Issue metadata
Sign in to add a comment
|
Browser doesn't start under TSAN due to sqlite-related data race |
||||||||||||||||||||||||
Issue descriptionOur group just brought up a Linux TSAN bot to try to catch race conditions in Chrome's GPU stack. The browser is crashing upon startup. One report is in sqlite, seemingly invoked by the browser's history code and omnibox internals. Please see this build: https://build.chromium.org/p/chromium.gpu.fyi/builders/Linux%20GPU%20TSAN%20Release/builds/27 and this shard (from context_lost_tests): https://chromium-swarm.appspot.com/task?id=3496171338b9b510&refresh=10&show_raw=1 Could someone knowledgeable in this code please help me understand whether this is a known issue? Has the full browser ever been brought up under TSAN? Looking more deeply, it seems that https://build.chromium.org/p/chromium.memory/builders/Linux%20TSan%20Tests only runs unit tests. Log excerpt: WARNING: ThreadSanitizer: data race (pid=6285) Read of size 4 at 0x7fef6bc60d48 by thread T19 (mutexes: write M313979890502529872): #0 unixOpen third_party/sqlite/amalgamation/sqlite3.c:32762 (chrome+0x5715e92) #1 Open sql/vfs_wrapper.cc:189 (chrome+0x570b879) #2 sqlite3OsOpen third_party/sqlite/amalgamation/sqlite3.c:17814 (chrome+0x57595cb) #3 pager_open_journal third_party/sqlite/amalgamation/sqlite3.c:49049 (chrome+0x57595cb) #4 pager_write third_party/sqlite/amalgamation/sqlite3.c:49251 (chrome+0x57595cb) #5 sqlite3PagerWrite third_party/sqlite/amalgamation/sqlite3.c:49423 (chrome+0x57562e1) #6 newDatabase third_party/sqlite/amalgamation/sqlite3.c:58243 (chrome+0x57562e1) #7 sqlite3BtreeBeginTrans third_party/sqlite/amalgamation/sqlite3.c:58391 (chrome+0x571a747) #8 sqlite3VdbeExec third_party/sqlite/amalgamation/sqlite3.c:76887 (chrome+0x576b7b0) #9 sqlite3Step third_party/sqlite/amalgamation/sqlite3.c:72425 (chrome+0x572331b) #10 sqlite3_step third_party/sqlite/amalgamation/sqlite3.c:72486 (chrome+0x572331b) #11 RecordEvent sql/connection.cc:? (chrome+0x5702fa9) #12 RecordOneEvent sql/connection.h:239 (chrome+0x5702fa9) #13 ExecuteAndReturnErrorCode sql/connection.cc:1405 (chrome+0x5702fa9) #14 Execute sql/connection.cc:1439 (chrome+0x56ff4fa) #15 Init sql/meta_table.cc:162 (chrome+0x5706c85) #16 Init components/webdata/common/web_database.cc:108 (chrome+0x56f5827) #17 LoadDatabaseIfNecessary components/webdata/common/web_database_backend.cc:110 (chrome+0x56fa0bc) #18 InitDatabase components/webdata/common/web_database_backend.cc:38 (chrome+0x56f9e1d) #19 Invoke<const scoped_refptr<WebDatabaseBackend> &> base/bind_internal.h:214 (chrome+0x56f7b56) #20 MakeItSo<void (WebDatabaseBackend::*const &)(), const scoped_refptr<WebDatabaseBackend> &> base/bind_internal.h:285 (chrome+0x56f7b56) #21 RunImpl<void (WebDatabaseBackend::*const &)(), const std::__1::tuple<scoped_refptr<WebDatabaseBackend> > &, 0> base/bind_internal.h:361 (chrome+0x56f7b56) #22 Run base/bind_internal.h:339 (chrome+0x56f7b56) #23 Run base/callback.h:68 (chrome+0x3a45dfa) #24 RunTask base/debug/task_annotator.cc:59 (chrome+0x3a45dfa) #25 RunTask base/message_loop/message_loop.cc:423 (chrome+0x3966700) #26 DeferOrRunPendingTask base/message_loop/message_loop.cc:434 (chrome+0x3966edd) #27 DoWork base/message_loop/message_loop.cc:527 (chrome+0x3967907) #28 Run base/message_loop/message_pump_default.cc:33 (chrome+0x396c459) #29 RunHandler base/message_loop/message_loop.cc:387 (chrome+0x3966250) #30 Run base/run_loop.cc:37 (chrome+0x39a9bfe) #31 Run base/threading/thread.cc:250 (chrome+0x39f11bb) #32 DBThreadRun content/browser/browser_thread_impl.cc:245 (chrome+0x14af1ef) #33 Run content/browser/browser_thread_impl.cc:302 (chrome+0x14af8cb) #34 ThreadMain base/threading/thread.cc:333 (chrome+0x39f18c6) #35 ThreadFunc base/threading/platform_thread_posix.cc:71 (chrome+0x39e64c8) Previous write of size 4 at 0x7fef6bc60d48 by thread T31 (mutexes: write M346912462778366192, write M317362965034961880): #0 unixRandomness third_party/sqlite/amalgamation/sqlite3.c:33189 (chrome+0x5716d19) #1 sqlite3OsRandomness third_party/sqlite/amalgamation/sqlite3.c:17857 (chrome+0x5714e16) #2 sqlite3_randomness third_party/sqlite/amalgamation/sqlite3.c:24167 (chrome+0x5714e16) #3 writeJournalHdr third_party/sqlite/amalgamation/sqlite3.c:44920 (chrome+0x574d07e) #4 pager_open_journal third_party/sqlite/amalgamation/sqlite3.c:49066 (chrome+0x575960d) #5 pager_write third_party/sqlite/amalgamation/sqlite3.c:49251 (chrome+0x575960d) #6 sqlite3PagerWrite third_party/sqlite/amalgamation/sqlite3.c:49423 (chrome+0x57562e1) #7 newDatabase third_party/sqlite/amalgamation/sqlite3.c:58243 (chrome+0x57562e1) #8 sqlite3BtreeBeginTrans third_party/sqlite/amalgamation/sqlite3.c:58391 (chrome+0x571a747) #9 sqlite3VdbeExec third_party/sqlite/amalgamation/sqlite3.c:76887 (chrome+0x576b7b0) #10 sqlite3Step third_party/sqlite/amalgamation/sqlite3.c:72425 (chrome+0x572331b) #11 sqlite3_step third_party/sqlite/amalgamation/sqlite3.c:72486 (chrome+0x572331b) #12 RecordEvent sql/connection.cc:? (chrome+0x5702fa9) #13 RecordOneEvent sql/connection.h:239 (chrome+0x5702fa9) #14 ExecuteAndReturnErrorCode sql/connection.cc:1405 (chrome+0x5702fa9) #15 Execute sql/connection.cc:1439 (chrome+0x56ff4fa) #16 Init sql/meta_table.cc:162 (chrome+0x5706c85) #17 Init components/history/core/browser/history_database.cc:95 (chrome+0x5b157ee) #18 InitImpl components/history/core/browser/history_backend.cc:620 (chrome+0x5b00049) #19 Init components/history/core/browser/history_backend.cc:212 (chrome+0x5affc9d) #20 MakeItSo<void (history::HistoryBackend::*const &)(bool, const history::HistoryDatabaseParams &), const scoped_refptr<history::HistoryBackend> &, const bool &, const history::HistoryDatabaseParams &> base/bind_internal.h:214 (chrome+0x5ade30f) #21 RunImpl<void (history::HistoryBackend::*const &)(bool, const history::HistoryDatabaseParams &), const std::__1::tuple<scoped_refptr<history::HistoryBackend>, bool, history::HistoryDatabaseParams> &, 0, 1, 2> base/bind_internal.h:361 (chrome+0x5ade30f) #22 Run base/bind_internal.h:339 (chrome+0x5ade30f) #23 Run base/callback.h:68 (chrome+0x3a45dfa) #24 RunTask base/debug/task_annotator.cc:59 (chrome+0x3a45dfa) #25 RunTask base/message_loop/message_loop.cc:423 (chrome+0x3966700) #26 DeferOrRunPendingTask base/message_loop/message_loop.cc:434 (chrome+0x3966edd) #27 DoWork base/message_loop/message_loop.cc:527 (chrome+0x3967907) #28 Run base/message_loop/message_pump_default.cc:33 (chrome+0x396c38a) #29 RunHandler base/message_loop/message_loop.cc:387 (chrome+0x3966250) #30 Run base/run_loop.cc:37 (chrome+0x39a9bfe) #31 Run base/threading/thread.cc:250 (chrome+0x39f11bb) #32 ThreadMain base/threading/thread.cc:333 (chrome+0x39f18c6) #33 ThreadFunc base/threading/platform_thread_posix.cc:71 (chrome+0x39e64c8) Location is global '<null>' at 0x000000000000 (chrome+0x00000e7bdd48) Mutex M313979890502529872 is already destroyed. Mutex M346912462778366192 is already destroyed. Mutex M317362965034961880 is already destroyed. Thread T19 'Chrome_DBThread' (tid=6322, running) created by main thread at: #0 pthread_create ??:? (chrome+0xbfe815) #1 CreateThread base/threading/platform_thread_posix.cc:110 (chrome+0x39e5e06) #2 base::PlatformThread::CreateWithPriority(unsigned long, base::PlatformThread::Delegate*, base::PlatformThreadHandle*, base::ThreadPriority) base/threading/platform_thread_posix.cc:191 (chrome+0x39e5cc5) #3 StartWithOptions base/threading/thread.cc:112 (chrome+0x39f0977) #4 StartWithOptions content/browser/browser_thread_impl.cc:403 (chrome+0x14b005a) #5 CreateThreads content/browser/browser_main_loop.cc:1138 (chrome+0x1499ab2) #6 Invoke<content::BrowserMainLoop *> base/bind_internal.h:214 (chrome+0x149f9d5) #7 MakeItSo<int (content::BrowserMainLoop::*const &)(), content::BrowserMainLoop *> base/bind_internal.h:285 (chrome+0x149f9d5) #8 RunImpl<int (content::BrowserMainLoop::*const &)(), const std::__1::tuple<base::internal::UnretainedWrapper<content::BrowserMainLoop> > &, 0> base/bind_internal.h:361 (chrome+0x149f9d5) #9 Run base/bind_internal.h:339 (chrome+0x149f9d5) #10 Run base/callback.h:85 (chrome+0x1ad8057) #11 RunAllTasksNow content/browser/startup_task_runner.cc:45 (chrome+0x1ad8057) #12 CreateStartupTasks content/browser/browser_main_loop.cc:973 (chrome+0x1498613) #13 Initialize content/browser/browser_main_runner.cc:125 (chrome+0x14a02d5) #14 BrowserMain content/browser/browser_main.cc:42 (chrome+0x1494efd) #15 RunNamedProcessTypeMain content/app/content_main_runner.cc:491 (chrome+0x32bb404) #16 Run content/app/content_main_runner.cc:836 (chrome+0x32bc0e7) #17 ContentMain content/app/content_main.cc:20 (chrome+0x32b9dee) #18 ChromeMain chrome/app/chrome_main.cc:113 (chrome+0xc5ca9b) #19 main chrome/app/chrome_exe_main_aura.cc:17 (chrome+0xc5c9ee) Thread T31 'Chrome_HistoryThread' (tid=6341, running) created by main thread at: #0 pthread_create ??:? (chrome+0xbfe815) #1 CreateThread base/threading/platform_thread_posix.cc:110 (chrome+0x39e5e06) #2 base::PlatformThread::CreateWithPriority(unsigned long, base::PlatformThread::Delegate*, base::PlatformThreadHandle*, base::ThreadPriority) base/threading/platform_thread_posix.cc:191 (chrome+0x39e5cc5) #3 StartWithOptions base/threading/thread.cc:112 (chrome+0x39f0977) #4 Init components/history/core/browser/history_service.cc:879 (chrome+0x5ace61f) #5 Init components/history/core/browser/history_service.h:98 (chrome+0x357d827) #6 BuildServiceInstanceFor chrome/browser/history/history_service_factory.cc:85 (chrome+0x357d827) #7 BuildServiceInstanceFor components/keyed_service/content/browser_context_keyed_service_factory.cc:95 (chrome+0x630070f) #8 GetServiceForContext components/keyed_service/core/keyed_service_factory.cc:91 (chrome+0x56e806d) #9 BrowserContextKeyedServiceFactory::GetServiceForBrowserContext(content::BrowserContext*, bool) components/keyed_service/content/browser_context_keyed_service_factory.cc:45 (chrome+0x630053a) #10 GetForProfile chrome/browser/history/history_service_factory.cc:33 (chrome+0x357d47b) #11 BuildInstanceFor chrome/browser/search_engines/template_url_service_factory.cc:60 (chrome+0x33a1400) #12 BuildServiceInstanceFor chrome/browser/search_engines/template_url_service_factory.cc:79 (chrome+0x33a158d) #13 BuildServiceInstanceFor components/keyed_service/content/browser_context_keyed_service_factory.cc:95 (chrome+0x630070f) #14 GetServiceForContext components/keyed_service/core/keyed_service_factory.cc:91 (chrome+0x56e806d) #15 BrowserContextKeyedServiceFactory::GetServiceForBrowserContext(content::BrowserContext*, bool) components/keyed_service/content/browser_context_keyed_service_factory.cc:45 (chrome+0x630053a) #16 TemplateURLServiceFactory::GetForProfile(Profile*) chrome/browser/search_engines/template_url_service_factory.cc:35 (chrome+0x33a1246) #17 OmniboxAPI chrome/browser/extensions/api/omnibox/omnibox_api.cc:177 (chrome+0x6155d1e) #18 extensions::BrowserContextKeyedAPIFactory<extensions::OmniboxAPI>::BuildServiceInstanceFor(content::BrowserContext*) const extensions/browser/browser_context_keyed_api_factory.h:113 (chrome+0x61580aa) #19 BuildServiceInstanceFor components/keyed_service/content/browser_context_keyed_service_factory.cc:95 (chrome+0x630070f) #20 GetServiceForContext components/keyed_service/core/keyed_service_factory.cc:91 (chrome+0x56e806d) #21 KeyedServiceFactory::CreateServiceNow(base::SupportsUserData*) components/keyed_service/core/keyed_service_factory.cc:140 (chrome+0x56e8b05) #22 CreateContextServices components/keyed_service/core/dependency_manager.cc:73 (chrome+0x56ea618) #23 DoCreateBrowserContextServices components/keyed_service/content/browser_context_dependency_manager.cc:47 (chrome+0x62ff722) #24 BrowserContextDependencyManager::CreateBrowserContextServices(content::BrowserContext*) components/keyed_service/content/browser_context_dependency_manager.cc:32 (chrome+0x62ff692) #25 OnLocaleReady chrome/browser/profiles/profile_impl.cc:853 (chrome+0x3601b6b) #26 OnPrefsLoaded chrome/browser/profiles/profile_impl.cc:887 (chrome+0x35ff125) #27 ProfileImpl chrome/browser/profiles/profile_impl.cc:505 (chrome+0x35fed61) #28 CreateProfile chrome/browser/profiles/profile_impl.cc:319 (chrome+0x35fd487) #29 CreateProfileHelper chrome/browser/profiles/profile_manager.cc:1290 (chrome+0x3386778) #30 CreateAndInitializeProfile chrome/browser/profiles/profile_manager.cc:1367 (chrome+0x337f0f3) #31 GetProfile chrome/browser/profiles/profile_manager.cc:479 (chrome+0x337eda7) #32 GetStartupProfile(base::FilePath const&, base::CommandLine const&) chrome/browser/ui/startup/startup_browser_creator.cc:957 (chrome+0x6788432) #33 CreatePrimaryProfile chrome/browser/chrome_browser_main.cc:443 (chrome+0x3753101) #34 PreMainMessageLoopRunImpl chrome/browser/chrome_browser_main.cc:1638 (chrome+0x3753101) #35 PreMainMessageLoopRun chrome/browser/chrome_browser_main.cc:1242 (chrome+0x37526df) #36 PreMainMessageLoopRun content/browser/browser_main_loop.cc:1165 (chrome+0x149b060) #37 Invoke<content::BrowserMainLoop *> base/bind_internal.h:214 (chrome+0x149f9d5) #38 MakeItSo<int (content::BrowserMainLoop::*const &)(), content::BrowserMainLoop *> base/bind_internal.h:285 (chrome+0x149f9d5) #39 RunImpl<int (content::BrowserMainLoop::*const &)(), const std::__1::tuple<base::internal::UnretainedWrapper<content::BrowserMainLoop> > &, 0> base/bind_internal.h:361 (chrome+0x149f9d5) #40 Run base/bind_internal.h:339 (chrome+0x149f9d5) #41 Run base/callback.h:85 (chrome+0x1ad8057) #42 RunAllTasksNow content/browser/startup_task_runner.cc:45 (chrome+0x1ad8057) #43 CreateStartupTasks content/browser/browser_main_loop.cc:973 (chrome+0x1498613) #44 Initialize content/browser/browser_main_runner.cc:125 (chrome+0x14a02d5) #45 BrowserMain content/browser/browser_main.cc:42 (chrome+0x1494efd) #46 RunNamedProcessTypeMain content/app/content_main_runner.cc:491 (chrome+0x32bb404) #47 Run content/app/content_main_runner.cc:836 (chrome+0x32bc0e7) #48 ContentMain content/app/content_main.cc:20 (chrome+0x32b9dee) #49 ChromeMain chrome/app/chrome_main.cc:113 (chrome+0xc5ca9b) #50 main chrome/app/chrome_exe_main_aura.cc:17 (chrome+0xc5c9ee) SUMMARY: ThreadSanitizer: data race third_party/sqlite/amalgamation/sqlite3.c:32762 in unixOpen
,
Feb 27 2017
Issue 459429 #c2 I think. There should be a suppression already in place.
,
Feb 27 2017
Do suppressions go by backtrace? It is possible a change I made a month or so back would change the backtrace.
,
Feb 28 2017
Looks like they apply to function names, file names, and global variable names: src/build/sanitizers/tsan_suppressions.cc https://www.chromium.org/developers/testing/threadsanitizer-tsan-v2 Thanks for the heads up. If these are just warnings, then there must be some other reason that the browser isn't coming up correctly under TSAN.
,
Jun 26 2017
kbr@, shoudl this be assigned to you? Closed as WontFix? What?
,
Jun 26 2017
Ideally someone knowledgable either in TSAN or the code using sqlite would verify that the browser can be successfully be brought up using TSAN. I've just tried enabling one of the browser-based tests on our group's TSAN bot in http://crbug.com/691029 and if it works now I'll close this bug.
,
Jul 24 2017
Merging into bug 696415 , which is tracking the larger issue ("Browser doesn't start under TSAN"). If it turns out to be because of omnibox / history / sqlite, please say something here. The initial error logs from the current failures (on that bug) imply this is not the cause and these warnings are innocuous. |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by mpear...@chromium.org
, Feb 27 2017