New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 772002 link

Starred by 1 user
Status: Fixed
Owner:
h...@chromium.org
Closed: Oct 2017
Cc:
pkalinnikov@chromium.org
h...@chromium.org
r...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug

Blocking:
issue 82385



Sign in to add a comment

U2fBleFramesTest.SplitAndAssemble failing on clang/win debug bots

Project Member Reported by thakis@chromium.org, Oct 5 2017

Comment 1 by thakis@chromium.org, Oct 5 2017

Cc: r...@chromium.org

Comment 2 by thakis@chromium.org, Oct 5 2017 

From swarming:

[ RUN      ] U2fBleFramesTest.SplitAndAssemble

[313/313] U2fBleFramesTest.SplitAndAssemble (TIMED OUT)

Comment 3 by scheib@chromium.org, Oct 11 2017

Status: Assigned (was: Untriaged)

Comment 4 by h...@chromium.org, Oct 16 2017

Cc: pkalinnikov@chromium.org
Owner: h...@chromium.org
Status: Started (was: Assigned)
Reproduces nicely locally:

[==========] Running 1 test from 1 test case.
[----------] Global test environment set-up.
[----------] 1 test from U2fBleFramesTest
[ RUN      ] U2fBleFramesTest.SplitAndAssemble
Received fatal exception EXCEPTION_BREAKPOINT
Backtrace:
        std::_Debug_message [0x00007FF874ABF806+70]
        std::vector<unsigned char,std::allocator<unsigned char> >::operator[] [0x0000000140231F01+65]
        device::U2fBleFrame::ToFragments [0x00000001403A30D5+581]
        device::U2fBleFramesTest_SplitAndAssemble_Test::TestBody [0x0000000140186EA0+336]
        testing::internal::HandleExceptionsInMethodIfSupported<testing::Test,void> [0x00000001404E915F+79]
        testing::Test::Run [0x00000001404E908C+172]
        testing::TestInfo::Run [0x00000001404EA036+230]
        testing::TestCase::Run [0x00000001404EAED3+243]
        testing::internal::UnitTestImpl::RunAllTests [0x00000001404F3430+992]
        testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl,bool> [0x00000001404F3015+85]
        testing::UnitTest::Run [0x00000001404F2E21+305]
        RUN_ALL_TESTS [0x0000000140706221+17]
        base::TestSuite::Run [0x0000000140705500+160]
        ??$Invoke@PEAVTestSuite@base@@$$V@?$FunctorTraits@P8TestSuite@base@@EAAHXZX@internal@base@@SAHP8TestSuite@2@EAAHXZ$$QEAPEAV32@@Z [0x000000014017708A+26]
        base::internal::InvokeHelper<0,int>::MakeItSo<int (__cdecl base::TestSuite::*const & __ptr64)(void) __ptr64,base::TestSuite * __ptr64> [0x0000000140176FF4+52]
        base::internal::Invoker<base::internal::BindState<int (__cdecl base::TestSuite::*)(void) __ptr64,base::internal::UnretainedWrapper<base::TestSuite> >,int __cdecl(void)>::RunImpl<int (__cdecl base::TestSuite::*const & __ptr64)(void) __ptr64,std::tuple<base [0x0000000140176F87+87]
        base::internal::Invoker<base::internal::BindState<int (__cdecl base::TestSuite::*)(void) __ptr64,base::internal::UnretainedWrapper<base::TestSuite> >,int __cdecl(void)>::Run [0x0000000140176E2D+61]
        base::RepeatingCallback<int __cdecl(void)>::Run [0x000000014070AB62+66]
        base::LaunchUnitTests [0x00000001407082BF+687]
        base::LaunchUnitTests [0x00000001407080B8+168]
        main [0x0000000140176B7A+138]
        invoke_main [0x0000000140AB7F44+52] (f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:79)
        __scrt_common_main_seh [0x0000000140AB7E37+295] (f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:283)
        __scrt_common_main [0x0000000140AB7CFE+14] (f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:326)
        mainCRTStartup [0x0000000140AB7FD9+9] (f:\dd\vctools\crt\vcstartup\src\startup\exe_main.cpp:17)
        BaseThreadInitThunk [0x00007FF89EA88102+34]
        RtlUserThreadStart [0x00007FF8A16BC5B4+52]


Further investigation shows the code is doing &data_[0] on a std::vector with size 0, and tripping a "vector subscript out of range" exception.

The fix is to just do data_.data() instead: https://chromium-review.googlesource.com/#/c/chromium/src/+/722061


I suppose the real question is how this worked anywhere else. It would also have been nice if the bots provided a better error message.
Project Member

Comment 5 by bugdroid1@chromium.org, Oct 17 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f7af30bff3237258be369ff7d8d14c83c2efa181

commit f7af30bff3237258be369ff7d8d14c83c2efa181
Author: Hans Wennborg <hans@chromium.org>
Date: Tue Oct 17 15:48:31 2017

Fix U2fBleFramesTest.SplitAndAssemble

U2fBleFrame::ToFragments was invoking operator[] on an empty
vector: &data_[0], causing an exception to be thrown.

TBR=reillyg

Bug:  772002 
Change-Id: I64fd66c8677fea5bdcba4982214f08aa88b1bae8
Reviewed-on: https://chromium-review.googlesource.com/722061
Reviewed-by: Hans Wennborg <hans@chromium.org>
Reviewed-by: Pavel Kalinnikov <pkalinnikov@chromium.org>
Cr-Commit-Position: refs/heads/master@{#509395}
[modify] https://crrev.com/f7af30bff3237258be369ff7d8d14c83c2efa181/device/u2f/u2f_ble_frames.cc

Comment 6 by h...@chromium.org, Oct 17 2017

Status: Fixed (was: Started)

Sign in to add a comment