Issue 710484 link

Starred by 1 user
Issue metadata

Status:	Duplicate
Merged:	issue 709341
Owner:	ccameron@chromium.org
Closed:	Apr 2017
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	1
Type:	Bug-Regression
Stability-Memory-MemorySanitizer
Blocking:
issue 697171
GpuImageDecodeCacheTest.GetTaskForImageLargerScaleNoReuse reads uninitialized memory (via skia)

Project Member Reported by thakis@chromium.org, Apr 11 2017
Issue description

[ RUN      ] GpuImageDecodeCacheTest.GetTaskForImageLargerScaleNoReuse
==4464==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x52cbdb4 in downsample_2_2_srgb(void*, void const*, unsigned long, int) third_party/skia/src/core/SkMipMap.cpp:320:26
    #1 0x52cde5f in SkMipMap::Build(SkPixmap const&, SkDestinationSurfaceColorMode, SkDiscardableMemory* (*)(unsigned long)) third_party/skia/src/core/SkMipMap.cpp:564:13
    #2 0x52ee5a8 in SkMipMap::Build(SkBitmap const&, SkDestinationSurfaceColorMode, SkDiscardableMemory* (*)(unsigned long)) third_party/skia/src/core/SkMipMap.cpp:693:12
    #3 0x51834ae in SkMipMapCache::AddAndRef(SkBitmap const&, SkDestinationSurfaceColorMode, SkResourceCache*) third_party/skia/src/core/SkBitmapCache.cpp:250:24
    #4 0x5186149 in SkDefaultBitmapControllerState::processMediumRequest(SkBitmapProvider const&) third_party/skia/src/core/SkBitmapController.cpp:187:28
    #5 0x5186784 in SkDefaultBitmapControllerState::SkDefaultBitmapControllerState(SkBitmapProvider const&, SkMatrix const&, SkFilterQuality, bool) third_party/skia/src/core/SkBitmapController.cpp:223:64
    #6 0x5186afb in SkInPlaceNewCheck\u003CSkDefaultBitmapControllerState, SkBitmapProvider, SkMatrix, SkFilterQuality, bool> third_party/skia/include/private/SkTemplates.h:445:72
    #7 0x5186afb in SkDefaultBitmapController::onRequestBitmap(SkBitmapProvider const&, SkMatrix const&, SkFilterQuality, void*, unsigned long) third_party/skia/src/core/SkBitmapController.cpp:244:0
    #8 0x5183f48 in SkBitmapController::requestBitmap(SkBitmapProvider const&, SkMatrix const&, SkFilterQuality, void*, unsigned long) third_party/skia/src/core/SkBitmapController.cpp:24:26
    #9 0x4b2caf1 in requestBitmap third_party/skia/src/core/SkBitmapController.h:46:22
    #10 0x4b2caf1 in SkImageShader::onAppendStages(SkRasterPipeline*, SkColorSpace*, SkArenaAlloc*, SkMatrix const&, SkPaint const&, SkMatrix const*) const third_party/skia/src/image/SkImageShader.cpp:229:0
    #11 0x4acb161 in SkShader::appendStages(SkRasterPipeline*, SkColorSpace*, SkArenaAlloc*, SkMatrix const&, SkPaint const&) const third_party/skia/src/core/SkShader.cpp:260:18
    #12 0x532f09e in SkRasterPipelineBlitter::Create(SkPixmap const&, SkPaint const&, SkMatrix const&, SkArenaAlloc*) third_party/skia/src/core/SkRasterPipelineBlitter.cpp:114:22
    #13 0x51a4104 in SkBlitter::Choose(SkPixmap const&, SkMatrix const&, SkPaint const&, SkArenaAlloc*, bool) third_party/skia/src/core/SkBlitter.cpp:850:30
    #14 0x48b7657 in SkAutoBlitterChoose third_party/skia/src/core/SkDraw.cpp:60:20
    #15 0x48b7657 in SkDraw::drawRect(SkRect const&, SkPaint const&, SkMatrix const*, SkRect const*) const third_party/skia/src/core/SkDraw.cpp:835:0
    #16 0x48bdb0b in SkDraw::drawBitmap(SkBitmap const&, SkMatrix const&, SkRect const*, SkPaint const&) const third_party/skia/src/core/SkDraw.h:0:15
    #17 0x518b777 in SkBitmapDevice::drawBitmapRect(SkBitmap const&, SkRect const*, SkRect const&, SkPaint const&, SkCanvas::SrcRectConstraint) third_party/skia/src/core/SkBitmapDevice.cpp:336:26
    #18 0x46d88a0 in SkCanvas::internalDrawBitmapRect(SkBitmap const&, SkRect const*, SkRect const&, SkPaint const*, SkCanvas::SrcRectConstraint) third_party/skia/src/core/SkCanvas.cpp:2387:23
    #19 0x46d9211 in SkCanvas::onDrawBitmapRect(SkBitmap const&, SkRect const*, SkRect const&, SkPaint const*, SkCanvas::SrcRectConstraint) third_party/skia/src/core/SkCanvas.cpp:2397:11
    #20 0x46c501a in drawBitmapRect third_party/skia/src/core/SkCanvas.cpp:1889:11
    #21 0x46c501a in SkCanvas::drawBitmapRect(SkBitmap const&, SkRect const&, SkPaint const*, SkCanvas::SrcRectConstraint) third_party/skia/src/core/SkCanvas.cpp:1899:0
    #22 0x4a13e7f in SkPixmap::scalePixels(SkPixmap const&, SkFilterQuality) const third_party/skia/src/core/SkPixmap.cpp:259:27
    #23 0x4b17a08 in SkImage::scalePixels(SkPixmap const&, SkFilterQuality, SkImage::CachingHint) const third_party/skia/src/image/SkImage.cpp:76:45
    #24 0x506294e in SkImage::getDeferredTextureImageData(GrContextThreadSafeProxy const&, SkImage::DeferredTextureImageUsageParams const*, int, void*, SkColorSpace*) const third_party/skia/src/image/SkImage_Gpu.cpp:641:28
    #25 0x3c46fa5 in cc::GpuImageDecodeCache::DecodeImageIfNecessary(cc::DrawImage const&, cc::GpuImageDecodeCache::ImageData*) cc/tiles/gpu_image_decode_cache.cc:1120:34
    #26 0x3c4dded in cc::GpuImageDecodeCache::DecodeImage(cc::DrawImage const&) cc/tiles/gpu_image_decode_cache.cc:702:3
    #27 0x3c53355 in cc::ImageDecodeTaskImpl::RunOnWorkerThread() cc/tiles/gpu_image_decode_cache.cc:177:13
    #28 0x3fa7dc3 in RunTask cc/test/test_tile_task_runner.cc:30:9
    #29 0x3fa7dc3 in cc::TestTileTaskRunner::ProcessTask(cc::TileTask*) cc/test/test_tile_task_runner.cc:13:0
    #30 0x2103ee6 in cc::(anonymous namespace)::GpuImageDecodeCacheTest_GetTaskForImageLargerScaleNoReuse_Test::TestBody() cc/tiles/gpu_image_decode_cache_unittest.cc:282:3
    #31 0x423fe0c in HandleExceptionsInMethodIfSupported\u003Ctesting::Test, void> testing/gtest/src/gtest.cc:2458:12
    #32 0x423fe0c in testing::Test::Run() testing/gtest/src/gtest.cc:2474:0
    #33 0x4242b7b in testing::TestInfo::Run() testing/gtest/src/gtest.cc:2656:11
    #34 0x4244119 in testing::TestCase::Run() testing/gtest/src/gtest.cc:2774:28
    #35 0x4263dbd in testing::internal::UnitTestImpl::RunAllTests() testing/gtest/src/gtest.cc:4647:43
    #36 0x4262c4e in HandleExceptionsInMethodIfSupported\u003Ctesting::internal::UnitTestImpl, bool> testing/gtest/src/gtest.cc:2458:12
    #37 0x4262c4e in testing::UnitTest::Run() testing/gtest/src/gtest.cc:4255:0
    #38 0x3fc7620 in RUN_ALL_TESTS testing/gtest/include/gtest/gtest.h:2237:46
    #39 0x3fc7620 in base::TestSuite::Run() base/test/test_suite.cc:271:0
    #40 0x3fcc69c in Run base/callback.h:80:12
    #41 0x3fcc69c in base::(anonymous namespace)::LaunchUnitTestsInternal(base::Callback\u003Cint (), (base::internal::CopyMode)1, (base::internal::RepeatMode)1> const&, int, int, bool, base::Callback\u003Cvoid (), (base::internal::CopyMode)1, (base::internal::RepeatMode)1> const&) base/test/launcher/unit_test_launcher.cc:211:0
    #42 0x3fcbec6 in base::LaunchUnitTests(int, char**, base::Callback\u003Cint (), (base::internal::CopyMode)1, (base::internal::RepeatMode)1> const&) base/test/launcher/unit_test_launcher.cc:453:10
    #43 0x37283d7 in main cc/test/run_all_unittests.cc:15:10
    #44 0x7fe64ab08f44 in __libc_start_main /build/eglibc-MjiXCM/eglibc-2.19/csu/libc-start.c:287:0
    #45 0x616d77 in _start ??:0:0

  Uninitialized value was stored to memory at
    #0 0x6377eb in __msan_memcpy ??:0:0
    #1 0x48a488a in SkData::PrivateNewWithCopy(void const*, unsigned long) third_party/skia/src/core/SkData.cpp:75:9
    #2 0x48a4eed in SkData::MakeWithCopy(void const*, unsigned long) third_party/skia/src/core/SkData.cpp:103:12
    #3 0x4b22dbb in SkImage::MakeRasterCopy(SkPixmap const&) third_party/skia/src/image/SkImage_Raster.cpp:277:24
    #4 0x4b24a04 in SkMakeImageFromRasterBitmap(SkBitmap const&, SkCopyPixelsMode) third_party/skia/src/image/SkImage_Raster.cpp:327:20
    #5 0x4b19bb1 in SkImage::MakeFromBitmap(SkBitmap const&) third_party/skia/src/image/SkImage.cpp:229:12
    #6 0x20f4d33 in cc::(anonymous namespace)::CreateImage(int, int) cc/tiles/gpu_image_decode_cache_unittest.cc:35:10
    #7 0x2101ce6 in cc::(anonymous namespace)::GpuImageDecodeCacheTest_GetTaskForImageLargerScaleNoReuse_Test::TestBody() cc/tiles/gpu_image_decode_cache_unittest.cc:250:32
    #8 0x423fe0c in HandleExceptionsInMethodIfSupported\u003Ctesting::Test, void> testing/gtest/src/gtest.cc:2458:12
    #9 0x423fe0c in testing::Test::Run() testing/gtest/src/gtest.cc:2474:0
    #10 0x4242b7b in testing::TestInfo::Run() testing/gtest/src/gtest.cc:2656:11
    #11 0x4244119 in testing::TestCase::Run() testing/gtest/src/gtest.cc:2774:28
    #12 0x4263dbd in testing::internal::UnitTestImpl::RunAllTests() testing/gtest/src/gtest.cc:4647:43
    #13 0x4262c4e in HandleExceptionsInMethodIfSupported\u003Ctesting::internal::UnitTestImpl, bool> testing/gtest/src/gtest.cc:2458:12
    #14 0x4262c4e in testing::UnitTest::Run() testing/gtest/src/gtest.cc:4255:0
    #15 0x3fc7620 in RUN_ALL_TESTS testing/gtest/include/gtest/gtest.h:2237:46
    #16 0x3fc7620 in base::TestSuite::Run() base/test/test_suite.cc:271:0
    #17 0x3fcc69c in Run base/callback.h:80:12
    #18 0x3fcc69c in base::(anonymous namespace)::LaunchUnitTestsInternal(base::Callback\u003Cint (), (base::internal::CopyMode)1, (base::internal::RepeatMode)1> const&, int, int, bool, base::Callback\u003Cvoid (), (base::internal::CopyMode)1, (base::internal::RepeatMode)1> const&) base/test/launcher/unit_test_launcher.cc:211:0
    #19 0x3fcbec6 in base::LaunchUnitTests(int, char**, base::Callback\u003Cint (), (base::internal::CopyMode)1, (base::internal::RepeatMode)1> const&) base/test/launcher/unit_test_launcher.cc:453:10
    #20 0x37283d7 in main cc/test/run_all_unittests.cc:15:10
    #21 0x7fe64ab08f44 in __libc_start_main /build/eglibc-MjiXCM/eglibc-2.19/csu/libc-start.c:287:0

  Uninitialized value was created by a heap allocation
    #0 0x63e93d in __interceptor_malloc ??:0:0
    #1 0x44d71f9 in base::UncheckedMalloc(unsigned long, void**) base/process/memory_linux.cc:203:13
    #2 0x46520d6 in sk_malloc_nothrow skia/ext/SkMemory_new_handler.cpp:75:19
    #3 0x46520d6 in sk_malloc_flags(unsigned long, unsigned int) skia/ext/SkMemory_new_handler.cpp:87:0
    #4 0x4900abd in operator() third_party/skia/src/core/SkMallocPixelRef.cpp:95:55
    #5 0x4900abd in __invoke third_party/skia/src/core/SkMallocPixelRef.cpp:95:0
    #6 0x4900abd in MakeUsing third_party/skia/src/core/SkMallocPixelRef.cpp:83:0
    #7 0x4900abd in SkMallocPixelRef::MakeAllocate(SkImageInfo const&, unsigned long, sk_sp\u003CSkColorTable>) third_party/skia/src/core/SkMallocPixelRef.cpp:96:0
    #8 0x4664976 in SkBitmap::tryAllocPixels(SkImageInfo const&, unsigned long) third_party/skia/src/core/SkBitmap.cpp:325:28
    #9 0x20f4b39 in allocPixels third_party/skia/include/core/SkBitmap.h:269:20
    #10 0x20f4b39 in allocPixels third_party/skia/include/core/SkBitmap.h:279:0
    #11 0x20f4b39 in cc::(anonymous namespace)::CreateImage(int, int) cc/tiles/gpu_image_decode_cache_unittest.cc:33:0
    #12 0x2101ce6 in cc::(anonymous namespace)::GpuImageDecodeCacheTest_GetTaskForImageLargerScaleNoReuse_Test::TestBody() cc/tiles/gpu_image_decode_cache_unittest.cc:250:32
    #13 0x423fe0c in HandleExceptionsInMethodIfSupported\u003Ctesting::Test, void> testing/gtest/src/gtest.cc:2458:12
    #14 0x423fe0c in testing::Test::Run() testing/gtest/src/gtest.cc:2474:0
    #15 0x4242b7b in testing::TestInfo::Run() testing/gtest/src/gtest.cc:2656:11
    #16 0x4244119 in testing::TestCase::Run() testing/gtest/src/gtest.cc:2774:28
    #17 0x4263dbd in testing::internal::UnitTestImpl::RunAllTests() testing/gtest/src/gtest.cc:4647:43
    #18 0x4262c4e in HandleExceptionsInMethodIfSupported\u003Ctesting::internal::UnitTestImpl, bool> testing/gtest/src/gtest.cc:2458:12
    #19 0x4262c4e in testing::UnitTest::Run() testing/gtest/src/gtest.cc:4255:0
    #20 0x3fc7620 in RUN_ALL_TESTS testing/gtest/include/gtest/gtest.h:2237:46
    #21 0x3fc7620 in base::TestSuite::Run() base/test/test_suite.cc:271:0
    #22 0x3fcc69c in Run base/callback.h:80:12
    #23 0x3fcc69c in base::(anonymous namespace)::LaunchUnitTestsInternal(base::Callback\u003Cint (), (base::internal::CopyMode)1, (base::internal::RepeatMode)1> const&, int, int, bool, base::Callback\u003Cvoid (), (base::internal::CopyMode)1, (base::internal::RepeatMode)1> const&) base/test/launcher/unit_test_launcher.cc:211:0
    #24 0x3fcbec6 in base::LaunchUnitTests(int, char**, base::Callback\u003Cint (), (base::internal::CopyMode)1, (base::internal::RepeatMode)1> const&) base/test/launcher/unit_test_launcher.cc:453:10
    #25 0x37283d7 in main cc/test/run_all_unittests.cc:15:10
    #26 0x7fe64ab08f44 in __libc_start_main /build/eglibc-MjiXCM/eglibc-2.19/csu/libc-start.c:287:0

SUMMARY: MemorySanitizer: use-of-uninitialized-value (/b/s/w/ir/out/Release/cc_unittests+0x52cbdb4)
Exiting




Started here: https://build.chromium.org/p/chromium.memory.full/builders/Linux%20MSan%20Tests/builds/6967 , likely https://codereview.chromium.org/2797583002
Comment 1 by thestig@chromium.org, Apr 11 2017

Mergedinto: 709341
Status: Duplicate (was: Assigned)
►
Issue 710484 link

Issue metadata

GpuImageDecodeCacheTest.GetTaskForImageLargerScaleNoReuse reads uninitialized memory (via skia)

Issue description

Comment 1 by thestig@chromium.org, Apr 11 2017

Comment 1 Deleted

Sign in to add a comment
