daf in main chrome/app/chrome_exe_main_aura.cc:17:10 SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436323/chrome+0xc021ce) in __interceptor_pthread_mutex_lock ================== Xlib: extension "RANDR" missing on display ":1". Xlib: extension "RANDR" missing on display ":1". ================== WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock) (pid=24253) Cycle in lock order graph: M422 (0x7b100001a0c0) => M413 (0x7b2000009100) => M422 Mutex M413 acquired here while holding mutex M422 in main thread: #0 0x7fda58f521cf in pthread_mutex_lock (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436323/chrome+0xc021ce) #1 0x7fda5b3f09b6 in base::internal::LockImpl::Lock() base/synchronization/lock_impl_posix.cc:64:12 #2 0x7fda5b3ac65b in base::FieldTrialList::IsTrialActive(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) base/synchronization/lock.h:26:26 #3 0x7fda5b3b1696 in base::FieldTrialParamAssociator::AssociateFieldTrialParams(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::map<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::less<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >, std::__1::allocator<std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > > const&) base/metrics/field_trial_param_associator.cc:26:7 #4 0x7fda5c35ace2 in variations::AssociateVariationParams(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::map<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::less<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >, std::__1::allocator<std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > > const&) components/variations/variations_associated_data.cc:150:9 #5 0x7fda5e25ecdc in variations::AssociateParamsFromFieldTrialConfig(variations::FieldTrialTestingConfig const&, base::FeatureList*) components/variations/field_trial_config/field_trial_util.cc:41:5 #6 0x7fda5e25ef31 in variations::AssociateDefaultFieldTrialConfig(base::FeatureList*) components/variations/field_trial_config/field_trial_util.cc:150:3 #7 0x7fda5b1de948 in ChromeBrowserMainParts::SetupFieldTrials() chrome/browser/chrome_browser_main.cc:730:5 #8 0x7fda5b1e1116 in ChromeBrowserMainParts::PreCreateThreadsImpl() chrome/browser/chrome_browser_main.cc:1211:3 #9 0x7fda5b1dfc7f in ChromeBrowserMainParts::PreCreateThreads() chrome/browser/chrome_browser_main.cc:933:18 #10 0x7fda5a3ade24 in content::BrowserMainLoop::PreCreateThreads() content/browser/browser_main_loop.cc:749:28 #11 0x7fda5a3b3b36 in base::internal::Invoker<base::internal::BindState<int (content::BrowserMainLoop::*)(), base::internal::UnretainedWrapper<content::BrowserMainLoop> >, int ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:214:12 #12 0x7fda5a84c34b in content::StartupTaskRunner::RunAllTasksNow() base/callback.h:85:12 #13 0x7fda5a3ae6c0 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:864:25 #14 0x7fda5a3b44d1 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:126:17 #15 0x7fda5a3ab2be in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #16 0x7fda5ae6bed5 in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:14 #17 0x7fda5ae6cbb8 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:786:12 #18 0x7fda5ae6ad5f in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #19 0x7fda58f97e15 in ChromeMain chrome/app/chrome_main.cc:108:12 #20 0x7fda58f97daf in main chrome/app/chrome_exe_main_aura.cc:17:10 Mutex M422 previously acquired by the same thread here: #0 0x7fda58f521cf in pthread_mutex_lock (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436323/chrome+0xc021ce) #1 0x7fda5b3f09b6 in base::internal::LockImpl::Lock() base/synchronization/lock_impl_posix.cc:64:12 #2 0x7fda5b3b168e in base::FieldTrialParamAssociator::AssociateFieldTrialParams(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::map<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::less<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >, std::__1::allocator<std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > > const&) base/synchronization/lock.h:26:26 #3 0x7fda5c35ace2 in variations::AssociateVariationParams(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::map<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::less<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >, std::__1::allocator<std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > > const&) components/variations/variations_associated_data.cc:150:9 #4 0x7fda5e25ecdc in variations::AssociateParamsFromFieldTrialConfig(variations::FieldTrialTestingConfig const&, base::FeatureList*) components/variations/field_trial_config/field_trial_util.cc:41:5 #5 0x7fda5e25ef31 in variations::AssociateDefaultFieldTrialConfig(base::FeatureList*) components/variations/field_trial_config/field_trial_util.cc:150:3 #6 0x7fda5b1de948 in ChromeBrowserMainParts::SetupFieldTrials() chrome/browser/chrome_browser_main.cc:730:5 #7 0x7fda5b1e1116 in ChromeBrowserMainParts::PreCreateThreadsImpl() chrome/browser/chrome_browser_main.cc:1211:3 #8 0x7fda5b1dfc7f in ChromeBrowserMainParts::PreCreateThreads() chrome/browser/chrome_browser_main.cc:933:18 #9 0x7fda5a3ade24 in content::BrowserMainLoop::PreCreateThreads() content/browser/browser_main_loop.cc:749:28 #10 0x7fda5a3b3b36 in base::internal::Invoker<base::internal::BindState<int (content::BrowserMainLoop::*)(), base::internal::UnretainedWrapper<content::BrowserMainLoop> >, int ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:214:12 #11 0x7fda5a84c34b in content::StartupTaskRunner::RunAllTasksNow() base/callback.h:85:12 #12 0x7fda5a3ae6c0 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:864:25 #13 0x7fda5a3b44d1 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:126:17 #14 0x7fda5a3ab2be in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #15 0x7fda5ae6bed5 in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:14 #16 0x7fda5ae6cbb8 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:786:12 #17 0x7fda5ae6ad5f in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #18 0x7fda58f97e15 in ChromeMain chrome/app/chrome_main.cc:108:12 #19 0x7fda58f97daf in main chrome/app/chrome_exe_main_aura.cc:17:10 Mutex M422 acquired here while holding mutex M413 in main thread: #0 0x7fda58f521cf in pthread_mutex_lock (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436323/chrome+0xc021ce) #1 0x7fda5b3f09b6 in base::internal::LockImpl::Lock() base/synchronization/lock_impl_posix.cc:64:12 #2 0x7fda5b3b192e in base::FieldTrialParamAssociator::GetFieldTrialParamsWithoutFallback(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::map<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, std::__1::less<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >, std::__1::allocator<std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > >*) base/synchronization/lock.h:26:26 #3 0x7fda5b3aefa5 in base::FieldTrialList::AddToAllocatorWhileLocked(base::FieldTrial*) base/metrics/field_trial.cc:157:45 #4 0x7fda5b3ae0d2 in base::FieldTrialList::InstantiateFieldTrialAllocatorIfNeeded() base/metrics/field_trial.cc:1213:5 #5 0x7fda5b3ae248 in base::FieldTrialList::CopyFieldTrialStateToFlags(char const*, char const*, char const*, base::CommandLine*) base/metrics/field_trial.cc:908:5 #6 0x7fda5a3a488f in content::BrowserChildProcessHostImpl::CopyFeatureAndFieldTrialFlags(base::CommandLine*) content/browser/browser_child_process_host_impl.cc:224:3 #7 0x7fda5a71cf52 in content::RenderProcessHostImpl::PropagateBrowserCommandLineToRenderer(base::CommandLine const&, base::CommandLine*) content/browser/renderer_host/render_process_host_impl.cc:1833:3 #8 0x7fda5a7196f1 in content::RenderProcessHostImpl::AppendRendererCommandLine(base::CommandLine*) content/browser/renderer_host/render_process_host_impl.cc:1596:3 #9 0x7fda5a716db9 in content::RenderProcessHostImpl::Init() content/browser/renderer_host/render_process_host_impl.cc:886:5 #10 0x7fda5a51d5b0 in content::RenderFrameHostManager::CreatePendingRenderFrameHost(content::SiteInstance*, content::SiteInstance*) content/browser/frame_host/render_frame_host_manager.cc:1599:36 #11 0x7fda5a51742a in content::RenderFrameHostManager::UpdateStateForNavigate(GURL const&, content::SiteInstance*, content::SiteInstance*, ui::PageTransition, bool, bool, content::GlobalRequestID const&, int, bool) content/browser/frame_host/render_frame_host_manager.cc:2324:7 #12 0x7fda5a516b95 in content::RenderFrameHostManager::Navigate(GURL const&, content::FrameNavigationEntry const&, content::NavigationEntryImpl const&, bool) content/browser/frame_host/render_frame_host_manager.cc:210:49 #13 0x7fda5a4f2f71 in content::NavigatorImpl::NavigateToEntry(content::FrameTreeNode*, content::FrameNavigationEntry const&, content::NavigationEntryImpl const&, content::ReloadType, bool, bool, bool, scoped_refptr<content::ResourceRequestBodyImpl> const&) content/browser/frame_host/navigator_impl.cc:380:44 #14 0x7fda5a4f3c96 in content::NavigatorImpl::NavigateToPendingEntry(content::FrameTreeNode*, content::FrameNavigationEntry const&, content::ReloadType, bool) content/browser/frame_host/navigator_impl.cc:474:10 #15 0x7fda5a4ddfc3 in content::NavigationControllerImpl::NavigateToPendingEntryInternal(content::ReloadType) content/browser/frame_host/navigation_controller_impl.cc:1864:36 #16 0x7fda5a4d83ec in content::NavigationControllerImpl::NavigateToPendingEntry(content::ReloadType) content/browser/frame_host/navigation_controller_impl.cc:1806:18 #17 0x7fda5a4d9a16 in content::NavigationControllerImpl::LoadURLWithParams(content::NavigationController::LoadURLParams const&) content/browser/frame_host/navigation_controller_impl.cc:433:3 #18 0x7fda5ddcbb98 in (anonymous namespace)::LoadURLInContents(content::WebContents*, GURL const&, chrome::NavigateParams*) chrome/browser/ui/browser_navigator.cc:285:36 #19 0x7fda5ddcb3d1 in chrome::Navigate(chrome::NavigateParams*) chrome/browser/ui/browser_navigator.cc:551:9 #20 0x7fda5dde7651 in StartupBrowserCreatorImpl::OpenTabsInBrowser(Browser*, bool, std::__1::vector<StartupTab, std::__1::allocator<StartupTab> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:480:5 #21 0x7fda5dde9473 in StartupBrowserCreatorImpl::ProcessSpecifiedURLs(std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:1065:22 #22 0x7fda5dde8de7 in StartupBrowserCreatorImpl::ProcessStartupURLs(std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:1006:22 #23 0x7fda5dde6d56 in StartupBrowserCreatorImpl::ProcessLaunchURLs(bool, std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:893:26 #24 0x7fda5dde6620 in StartupBrowserCreatorImpl::Launch(Profile*, std::__1::vector<GURL, std::__1::allocator<GURL> > const&, bool) chrome/browser/ui/startup/startup_browser_creator_impl.cc:382:7 #25 0x7fda5dde34ad in StartupBrowserCreator::LaunchBrowser(base::CommandLine const&, Profile*, base::FilePath const&, chrome::startup::IsProcessStartup, chrome::startup::IsFirstRun) chrome/browser/ui/startup/startup_browser_creator.cc:373:13 #26 0x7fda5dde3017 in StartupBrowserCreator::ProcessCmdLineImpl(base::CommandLine const&, base::FilePath const&, bool, Profile*, std::__1::vector<Profile*, std::__1::allocator<Profile*> > const&) chrome/browser/ui/startup/startup_browser_creator.cc:750:10 #27 0x7fda5dde2229 in StartupBrowserCreator::Start(base::CommandLine const&, base::FilePath const&, Profile*, std::__1::vector<Profile*, std::__1::allocator<Profile*> > const&) chrome/browser/ui/startup/startup_browser_creator.cc:328:10 #28 0x7fda5b1e2e6c in ChromeBrowserMainParts::PreMainMessageLoopRunImpl() chrome/browser/chrome_browser_main.cc:1865:42 #29 0x7fda5b1e1b40 in ChromeBrowserMainParts::PreMainMessageLoopRun() chrome/browser/chrome_browser_main.cc:1246:18 #30 0x7fda5a3b0731 in content::BrowserMainLoop::PreMainMessageLoopRun() content/browser/browser_main_loop.cc:979:13 #31 0x7fda5a3b3b36 in base::internal::Invoker<base::internal::BindState<int (content::BrowserMainLoop::*)(), base::internal::UnretainedWrapper<content::BrowserMainLoop> >, int ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:214:12 #32 0x7fda5a84c34b in content::StartupTaskRunner::RunAllTasksNow() base/callback.h:85:12 #33 0x7fda5a3ae6c0 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:864:25 #34 0x7fda5a3b44d1 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:126:17 #35 0x7fda5a3ab2be in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #36 0x7fda5ae6bed5 in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:14 #37 0x7fda5ae6cbb8 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:786:12 #38 0x7fda5ae6ad5f in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #39 0x7fda58f97e15 in ChromeMain chrome/app/chrome_main.cc:108:12 #40 0x7fda58f97daf in main chrome/app/chrome_exe_main_aura.cc:17:10 Mutex M413 previously acquired by the same thread here: #0 0x7fda58f521cf in pthread_mutex_lock (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436323/chrome+0xc021ce) #1 0x7fda5b3f09b6 in base::internal::LockImpl::Lock() base/synchronization/lock_impl_posix.cc:64:12 #2 0x7fda5b3adf3b in base::FieldTrialList::InstantiateFieldTrialAllocatorIfNeeded() base/synchronization/lock.h:26:26 #3 0x7fda5b3ae248 in base::FieldTrialList::CopyFieldTrialStateToFlags(char const*, char const*, char const*, base::CommandLine*) base/metrics/field_trial.cc:908:5 #4 0x7fda5a3a488f in content::BrowserChildProcessHostImpl::CopyFeatureAndFieldTrialFlags(base::CommandLine*) content/browser/browser_child_process_host_impl.cc:224:3 #5 0x7fda5a71cf52 in content::RenderProcessHostImpl::PropagateBrowserCommandLineToRenderer(base::CommandLine const&, base::CommandLine*) content/browser/renderer_host/render_process_host_impl.cc:1833:3 #6 0x7fda5a7196f1 in content::RenderProcessHostImpl::AppendRendererCommandLine(base::CommandLine*) content/browser/renderer_host/render_process_host_impl.cc:1596:3 #7 0x7fda5a716db9 in content::RenderProcessHostImpl::Init() content/browser/renderer_host/render_process_host_impl.cc:886:5 #8 0x7fda5a51d5b0 in content::RenderFrameHostManager::CreatePendingRenderFrameHost(content::SiteInstance*, content::SiteInstance*) content/browser/frame_host/render_frame_host_manager.cc:1599:36 #9 0x7fda5a51742a in content::RenderFrameHostManager::UpdateStateForNavigate(GURL const&, content::SiteInstance*, content::SiteInstance*, ui::PageTransition, bool, bool, content::GlobalRequestID const&, int, bool) content/browser/frame_host/render_frame_host_manager.cc:2324:7 #10 0x7fda5a516b95 in content::RenderFrameHostManager::Navigate(GURL const&, content::FrameNavigationEntry const&, content::NavigationEntryImpl const&, bool) content/browser/frame_host/render_frame_host_manager.cc:210:49 #11 0x7fda5a4f2f71 in content::NavigatorImpl::NavigateToEntry(content::FrameTreeNode*, content::FrameNavigationEntry const&, content::NavigationEntryImpl const&, content::ReloadType, bool, bool, bool, scoped_refptr<content::ResourceRequestBodyImpl> const&) content/browser/frame_host/navigator_impl.cc:380:44 #12 0x7fda5a4f3c96 in content::NavigatorImpl::NavigateToPendingEntry(content::FrameTreeNode*, content::FrameNavigationEntry const&, content::ReloadType, bool) content/browser/frame_host/navigator_impl.cc:474:10 #13 0x7fda5a4ddfc3 in content::NavigationControllerImpl::NavigateToPendingEntryInternal(content::ReloadType) content/browser/frame_host/navigation_controller_impl.cc:1864:36 #14 0x7fda5a4d83ec in content::NavigationControllerImpl::NavigateToPendingEntry(content::ReloadType) content/browser/frame_host/navigation_controller_impl.cc:1806:18 #15 0x7fda5a4d9a16 in content::NavigationControllerImpl::LoadURLWithParams(content::NavigationController::LoadURLParams const&) content/browser/frame_host/navigation_controller_impl.cc:433:3 #16 0x7fda5ddcbb98 in (anonymous namespace)::LoadURLInContents(content::WebContents*, GURL const&, chrome::NavigateParams*) chrome/browser/ui/browser_navigator.cc:285:36 #17 0x7fda5ddcb3d1 in chrome::Navigate(chrome::NavigateParams*) chrome/browser/ui/browser_navigator.cc:551:9 #18 0x7fda5dde7651 in StartupBrowserCreatorImpl::OpenTabsInBrowser(Browser*, bool, std::__1::vector<StartupTab, std::__1::allocator<StartupTab> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:480:5 #19 0x7fda5dde9473 in StartupBrowserCreatorImpl::ProcessSpecifiedURLs(std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:1065:22 #20 0x7fda5dde8de7 in StartupBrowserCreatorImpl::ProcessStartupURLs(std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:1006:22 #21 0x7fda5dde6d56 in StartupBrowserCreatorImpl::ProcessLaunchURLs(bool, std::__1::vector<GURL, std::__1::allocator<GURL> > const&) chrome/browser/ui/startup/startup_browser_creator_impl.cc:893:26 #22 0x7fda5dde6620 in StartupBrowserCreatorImpl::Launch(Profile*, std::__1::vector<GURL, std::__1::allocator<GURL> > const&, bool) chrome/browser/ui/startup/startup_browser_creator_impl.cc:382:7 #23 0x7fda5dde34ad in StartupBrowserCreator::LaunchBrowser(base::CommandLine const&, Profile*, base::FilePath const&, chrome::startup::IsProcessStartup, chrome::startup::IsFirstRun) chrome/browser/ui/startup/startup_browser_creator.cc:373:13 #24 0x7fda5dde3017 in StartupBrowserCreator::ProcessCmdLineImpl(base::CommandLine const&, base::FilePath const&, bool, Profile*, std::__1::vector<Profile*, std::__1::allocator<Profile*> > const&) chrome/browser/ui/startup/startup_browser_creator.cc:750:10 #25 0x7fda5dde2229 in StartupBrowserCreator::Start(base::CommandLine const&, base::FilePath const&, Profile*, std::__1::vector<Profile*, std::__1::allocator<Profile*> > const&) chrome/browser/ui/startup/startup_browser_creator.cc:328:10 #26 0x7fda5b1e2e6c in ChromeBrowserMainParts::PreMainMessageLoopRunImpl() chrome/browser/chrome_browser_main.cc:1865:42 #27 0x7fda5b1e1b40 in ChromeBrowserMainParts::PreMainMessageLoopRun() chrome/browser/chrome_browser_main.cc:1246:18 #28 0x7fda5a3b0731 in content::BrowserMainLoop::PreMainMessageLoopRun() content/browser/browser_main_loop.cc:979:13 #29 0x7fda5a3b3b36 in base::internal::Invoker<base::internal::BindState<int (content::BrowserMainLoop::*)(), base::internal::UnretainedWrapper<content::BrowserMainLoop> >, int ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:214:12 #30 0x7fda5a84c34b in content::StartupTaskRunner::RunAllTasksNow() base/callback.h:85:12 #31 0x7fda5a3ae6c0 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:864:25 #32 0x7fda5a3b44d1 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:126:17 #33 0x7fda5a3ab2be in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32 #34 0x7fda5ae6bed5 in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:14 #35 0x7fda5ae6cbb8 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:786:12 #36 0x7fda5ae6ad5f in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:20:28 #37 0x7fda58f97e15 in ChromeMain chrome/app/chrome_main.cc:108:12 #38 0x7fda58f97daf in main chrome/app/chrome_exe_main_aura.cc:17:10 SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) (/mnt/scratch0/clusterfuzz/slave-bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/tsan-linux-release-436323/chrome+0xc021ce) in __interceptor_pthread_mutex_lock ================== Marty, can you fix the suppressions file to acccount for this. Since you are the lucky ClusterFuzz triage sheriff this week.
,
Dec 6 2016
These TSAN races might be coming due to the recent changes in https://chromium.googlesource.com/chromium/src/+log/master/base/metrics/field_trial.cc. lawrencewu@, this is an important TSAN startup regression, can you please take a look. See https://www.chromium.org/developers/testing/threadsanitizer-tsan-v2 to setup.
,
Dec 6 2016
Looking now.
,
Dec 6 2016
So I can repro by building chrome with is_tsan = true, and then running ./out/tsan/chrome?
,
Dec 6 2016
Yes!
,
Dec 7 2016
Ok, I repro'd and have a local fix. Will send it out shortly.
,
Dec 7 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/7f262eb07e82a53a561800998a9b2f5418534bdf commit 7f262eb07e82a53a561800998a9b2f5418534bdf Author: lawrencewu <lawrencewu@chromium.org> Date: Wed Dec 07 17:07:05 2016 TSAN startup fix We were hitting a lock order inversion deadlock, due to one thread holding the lock in field_trial.cc and trying to hold the lock in field_trial_param_associator.cc and another doing the opposite. This fixes that. BUG= 671282 Review-Url: https://codereview.chromium.org/2560823002 Cr-Commit-Position: refs/heads/master@{#436987} [modify] https://crrev.com/7f262eb07e82a53a561800998a9b2f5418534bdf/base/metrics/field_trial_param_associator.cc
,
Dec 7 2016
,
Dec 9 2016
,
Dec 9 2016
Your change meets the bar and is auto-approved for M56 (branch: 2924)
,
Dec 9 2016
Merging now.
,
Dec 9 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/170e4101936172efbbe561ea85296890d157ba2c commit 170e4101936172efbbe561ea85296890d157ba2c Author: Alexei Svitkine <asvitkine@chromium.org> Date: Fri Dec 09 19:21:18 2016 TSAN startup fix We were hitting a lock order inversion deadlock, due to one thread holding the lock in field_trial.cc and trying to hold the lock in field_trial_param_associator.cc and another doing the opposite. This fixes that. BUG= 671282 Review-Url: https://codereview.chromium.org/2560823002 Cr-Commit-Position: refs/heads/master@{#436987} (cherry picked from commit 7f262eb07e82a53a561800998a9b2f5418534bdf) Review URL: https://codereview.chromium.org/2564143003 . Cr-Commit-Position: refs/branch-heads/2924@{#434} Cr-Branched-From: 3a87aecc31cd1ffe751dd72c04e5a96a1fc8108a-refs/heads/master@{#433059} [modify] https://crrev.com/170e4101936172efbbe561ea85296890d157ba2c/base/metrics/field_trial_param_associator.cc |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by ta...@google.com
, Dec 5 2016