New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 787976 link

Starred by 2 users
Status: Assigned
Owner:
alekseys@chromium.org
Last visit > 30 days ago
Cc:
machenb...@chromium.org
vitalyb...@chromium.org
bradnelson@chromium.org
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

sanitizer failure in WasmCodeManager unittests

Project Member Reported by mtrofin@chromium.org, Nov 22 2017 
repro:

tools/run-tests.py --progress=verbose --mode Release  --outdir out/asan --buildbot --timeout=2000 unittests/WasmCodeManagerTest.CommitIncrements --swarming --variants=default --random-seed-stress-count=2000

note that you'll need to remove the conditional compilation lines referencing this bug, in test/unittests/wasm/wasm-heap-unittests.cc

We need help understanding what the actual issue is. The only data we seem to be getting is that there are memory overlaps, e.g.:

==15774==Root region 0x7f66fe802000-0x7f66fe805000 intersects with mapped region 0x7f66fe803000-0x7f66fe80b000 (readable) ==15774==Scanning ROOT range 0x7f66fe803000-0x7f66fe805000. Tracer caught signal 11: addr=0x7f66fe803000 pc=0x555656fbc0b0 sp=0x7f66fccb5d50

Trouble is, it's not clear who allocates the 'mapped region'.

Comment 1 by mtrofin@chromium.org, Nov 22 2017 

gn args:

is_asan = true 
is_component_build = false 
is_debug = false 
is_lsan = true 
target_cpu = "x64" 
use_goma = true 
v8_test_isolation_mode = "prepare"
Project Member

Comment 2 by bugdroid1@chromium.org, Nov 22 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/4341749d3ee3aebee93c39b878a9fcf5ce5585b0

commit 4341749d3ee3aebee93c39b878a9fcf5ce5585b0
Author: Mircea Trofin <mtrofin@chromium.org>
Date: Wed Nov 22 23:10:50 2017

[wasm] Disable WasmCodeManagerTest when run under lsan

Disabling while investigating referenced bug.

Bug: chromium:787976
Change-Id: I0388d8902f40e3b2f3759542befd3c6c20b6da38
Reviewed-on: https://chromium-review.googlesource.com/786325
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Commit-Queue: Brad Nelson <bradnelson@chromium.org>
Reviewed-by: Brad Nelson <bradnelson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49593}
[modify] https://crrev.com/4341749d3ee3aebee93c39b878a9fcf5ce5585b0/test/unittests/wasm/wasm-heap-unittest.cc

Comment 3 by euge...@chromium.org, Nov 22 2017

Labels: -Stability-Memory-AddressSanitizer -Stability-Memory-MemorySanitizer Stability-Memory-LeakSanitizer

Comment 4 by alekseys@chromium.org, Nov 23 2017 

 
https://cs.chromium.org/chromium/src/v8/src/allocation.cc?rcl=b759ad8993927e98ec9879394a993d7627b02b2b&l=171 and https://cs.chromium.org/chromium/src/v8/src/api.cc?rcl=b759ad8993927e98ec9879394a993d7627b02b2b&l=505, both Free() functions need matching __lsan_unregister_root_region call to inform LSan that this block should not be inspected anymore.
Project Member

Comment 5 by bugdroid1@chromium.org, Nov 23 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/f5a5a7785d0664a5e580eabaf98078083058fdb1

commit f5a5a7785d0664a5e580eabaf98078083058fdb1
Author: Mircea Trofin <mtrofin@chromium.org>
Date: Thu Nov 23 17:29:53 2017

Fix VirtualMemory::Free in presence of lsan

Adding lsan root unregistration when Free-ing VirtualMemory.

Bug: chromium:787976
Change-Id: I0ef32b4324ff6d7b6192d7e5616081766a0e51a8
Reviewed-on: https://chromium-review.googlesource.com/786995
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Mircea Trofin <mtrofin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49609}
[modify] https://crrev.com/f5a5a7785d0664a5e580eabaf98078083058fdb1/src/allocation.cc
[modify] https://crrev.com/f5a5a7785d0664a5e580eabaf98078083058fdb1/test/unittests/wasm/wasm-heap-unittest.cc

Comment 6 by benhenry@chromium.org, Aug 1

Status: Assigned (was: Untriaged)

Sign in to add a comment