latest msan reports use of uninitialized value in fwrite |
|||||
Issue descriptionUsing Clang r299791 and Chromium #463381: ninja: Entering directory `out/release' [1/1] ACTION //v8:run_mksnapshot(//build/toolchain/linux:clang_x64) FAILED: gen/v8/snapshot.cc snapshot_blob.bin python ../../v8/tools/run.py ./mksnapshot --startup_src gen/v8/snapshot.cc --random-seed 314159265 --startup_blob snapshot_blob.bin Uninitialized bytes in __interceptor_fwrite at offset 294 inside [0x7fc9f270b000, 1552312) ==121705==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x7fca1e3b0e38 in SnapshotWriter::MaybeWriteStartupBlob(v8::internal::Vector<unsigned char const> const&) const v8/src/snapshot/mksnapshot.cc:48:22 #1 0x7fca1e3b04ab in WriteSnapshot v8/src/snapshot/mksnapshot.cc:40:5 #2 0x7fca1e3b04ab in main v8/src/snapshot/mksnapshot.cc:182 #3 0x7fca1cda2f44 in __libc_start_main /build/eglibc-MjiXCM/eglibc-2.19/csu/libc-start.c:287 #4 0x7fca1e33e9ef in _start (/usr/local/google/work/chromium/src/out/release/mksnapshot+0x1059ef) Uninitialized value was stored to memory at #0 0x7fca1e35f4ab in __msan_memcpy (/usr/local/google/work/chromium/src/out/release/mksnapshot+0x1264ab) #1 0x7fca207751f5 in MemCopy v8/src/utils.h:505:3 #2 0x7fca207751f5 in Resize v8/src/list-inl.h:73 #3 0x7fca207751f5 in ResizeAddInternal v8/src/list-inl.h:64 #4 0x7fca207751f5 in ResizeAdd v8/src/list-inl.h:51 #5 0x7fca207751f5 in Add v8/src/list-inl.h:23 #6 0x7fca207751f5 in Put v8/src/snapshot/snapshot-source-sink.h:86 #7 0x7fca207751f5 in v8::internal::Serializer::SerializeHotObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/serializer.cc:167 #8 0x7fca2078d03c in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:54:7 #9 0x7fca20781d0f in v8::internal::Serializer::ObjectSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/serializer.cc:665:22 #10 0x7fca1ffc7eff in IteratePointers<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:82:6 #11 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:85 #12 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:91 #13 0x7fca1ffc7eff in apply<v8::internal::FixedBodyDescriptor<24, 40, 40>, v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:636 #14 0x7fca1ffc7eff in void v8::internal::BodyDescriptorApply<v8::internal::CallIterateBody, void, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*>(v8::internal::InstanceType, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*) v8/src/objects-body-descriptors-inl.h:468 #15 0x7fca2077fd11 in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:603:14 #16 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #17 0x7fca2078f9ca in v8::internal::StartupSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/startup-serializer.cc:165:11 #18 0x7fca1f943df7 in v8::internal::Heap::IterateStrongRoots(v8::internal::ObjectVisitor*, v8::internal::VisitMode) v8/src/heap/heap.cc:4977:6 #19 0x7fca2078f165 in v8::internal::StartupSerializer::SerializeStrongReferences() v8/src/snapshot/startup-serializer.cc:132:20 #20 0x7fca1e3e7547 in v8::SnapshotCreator::CreateBlob(v8::SnapshotCreator::FunctionCodeHandling) v8/src/api.cc:640:22 #21 0x7fca1e3e915a in v8::V8::CreateSnapshotDataBlob(char const*) v8/src/api.cc:698:31 #22 0x7fca1e3b0166 in main v8/src/snapshot/mksnapshot.cc:170:24 #23 0x7fca1cda2f44 in __libc_start_main /build/eglibc-MjiXCM/eglibc-2.19/csu/libc-start.c:287 Uninitialized value was stored to memory at #0 0x7fca1e35f4ab in __msan_memcpy (/usr/local/google/work/chromium/src/out/release/mksnapshot+0x1264ab) #1 0x7fca2078c3ee in MemCopy v8/src/utils.h:505:3 #2 0x7fca2078c3ee in Resize v8/src/list-inl.h:73 #3 0x7fca2078c3ee in AddAll v8/src/list-inl.h:37 #4 0x7fca2078c3ee in v8::internal::SnapshotByteSink::PutRaw(unsigned char const*, int, char const*) v8/src/snapshot/snapshot-source-sink.cc:38 #5 0x7fca2077e270 in v8::internal::Serializer::ObjectSerializer::OutputRawData(unsigned char*, v8::internal::Serializer::ObjectSerializer::ReturnSkip) v8/src/snapshot/serializer.cc:831:12 #6 0x7fca207811e8 in v8::internal::Serializer::ObjectSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/serializer.cc:640:24 #7 0x7fca1ffc7eff in IteratePointers<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:82:6 #8 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:85 #9 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:91 #10 0x7fca1ffc7eff in apply<v8::internal::FixedBodyDescriptor<24, 40, 40>, v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:636 #11 0x7fca1ffc7eff in void v8::internal::BodyDescriptorApply<v8::internal::CallIterateBody, void, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*>(v8::internal::InstanceType, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*) v8/src/objects-body-descriptors-inl.h:468 #12 0x7fca2077fd11 in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:603:14 #13 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #14 0x7fca2078f9ca in v8::internal::StartupSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/startup-serializer.cc:165:11 #15 0x7fca1f943df7 in v8::internal::Heap::IterateStrongRoots(v8::internal::ObjectVisitor*, v8::internal::VisitMode) v8/src/heap/heap.cc:4977:6 #16 0x7fca2078f165 in v8::internal::StartupSerializer::SerializeStrongReferences() v8/src/snapshot/startup-serializer.cc:132:20 #17 0x7fca1e3e7547 in v8::SnapshotCreator::CreateBlob(v8::SnapshotCreator::FunctionCodeHandling) v8/src/api.cc:640:22 #18 0x7fca1e3e915a in v8::V8::CreateSnapshotDataBlob(char const*) v8/src/api.cc:698:31 #19 0x7fca1e3b0166 in main v8/src/snapshot/mksnapshot.cc:170:24 #20 0x7fca1cda2f44 in __libc_start_main /build/eglibc-MjiXCM/eglibc-2.19/csu/libc-start.c:287 Uninitialized value was stored to memory at #0 0x7fca1e35f4ab in __msan_memcpy (/usr/local/google/work/chromium/src/out/release/mksnapshot+0x1264ab) #1 0x7fca2077b162 in MemCopy v8/src/utils.h:505:3 #2 0x7fca2077b162 in Resize v8/src/list-inl.h:73 #3 0x7fca2077b162 in ResizeAddInternal v8/src/list-inl.h:64 #4 0x7fca2077b162 in ResizeAdd v8/src/list-inl.h:51 #5 0x7fca2077b162 in Add v8/src/list-inl.h:23 #6 0x7fca2077b162 in Put v8/src/snapshot/snapshot-source-sink.h:86 #7 0x7fca2077b162 in v8::internal::Serializer::ObjectSerializer::SerializePrologue(v8::internal::AllocationSpace, int, v8::internal::Map*) v8/src/snapshot/serializer.cc:386 #8 0x7fca2077fa68 in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:586:5 #9 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #10 0x7fca20781d0f in v8::internal::Serializer::ObjectSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/serializer.cc:665:22 #11 0x7fca1ffc7eff in IteratePointers<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:82:6 #12 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:85 #13 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:91 #14 0x7fca1ffc7eff in apply<v8::internal::FixedBodyDescriptor<24, 40, 40>, v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:636 #15 0x7fca1ffc7eff in void v8::internal::BodyDescriptorApply<v8::internal::CallIterateBody, void, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*>(v8::internal::InstanceType, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*) v8/src/objects-body-descriptors-inl.h:468 #16 0x7fca2077fd11 in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:603:14 #17 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #18 0x7fca2078f9ca in v8::internal::StartupSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/startup-serializer.cc:165:11 #19 0x7fca1f943df7 in v8::internal::Heap::IterateStrongRoots(v8::internal::ObjectVisitor*, v8::internal::VisitMode) v8/src/heap/heap.cc:4977:6 #20 0x7fca2078f165 in v8::internal::StartupSerializer::SerializeStrongReferences() v8/src/snapshot/startup-serializer.cc:132:20 #21 0x7fca1e3e7547 in v8::SnapshotCreator::CreateBlob(v8::SnapshotCreator::FunctionCodeHandling) v8/src/api.cc:640:22 #22 0x7fca1e3e915a in v8::V8::CreateSnapshotDataBlob(char const*) v8/src/api.cc:698:31 #23 0x7fca1e3b0166 in main v8/src/snapshot/mksnapshot.cc:170:24 #24 0x7fca1cda2f44 in __libc_start_main /build/eglibc-MjiXCM/eglibc-2.19/csu/libc-start.c:287 Uninitialized value was stored to memory at #0 0x7fca1e35f4ab in __msan_memcpy (/usr/local/google/work/chromium/src/out/release/mksnapshot+0x1264ab) #1 0x7fca2078c3ee in MemCopy v8/src/utils.h:505:3 #2 0x7fca2078c3ee in Resize v8/src/list-inl.h:73 #3 0x7fca2078c3ee in AddAll v8/src/list-inl.h:37 #4 0x7fca2078c3ee in v8::internal::SnapshotByteSink::PutRaw(unsigned char const*, int, char const*) v8/src/snapshot/snapshot-source-sink.cc:38 #5 0x7fca2077e270 in v8::internal::Serializer::ObjectSerializer::OutputRawData(unsigned char*, v8::internal::Serializer::ObjectSerializer::ReturnSkip) v8/src/snapshot/serializer.cc:831:12 #6 0x7fca2077fd7d in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:604:5 #7 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #8 0x7fca20781d0f in v8::internal::Serializer::ObjectSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/serializer.cc:665:22 #9 0x7fca1ffc7eff in IteratePointers<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:82:6 #10 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:85 #11 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:91 #12 0x7fca1ffc7eff in apply<v8::internal::FixedBodyDescriptor<24, 40, 40>, v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:636 #13 0x7fca1ffc7eff in void v8::internal::BodyDescriptorApply<v8::internal::CallIterateBody, void, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*>(v8::internal::InstanceType, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*) v8/src/objects-body-descriptors-inl.h:468 #14 0x7fca2077fd11 in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:603:14 #15 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #16 0x7fca2078f9ca in v8::internal::StartupSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/startup-serializer.cc:165:11 #17 0x7fca1f943df7 in v8::internal::Heap::IterateStrongRoots(v8::internal::ObjectVisitor*, v8::internal::VisitMode) v8/src/heap/heap.cc:4977:6 #18 0x7fca2078f165 in v8::internal::StartupSerializer::SerializeStrongReferences() v8/src/snapshot/startup-serializer.cc:132:20 #19 0x7fca1e3e7547 in v8::SnapshotCreator::CreateBlob(v8::SnapshotCreator::FunctionCodeHandling) v8/src/api.cc:640:22 #20 0x7fca1e3e915a in v8::V8::CreateSnapshotDataBlob(char const*) v8/src/api.cc:698:31 #21 0x7fca1e3b0166 in main v8/src/snapshot/mksnapshot.cc:170:24 #22 0x7fca1cda2f44 in __libc_start_main /build/eglibc-MjiXCM/eglibc-2.19/csu/libc-start.c:287 Uninitialized value was stored to memory at #0 0x7fca1e35f4ab in __msan_memcpy (/usr/local/google/work/chromium/src/out/release/mksnapshot+0x1264ab) #1 0x7fca2077b302 in MemCopy v8/src/utils.h:505:3 #2 0x7fca2077b302 in Resize v8/src/list-inl.h:73 #3 0x7fca2077b302 in ResizeAddInternal v8/src/list-inl.h:64 #4 0x7fca2077b302 in ResizeAdd v8/src/list-inl.h:51 #5 0x7fca2077b302 in Add v8/src/list-inl.h:23 #6 0x7fca2077b302 in Put v8/src/snapshot/snapshot-source-sink.h:86 #7 0x7fca2077b302 in v8::internal::Serializer::ObjectSerializer::SerializePrologue(v8::internal::AllocationSpace, int, v8::internal::Map*) v8/src/snapshot/serializer.cc:380 #8 0x7fca2077fa68 in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:586:5 #9 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #10 0x7fca2078f9ca in v8::internal::StartupSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/startup-serializer.cc:165:11 #11 0x7fca1f943df7 in v8::internal::Heap::IterateStrongRoots(v8::internal::ObjectVisitor*, v8::internal::VisitMode) v8/src/heap/heap.cc:4977:6 #12 0x7fca2078f165 in v8::internal::StartupSerializer::SerializeStrongReferences() v8/src/snapshot/startup-serializer.cc:132:20 #13 0x7fca1e3e7547 in v8::SnapshotCreator::CreateBlob(v8::SnapshotCreator::FunctionCodeHandling) v8/src/api.cc:640:22 #14 0x7fca1e3e915a in v8::V8::CreateSnapshotDataBlob(char const*) v8/src/api.cc:698:31 #15 0x7fca1e3b0166 in main v8/src/snapshot/mksnapshot.cc:170:24 #16 0x7fca1cda2f44 in __libc_start_main /build/eglibc-MjiXCM/eglibc-2.19/csu/libc-start.c:287 Uninitialized value was stored to memory at #0 0x7fca1e35f4ab in __msan_memcpy (/usr/local/google/work/chromium/src/out/release/mksnapshot+0x1264ab) #1 0x7fca2078c3ee in MemCopy v8/src/utils.h:505:3 #2 0x7fca2078c3ee in Resize v8/src/list-inl.h:73 #3 0x7fca2078c3ee in AddAll v8/src/list-inl.h:37 #4 0x7fca2078c3ee in v8::internal::SnapshotByteSink::PutRaw(unsigned char const*, int, char const*) v8/src/snapshot/snapshot-source-sink.cc:38 #5 0x7fca2077e270 in v8::internal::Serializer::ObjectSerializer::OutputRawData(unsigned char*, v8::internal::Serializer::ObjectSerializer::ReturnSkip) v8/src/snapshot/serializer.cc:831:12 #6 0x7fca2077fd7d in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:604:5 #7 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #8 0x7fca2078f9ca in v8::internal::StartupSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/startup-serializer.cc:165:11 #9 0x7fca1f943df7 in v8::internal::Heap::IterateStrongRoots(v8::internal::ObjectVisitor*, v8::internal::VisitMode) v8/src/heap/heap.cc:4977:6 #10 0x7fca2078f165 in v8::internal::StartupSerializer::SerializeStrongReferences() v8/src/snapshot/startup-serializer.cc:132:20 #11 0x7fca1e3e7547 in v8::SnapshotCreator::CreateBlob(v8::SnapshotCreator::FunctionCodeHandling) v8/src/api.cc:640:22 #12 0x7fca1e3e915a in v8::V8::CreateSnapshotDataBlob(char const*) v8/src/api.cc:698:31 #13 0x7fca1e3b0166 in main v8/src/snapshot/mksnapshot.cc:170:24 #14 0x7fca1cda2f44 in __libc_start_main /build/eglibc-MjiXCM/eglibc-2.19/csu/libc-start.c:287 Uninitialized value was created by a heap allocation #0 0x7fca1e3665fd in __interceptor_malloc (/usr/local/google/work/chromium/src/out/release/mksnapshot+0x12d5fd) #1 0x7fca1e3cdc7e in v8::internal::Malloced::New(unsigned long) v8/src/allocation.cc:22:18 #2 0x7fca207751ba in New v8/src/allocation.h:69:43 #3 0x7fca207751ba in NewData v8/src/list.h:183 #4 0x7fca207751ba in Resize v8/src/list-inl.h:72 #5 0x7fca207751ba in ResizeAddInternal v8/src/list-inl.h:64 #6 0x7fca207751ba in ResizeAdd v8/src/list-inl.h:51 #7 0x7fca207751ba in Add v8/src/list-inl.h:23 #8 0x7fca207751ba in Put v8/src/snapshot/snapshot-source-sink.h:86 #9 0x7fca207751ba in v8::internal::Serializer::SerializeHotObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/serializer.cc:167 #10 0x7fca2078d03c in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:54:7 #11 0x7fca20781d0f in v8::internal::Serializer::ObjectSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/serializer.cc:665:22 #12 0x7fca1ffc7eff in IteratePointers<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:82:6 #13 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:85 #14 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:91 #15 0x7fca1ffc7eff in apply<v8::internal::FixedBodyDescriptor<24, 40, 40>, v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:636 #16 0x7fca1ffc7eff in void v8::internal::BodyDescriptorApply<v8::internal::CallIterateBody, void, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*>(v8::internal::InstanceType, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*) v8/src/objects-body-descriptors-inl.h:468 #17 0x7fca2077fd11 in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:603:14 #18 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #19 0x7fca2077b8c5 in v8::internal::Serializer::ObjectSerializer::SerializePrologue(v8::internal::AllocationSpace, int, v8::internal::Map*) v8/src/snapshot/serializer.cc:400:16 #20 0x7fca2077fa68 in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:586:5 #21 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #22 0x7fca20781d0f in v8::internal::Serializer::ObjectSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/serializer.cc:665:22 #23 0x7fca1ffc7eff in IteratePointers<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:82:6 #24 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:85 #25 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:91 #26 0x7fca1ffc7eff in apply<v8::internal::FixedBodyDescriptor<24, 40, 40>, v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:636 #27 0x7fca1ffc7eff in void v8::internal::BodyDescriptorApply<v8::internal::CallIterateBody, void, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*>(v8::internal::InstanceType, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*) v8/src/objects-body-descriptors-inl.h:468 #28 0x7fca2077fd11 in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:603:14 #29 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #30 0x7fca20781d0f in v8::internal::Serializer::ObjectSerializer::VisitPointers(v8::internal::Object**, v8::internal::Object**) v8/src/snapshot/serializer.cc:665:22 #31 0x7fca1ffc7eff in IteratePointers<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:82:6 #32 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:85 #33 0x7fca1ffc7eff in IterateBody<v8::internal::ObjectVisitor> v8/src/objects-body-descriptors.h:91 #34 0x7fca1ffc7eff in apply<v8::internal::FixedBodyDescriptor<24, 40, 40>, v8::internal::ObjectVisitor> v8/src/objects-body-descriptors-inl.h:636 #35 0x7fca1ffc7eff in void v8::internal::BodyDescriptorApply<v8::internal::CallIterateBody, void, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*>(v8::internal::InstanceType, v8::internal::HeapObject*, int, v8::internal::ObjectVisitor*) v8/src/objects-body-descriptors-inl.h:468 #36 0x7fca2077fd11 in v8::internal::Serializer::ObjectSerializer::Serialize() v8/src/snapshot/serializer.cc:603:14 #37 0x7fca2078da84 in v8::internal::StartupSerializer::SerializeObject(v8::internal::HeapObject*, v8::internal::SerializerDeserializer::HowToCode, v8::internal::SerializerDeserializer::WhereToPoint, int) v8/src/snapshot/startup-serializer.cc:81:21 #38 0x7fca2077b8c5 in v8::internal::Serializer::ObjectSerializer::SerializePrologue(v8::internal::AllocationSpace, int, v8::internal::Map*) v8/src/snapshot/serializer.cc:400:16 SUMMARY: MemorySanitizer: use-of-uninitialized-value v8/src/snapshot/mksnapshot.cc:48:22 in SnapshotWriter::MaybeWriteStartupBlob(v8::internal::Vector<unsigned char const> const&) const Exiting ninja: build stopped: subcommand failed.
,
Apr 10 2017
Probably due to ------------------------------------------------------------------------ r299061 | chefmax | 2017-03-30 00:25:33 -0700 (Thu, 30 Mar 2017) | 6 lines [sanitizer] Move fread and fwrite interceptors to sanitizer_common {M, T, E}San have fread and fwrite interceptors, let's move them to sanitizer_common to enable ASan checks as well. Differential Revision: https://reviews.llvm.org/D31456 ------------------------------------------------------------------------ This was seen internally too and tracked in b/36838732
,
Apr 10 2017
The V8 one is easy to fix. But it's not just V8...
,
Apr 10 2017
chrome fails to start, with an initialization error in GTK:
$ out/release/chrome
==176958==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x7f82760f6255 in check_interface_info_I /mnt/b/chromium/src/out-msan-no-origins-trusty/Release/obj/third_party/instrumented_libraries/msan-libglib2.0-0.gen/libglib2.0-0/glib2.0-2.40.2/gobject/gtype.c:1070:33
#1 0x7f82760f6255 in g_type_add_interface_static /mnt/b/chromium/src/out-msan-no-origins-trusty/Release/obj/third_party/instrumented_libraries/msan-libglib2.0-0.gen/libglib2.0-0/glib2.0-2.40.2/gobject/gtype.c:2836
#2 0x7f826ff8bada in gtk_widget_get_type (/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x2c8ada)
#3 0x7f826ffd3e5e (/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x310e5e)
#4 0x7f827041406f in atk_add_focus_tracker /mnt/b/chromium/src/out-msan-no-origins-trusty/Release/obj/third_party/instrumented_libraries/msan-atk1.0.gen/atk1.0/atk1.0-2.10.0/atk/atkutil.c:138:7
#5 0x7f826ffd42a4 (/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x3112a4)
#6 0x7f826fe63815 (/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x1a0815)
#7 0x7f8275ccde81 in g_option_context_parse /mnt/b/chromium/src/out-msan-no-origins-trusty/Release/obj/third_party/instrumented_libraries/msan-libglib2.0-0.gen/libglib2.0-0/glib2.0-2.40.2/glib/goption.c:2096:12
#8 0x7f826fe63cad in gtk_parse_args (/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x1a0cad)
#9 0x7f826fe63d08 in gtk_init_check (/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x1a0d08)
#10 0x7f826fe63d38 in gtk_init (/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x1a0d38)
#11 0x7f8289dc7fea in CommonInitFromCommandLine chrome/browser/ui/libgtkui/gtk_util.cc:50:5
#12 0x7f8289dc7fea in libgtkui::GtkInitFromCommandLine(base::CommandLine const&) chrome/browser/ui/libgtkui/gtk_util.cc:114
#13 0x7f8289db4ec2 in libgtkui::GtkUi::GtkUi() chrome/browser/ui/libgtkui/gtk_ui.cc:421:3
#14 0x7f8289dc41e2 in BuildGtkUi() chrome/browser/ui/libgtkui/gtk_ui.cc:1066:14
#15 0x7f8289312a17 in ChromeBrowserMainExtraPartsViewsLinux::PreEarlyInitialization() chrome/browser/ui/views/chrome_browser_main_extra_parts_views_linux.cc:70:29
#16 0x7f827fe825b6 in ChromeBrowserMainParts::PreEarlyInitialization() chrome/browser/chrome_browser_main.cc:916:29
#17 0x7f827fd4c96f in ChromeBrowserMainPartsPosix::PreEarlyInitialization() chrome/browser/chrome_browser_main_posix.cc:115:27
#18 0x7f827995ca69 in content::BrowserMainLoop::EarlyInitialization() content/browser/browser_main_loop.cc:590:13
#19 0x7f827997d741 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner.cc:106:19
#20 0x7f82799596cc in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:42:32
#21 0x7f827f28e24b in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:437:14
#22 0x7f827f290dad in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:729:12
#23 0x7f82854ab217 in service_manager::Main(service_manager::MainParams const&) services/service_manager/embedder/main.cc:179:25
#24 0x7f827f28aa5e in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:19:10
#25 0x7f82782d49c5 in ChromeMain chrome/app/chrome_main.cc:123:12
#26 0x7f82782d4738 in main chrome/app/chrome_exe_main_aura.cc:17:10
#27 0x7f826edf6f44 in __libc_start_main /build/eglibc-MjiXCM/eglibc-2.19/csu/libc-start.c:287
#28 0x7f8278263a15 in _start (/usr/local/google/work/chromium/src/out/release/chrome+0xbf8a15)
SUMMARY: MemorySanitizer: use-of-uninitialized-value /mnt/b/chromium/src/out-msan-no-origins-trusty/Release/obj/third_party/instrumented_libraries/msan-libglib2.0-0.gen/libglib2.0-0/glib2.0-2.40.2/gobject/gtype.c:1070:33 in check_interface_info_I
ORIGIN: invalid (0). Might be a bug in MemorySanitizer origin tracking.
This could still be a bug in your code, too!
Exiting
But the only data we pass to gtk_init is argv/argc, and it fails even if I set those to zero. Maybe msan-built chrome didn't use to work before either?
,
Apr 10 2017
Nope, browser_tests fails with the same error, and they used to pass.
,
Apr 10 2017
eugenis: Can you take a look at the error in #4? We're basically not passing any data to gtk_init, and haven't re-built the instrumented library, so I don't understand why this is happening. (It seems this is unrealted to the fwrite thing; mabe we should break this out into a separate bug.)
,
Apr 10 2017
remoting_me2me_host is a smaller target that calls gtk_init and fails in the same way
,
Apr 10 2017
I hit the gtk_init error with the current clang version, so it seems something is different on the bots, or something is wrong with my machine? I'll ignore it for now.
,
Apr 10 2017
,
Apr 11 2017
(/usr/lib/x86_64-linux-gnu/libgtk-3.so.0+0x3112a4) this means that there is no instrumented library for libgtk-3.so
,
Apr 11 2017
thomasanderson, hadn't you added an instrumented libgtk3.so?
,
Apr 11 2017
Yes, libgtk-3.so.0 should be in the prebuilt instrumented libraries. hans@ perhaps your instrumented lib revision is out of date? Rerun: $ GYP_DEFINES='msan=1 use_prebuilt_instrumented_libraries=1' gclient runhooks
,
Apr 11 2017
Aha, that must be it. I tried to sync, but didn't realize I had to set magic GYP_DEFINES. Are there any plans for moving away from that, now that we don't use gyp?
,
Apr 11 2017
We tried that at bug 705072 . If it's not GYP_DEFINES, it would just be some other variable, and there's no way around that unfortunately :(
,
Apr 11 2017
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/dd1e2e849939e1728910cf293bb2651c98a12dba commit dd1e2e849939e1728910cf293bb2651c98a12dba Author: hans <hans@chromium.org> Date: Tue Apr 11 17:01:58 2017 Tell MSan to ignore uninitialized padding when writing snapshots After r299061, MSan started complaining about uninitialized data in fwrite. BUG= chromium:710152 Review-Url: https://codereview.chromium.org/2808253002 Cr-Commit-Position: refs/heads/master@{#44587} [modify] https://crrev.com/dd1e2e849939e1728910cf293bb2651c98a12dba/src/snapshot/mksnapshot.cc
,
Apr 13 2017
|
|||||
►
Sign in to add a comment |
|||||
Comment 1 by h...@chromium.org
, Apr 10 2017