webkit_unit_tests failing Linux MSAN with use-of-uninitialized-value |
||||||||
Issue descriptionwebkit_unit_tests failing Linux MSAN with use-of-uninitialized-value Seems to be due to https://chromium-review.googlesource.com/c/585395/ Builders failed on: - WebKit Linux Trusty MSAN: https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Linux%20Trusty%20MSAN OffscreenCanvasTest.AnimationActiveAfterCommit is failing with message ==368:368==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0xc3c8a85 in ReleaseTexture third_party/WebKit/Source/platform/graphics/MailboxTextureHolder.cpp:32:39 #1 0xc3c8a85 in blink::MailboxTextureHolder::~MailboxTextureHolder() third_party/WebKit/Source/platform/graphics/MailboxTextureHolder.cpp:120:0 #2 0xc3c9bcc in blink::MailboxTextureHolder::~MailboxTextureHolder() third_party/WebKit/Source/platform/graphics/MailboxTextureHolder.cpp:106:47 #3 0xc3bbbac in operator() buildtools/third_party/libc++/trunk/include/memory:2272:5 #4 0xc3bbbac in reset buildtools/third_party/libc++/trunk/include/memory:2585:0 #5 0xc3bbbac in ~unique_ptr buildtools/third_party/libc++/trunk/include/memory:2539:0
,
Jul 28 2017
Revert up in https://chromium-review.googlesource.com/c/590391
,
Jul 28 2017
I couldn't land my revert due to merge failures. Assigning CL owner and reviewers to take a look.
,
Jul 28 2017
,
Jul 28 2017
,
Jul 28 2017
,
Jul 28 2017
,
Jul 28 2017
Err, that CL touches a lot of files, instead of reverting it, maybe fix it?
,
Jul 28 2017
,
Jul 28 2017
Fix is in the CQ: https://chromium-review.googlesource.com/c/591687/
,
Jul 28 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/3b4b6cd6ad9f43aa205ebe4e7bc15305d24e6c3d commit 3b4b6cd6ad9f43aa205ebe4e7bc15305d24e6c3d Author: Justin Novosad <junov@chromium.org> Date: Fri Jul 28 18:55:47 2017 Fix msan failure in MailboxTextureHolder This CL makes sure all members of MailboxTextureHolder are initialized before the constructor's early exit condition. BUG= 749936 TBR=fserb@chromium.org NOTRY=true Change-Id: I32dd63d134754255fbf31c4064eab9942d13323f Reviewed-on: https://chromium-review.googlesource.com/591687 Commit-Queue: Justin Novosad <junov@chromium.org> Reviewed-by: Justin Novosad <junov@chromium.org> Cr-Commit-Position: refs/heads/master@{#490478} [modify] https://crrev.com/3b4b6cd6ad9f43aa205ebe4e7bc15305d24e6c3d/third_party/WebKit/Source/platform/graphics/MailboxTextureHolder.cpp
,
Jul 28 2017
this is now fixed.
,
Jul 28 2017
Bot is green. Closing. |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by meade@chromium.org
, Jul 28 2017Fuller stack trace #0 0xc3c8a85 in ReleaseTexture third_party/WebKit/Source/platform/graphics/MailboxTextureHolder.cpp:32:39 #1 0xc3c8a85 in blink::MailboxTextureHolder::~MailboxTextureHolder() third_party/WebKit/Source/platform/graphics/MailboxTextureHolder.cpp:120:0 #2 0xc3c9bcc in blink::MailboxTextureHolder::~MailboxTextureHolder() third_party/WebKit/Source/platform/graphics/MailboxTextureHolder.cpp:106:47 #3 0xc3bbbac in operator() buildtools/third_party/libc++/trunk/include/memory:2272:5 #4 0xc3bbbac in reset buildtools/third_party/libc++/trunk/include/memory:2585:0 #5 0xc3bbbac in ~unique_ptr buildtools/third_party/libc++/trunk/include/memory:2539:0 #6 0xc3bbbac in blink::AcceleratedStaticBitmapImage::~AcceleratedStaticBitmapImage() third_party/WebKit/Source/platform/graphics/AcceleratedStaticBitmapImage.cpp:101:0 #7 0xc3bc21c in blink::AcceleratedStaticBitmapImage::~AcceleratedStaticBitmapImage() third_party/WebKit/Source/platform/graphics/AcceleratedStaticBitmapImage.cpp:83:63 #8 0x128ea7c8 in Deref third_party/WebKit/Source/platform/wtf/ThreadSafeRefCounted.h:63:7 #9 0x128ea7c8 in DerefIfNotNull<blink::StaticBitmapImage> third_party/WebKit/Source/platform/wtf/PassRefPtr.h:60:0 #10 0x128ea7c8 in ~RefPtr third_party/WebKit/Source/platform/wtf/RefPtr.h:78:0 #11 0x128ea7c8 in ~__tuple_leaf buildtools/third_party/libc++/trunk/include/tuple:170:0 #12 0x128ea7c8 in ~__tuple_impl buildtools/third_party/libc++/trunk/include/tuple:369:0 #13 0x128ea7c8 in ~tuple buildtools/third_party/libc++/trunk/include/tuple:474:0 #14 0x128ea7c8 in ~BindState base/bind_internal.h:459:0 #15 0x128ea7c8 in base::internal::BindState<void (*)(base::WeakPtr<blink::OffscreenCanvasFrameDispatcher>, WTF::RefPtr<blink::Image>, unsigned int), base::WeakPtr<blink::OffscreenCanvasFrameDispatcher>, WTF::RefPtr<blink::StaticBitmapImage>, unsigned int>::Destroy(base::internal::BindStateBase const*) base/bind_internal.h:462:0