Issue metadata
Sign in to add a comment
|
webkit_tests failing on chromium.webkit/WebKit Linux Trusty ASAN |
||||||||||||||||||||||
Issue descriptionwebkit_tests failing on chromium.webkit/WebKit Linux Trusty ASAN Builders failed on: - WebKit Linux Trusty ASAN: https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Linux%20Trusty%20ASAN Stack trace from: https://luci-logdog.appspot.com/v/?s=chromium%2Fbb%2Fchromium.webkit%2FWebKit_Linux_Trusty_ASAN%2F2003%2F%2B%2Frecipes%2Fsteps%2Fwebkit_tests%2F0%2Fstdout ----------------------------- 8< ----------------------------- 15:36:04.074 23860 ==1==ERROR: AddressSanitizer: container-overflow on address 0x6100000a5140 at pc 0x0000055d3363 bp 0x7ffec301eee0 sp 0x7ffec301eed8 15:36:04.074 23860 READ of size 4 at 0x6100000a5140 thread T0 (content_shell) 15:36:04.074 23860 #0 0x55d3362 in SkSL::Compiler::addDefinitions(SkSL::BasicBlock::Node const&, std::__1::unordered_map<SkSL::Variable const*, std::__1::unique_ptr<SkSL::Expression, std::__1::default_delete<SkSL::Expression> >*, std::__1::hash<SkSL::Variable const*>, std::__1::equal_to<SkSL::Variable const*>, std::__1::allocator<std::__1::pair<SkSL::Variable const* const, std::__1::unique_ptr<SkSL::Expression, std::__1::default_delete<SkSL::Expression> >*> > >*) third_party/skia/src/sksl/SkSLCompiler.cpp:211:18 15:36:04.074 23860 #1 0x55dacf9 in SkSL::Compiler::scanCFG(SkSL::FunctionDefinition&) third_party/skia/src/sksl/SkSLCompiler.cpp:883:23 15:36:04.074 23860 #2 0x55cf2a4 in SkSL::Compiler::internalConvertProgram(SkSL::String, SkSL::Modifiers::Flag*, std::__1::vector<std::__1::unique_ptr<SkSL::ProgramElement, std::__1::default_delete<SkSL::ProgramElement> >, std::__1::allocator<std::__1::unique_ptr<SkSL::ProgramElement, std::__1::default_delete<SkSL::ProgramElement> > > >*) third_party/skia/src/sksl/SkSLCompiler.cpp:922:27 15:36:04.074 23860 #3 0x55db583 in SkSL::Compiler::convertProgram(SkSL::Program::Kind, SkSL::String, SkSL::Program::Settings const&) third_party/skia/src/sksl/SkSLCompiler.cpp:980:11 15:36:04.074 23860 #4 0x5553592 in GrGLCompileAndAttachShader(GrGLContext const&, unsigned int, unsigned int, char const**, int*, int, GrGpu::Stats*, SkSL::Program::Settings const&, SkSL::Program::Inputs*) third_party/skia/src/gpu/gl/builders/GrGLShaderStringBuilder.cpp:55:28 15:36:04.074 23860 #5 0x554fa3d in GrGLProgramBuilder::compileAndAttachShaders(GrGLSLShaderBuilder&, unsigned int, unsigned int, SkTDArray<unsigned int>*, SkSL::Program::Settings const&, SkSL::Program::Inputs*) third_party/skia/src/gpu/gl/builders/GrGLProgramBuilder.cpp:79:25 15:36:04.074 23860 #6 0x554e9e0 in GrGLProgramBuilder::finalize() third_party/skia/src/gpu/gl/builders/GrGLProgramBuilder.cpp:144:16 15:36:04.074 23860 #7 0x554d799 in GrGLProgramBuilder::CreateProgram(GrPipeline const&, GrPrimitiveProcessor const&, GrProgramDesc*, GrGLGpu*) third_party/skia/src/gpu/gl/builders/GrGLProgramBuilder.cpp:53:20 15:36:04.074 23860 #8 0x551cb60 in GrGLGpu::ProgramCache::refProgram(GrGLGpu const*, GrPipeline const&, GrPrimitiveProcessor const&, bool) third_party/skia/src/gpu/gl/GrGLGpuProgramCache.cpp:95:32 15:36:04.074 23860 #9 0x54efda1 in GrGLGpu::flushGLState(GrPipeline const&, GrPrimitiveProcessor const&, bool) third_party/skia/src/gpu/gl/GrGLGpu.cpp:1936:47 15:36:04.074 23860 #10 0x54fe906 in GrGLGpu::draw(GrPipeline const&, GrPrimitiveProcessor const&, GrMesh const*, int) third_party/skia/src/gpu/gl/GrGLGpu.cpp:2654:16 15:36:04.074 23860 #11 0x598b81d in GrGpuCommandBuffer::draw(GrPipeline const&, GrPrimitiveProcessor const&, GrMesh const*, int, SkRect const&) third_party/skia/src/gpu/GrGpuCommandBuffer.cpp:47:11 15:36:04.074 23860 #12 0x53fcece in GrMeshDrawOp::onExecute(GrOpFlushState*) third_party/skia/src/gpu/ops/GrMeshDrawOp.cpp:80:33 15:36:04.074 23860 #13 0x536de96 in execute third_party/skia/src/gpu/ops/GrOp.h:145:49 15:36:04.074 23860 #14 0x536de96 in GrRenderTargetOpList::executeOps(GrOpFlushState*) third_party/skia/src/gpu/GrRenderTargetOpList.cpp:172:0 15:36:04.074 23860 #15 0x5325917 in GrDrawingManager::internalFlush(GrSurfaceProxy*, GrResourceCache::FlushType) third_party/skia/src/gpu/GrDrawingManager.cpp:153:26 15:36:04.074 23860 #16 0x5326548 in flush third_party/skia/src/gpu/GrDrawingManager.h:96:15 15:36:04.074 23860 #17 0x5326548 in GrDrawingManager::prepareSurfaceForExternalIO(GrSurfaceProxy*) third_party/skia/src/gpu/GrDrawingManager.cpp:191:0 15:36:04.074 23860 #18 0x5363046 in GrRenderTargetContext::prepareForExternalIO() third_party/skia/src/gpu/GrRenderTargetContext.cpp:1267:29 15:36:04.074 23860 #19 0xdad9179 in blink::Canvas2DLayerBridge::Flush() third_party/WebKit/Source/platform/graphics/Canvas2DLayerBridge.cpp:808:38 15:36:04.074 23860 #20 0xdadaf61 in blink::Canvas2DLayerBridge::NewImageSnapshot(blink::AccelerationHint, blink::SnapshotReason) third_party/WebKit/Source/platform/graphics/Canvas2DLayerBridge.cpp:1096:3 15:36:04.074 23860 #21 0x90db157 in blink::Canvas2DImageBufferSurface::NewImageSnapshot(blink::AccelerationHint, blink::SnapshotReason) third_party/WebKit/Source/platform/graphics/Canvas2DImageBufferSurface.h:107:27 15:36:04.074 23860 #22 0x834c501 in blink::ImageBuffer::GetImageData(blink::Multiply, blink::IntRect const&, WTF::ArrayBufferContents&) const third_party/WebKit/Source/platform/graphics/ImageBuffer.cpp:372:39 15:36:04.074 23860 #23 0xacbbe9c in blink::BaseRenderingContext2D::getImageData(int, int, int, int, blink::ExceptionState&) third_party/WebKit/Source/modules/canvas2d/BaseRenderingContext2D.cpp:1670:16 15:36:04.074 23860 #24 0xa4cc466 in getImageDataMethod /b/c/b/linux_layout/src/out/Release/gen/blink/bindings/modules/v8/V8CanvasRenderingContext2D.cpp:1940:29 15:36:04.075 23860 #25 0xa4cc466 in blink::V8CanvasRenderingContext2D::getImageDataMethodCallback(v8::FunctionCallbackInfo<v8::Value> const&) /b/c/b/linux_layout/src/out/Release/gen/blink/bindings/modules/v8/V8CanvasRenderingContext2D.cpp:2867:0 15:36:04.075 23860 #26 0x136c2ad in v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) v8/src/api-arguments.cc:25:3 15:36:04.075 23860 #27 0x1576cc0 in v8::internal::MaybeHandle<v8::internal::Object> v8::internal::(anonymous namespace)::HandleApiCallHelper<false>(v8::internal::Isolate*, v8::internal::Handle<v8::internal::HeapObject>, v8::internal::Handle<v8::internal::HeapObject>, v8::internal::Handle<v8::internal::FunctionTemplateInfo>, v8::internal::Handle<v8::internal::Object>, v8::internal::BuiltinArguments) v8/src/builtins/builtins-api.cc:112:36 15:36:04.075 23860 #28 0x157411c in v8::internal::Builtin_Impl_HandleApiCall(v8::internal::BuiltinArguments, v8::internal::Isolate*) v8/src/builtins/builtins-api.cc:142:5 1 ----------------------------- 8< -----------------------------
,
May 1 2017
Hi Ken can you take a look at this crash? It seems there are many webkit/graphics/gpu CLs in the first build to break this. Maybe you can reassign to correct person? Thanks.
,
May 1 2017
Seems to also happen on this builder: https://luci-logdog.appspot.com/v/?s=chromium%2Fbb%2Fchromium.webkit%2FWebKit_Win7__dbg_%2F9671%2F%2B%2Frecipes%2Fsteps%2Fwebkit_tests%2F0%2Fstdout Regressions: Unexpected timeouts virtual/gpu/fast/canvas/canvas-clip-rule.html [ Timeout ] virtual/gpu/fast/canvas/canvas-path-context-clip.html [ Timeout ] What I see is that the test passes in these cases: virtual/display_list_2d_canvas/fast/canvas/canvas-clip-rule.html virtual/sharedarraybuffer/fast/canvas/canvas-clip-rule.html fast/canvas/canvas-clip-rule.html but not these: virtual/gpu/fast/canvas/canvas-clip-rule.html I see the following in the logs: ----------------------------- 8< ----------------------------- 15:43:02.118 7284 [7424:2084:0428/154244.752:8874428:INFO:media_foundation_video_encode_accelerator_win.cc(329)] Windows versions earlier than 8 are not supported. 15:43:02.118 7284 [6660:6412:0428/154246.260:8875942:INFO:grmemorypool.cpp(46)] Leaked IDs (in no particular order): 6 15:43:02.118 7284 [6660:6412:0428/154246.261:8875942:INFO:grmemorypool.cpp(48)] , 7 15:43:02.118 7284 [6660:6412:0428/154246.261:8875942:INFO:grmemorypool.cpp(48)] , 10 15:43:02.118 7284 15:43:02.119 7284 [6660:6412:0428/154246.261:8875942:INFO:grmemorypool.cpp(54)] e:\b\c\b\win_layout\src\third_party\skia\src\gpu\grmemorypool.cpp:54: fatal error: "assert(0 == fAllocationCnt)" 15:43:02.119 7284 ----------------------------- 8< -----------------------------
,
May 1 2017
This assert is in either Justin's or Brian's domain.
,
May 1 2017
The output in #3 is a consequence of crashing not the cause. This looks like something in SkSL, so over to Ethan.
,
May 1 2017
This is still happening. It first occurred with build 2003 and still happening as of build 2026: https://uberchromegw.corp.google.com/i/chromium.webkit/builders/WebKit%20Linux%20Trusty%20ASAN/builds/2026
,
May 2 2017
,
May 4 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/6c18fc01884a2135fe69750e7e86e2185228148a commit 6c18fc01884a2135fe69750e7e86e2185228148a Author: rjkroege <rjkroege@chromium.org> Date: Thu May 04 21:12:42 2017 ASANExpectations update for crbug.com/717019 Added crashing layout tests. BUG= 717019 TBR=ethannicholas@chromium.org Review-Url: https://codereview.chromium.org/2862913003 Cr-Commit-Position: refs/heads/master@{#469472} [modify] https://crrev.com/6c18fc01884a2135fe69750e7e86e2185228148a/third_party/WebKit/LayoutTests/ASANExpectations
,
May 5 2017
Just fixed a serious error in the SkSL optimizer which was probably responsible for this; leaving it open until we know for sure.
,
Sep 13 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f7d3cba459d35802af4279e805418f3ef3a55462 commit f7d3cba459d35802af4279e805418f3ef3a55462 Author: Xida Chen <xidachen@chromium.org> Date: Wed Sep 13 15:16:32 2017 Remove two fast/canvas/ lines in test expectations The flakiness dashboard shows that these tests consistently pass: https://test-results.appspot.com/dashboards/flakiness_dashboard.html#testType=webkit_tests&tests=virtual%2Fgpu%2Ffast%2Fcanvas%2Fcanvas-clip-rule.html%2Cvirtual%2Fgpu%2Ffast%2Fcanvas%2Fcanvas-path-context-clip.html Bug: 717389 , 717019 Change-Id: I3467abf55e55054fa38800ffd6e42e3c72a6b4b5 Reviewed-on: https://chromium-review.googlesource.com/664280 Reviewed-by: Justin Novosad <junov@chromium.org> Commit-Queue: Xida Chen <xidachen@chromium.org> Cr-Commit-Position: refs/heads/master@{#501634} [modify] https://crrev.com/f7d3cba459d35802af4279e805418f3ef3a55462/third_party/WebKit/LayoutTests/ASANExpectations [modify] https://crrev.com/f7d3cba459d35802af4279e805418f3ef3a55462/third_party/WebKit/LayoutTests/TestExpectations
,
Sep 14 2017
|
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by rogerta@chromium.org
, May 1 2017