Example builds:
https://ci.chromium.org/buildbot/chromium.clang/ToTWin64%28dbg%29/284
https://ci.chromium.org/buildbot/chromium.clang/ToTWin%28dbg%29/322
https://ci.chromium.org/buildbot/chromium.clang/CrWinAsan/212
The ASan one is interesting because it suggests there's a stack buffer overflow occurring, which might explain the errors on the other bots too.
[ RUN ] HistoryQuickProviderTest.DontTrimHttpSchemeIfInputHasScheme
GMOCK WARNING:
Uninteresting mock function call - returning default value.
Function call: GetRequestContext()
Returns: NULL
NOTE: You can safely ignore the above warning unless this call should not happen. Do not suppress it by blindly adding an EXPECT_CALL() if you don't mean to enforce the call. See https://github.com/google/googletest/blob/master/googlemock/docs/CookBook.md#knowing-when-to-expect for details.
=================================================================
==3240==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x003de79e at pc 0x12e4fe5a bp 0x003de1dc sp 0x003de1d0
READ of size 2 at 0x003de79e thread T0
==3240==*** WARNING: Failed to initialize DbgHelp! ***
==3240==*** Most likely this means that the app is already ***
==3240==*** using DbgHelp, possibly with incompatible flags. ***
==3240==*** Due to technical reasons, symbolization might crash ***
==3240==*** or produce wrong results. ***
#0 0x12e4fe59 in ScoredHistoryMatch::ScoredHistoryMatch C:\b\c\b\CrWinAsan\src\components\omnibox\browser\scored_history_match.cc:211
#1 0x3171355 in BuildScoredHistoryMatch+0x345 (e:\b\s\w\ir\out\Release\components_unittests.exe+0x2241355)
#2 0x3172ac3 in HistoryQuickProviderTest_DontTrimHttpSchemeIfInputHasScheme_Test::TestBody C:\b\c\b\CrWinAsan\src\components\omnibox\browser\history_quick_provider_unittest.cc:779
#3 0x60aedce in testing::internal::HandleExceptionsInMethodIfSupported<testing::Test,void> C:\b\c\b\CrWinAsan\src\third_party\googletest\src\googletest\src\gtest.cc:2457
#4 0x60ae9a7 in testing::Test::Run C:\b\c\b\CrWinAsan\src\third_party\googletest\src\googletest\src\gtest.cc:2473
#5 0x60b0b49 in testing::TestInfo::Run C:\b\c\b\CrWinAsan\src\third_party\googletest\src\googletest\src\gtest.cc:2655
#6 0x60b1c35 in testing::TestCase::Run C:\b\c\b\CrWinAsan\src\third_party\googletest\src\googletest\src\gtest.cc:2773
#7 0x60c270e in testing::internal::UnitTestImpl::RunAllTests C:\b\c\b\CrWinAsan\src\third_party\googletest\src\googletest\src\gtest.cc:4673
#8 0x60c1e7e in testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl,bool> C:\b\c\b\CrWinAsan\src\third_party\googletest\src\googletest\src\gtest.cc:2457
#9 0x60c1b76 in testing::UnitTest::Run C:\b\c\b\CrWinAsan\src\third_party\googletest\src\googletest\src\gtest.cc:4281
#10 0xc17395d in base::TestSuite::Run C:\b\c\b\CrWinAsan\src\base\test\test_suite.cc:267
#11 0xc1660ba in base::`anonymous namespace'::LaunchUnitTestsInternal C:\b\c\b\CrWinAsan\src\base\test\launcher\unit_test_launcher.cc:218
#12 0xc165d16 in base::LaunchUnitTests C:\b\c\b\CrWinAsan\src\base\test\launcher\unit_test_launcher.cc:558
#13 0x4ac4f29 in main C:\b\c\b\CrWinAsan\src\components\test\run_all_unittests.cc:20
#14 0x1530ea09 in __scrt_common_main_seh f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:283
#15 0x75423389 in BaseThreadInitThunk+0x11 (C:\Windows\syswow64\kernel32.dll+0x7dd73389)
#16 0x76ee9901 in RtlInitializeExceptionChain+0x62 (C:\Windows\SysWOW64\ntdll.dll+0x7dea9901)
#17 0x76ee98d4 in RtlInitializeExceptionChain+0x35 (C:\Windows\SysWOW64\ntdll.dll+0x7dea98d4)
Address 0x003de79e is located in stack of thread T0 at offset 222 in frame
#0 0x317101f in BuildScoredHistoryMatch C:\b\c\b\CrWinAsan\src\components\omnibox\browser\history_quick_provider_unittest.cc:751
This frame has 9 object(s):
[16, 40) 'ref.tmp' (line 752)
[80, 92) 'ref.tmp2' (line 752)
[112, 124) 'ref.tmp7' (line 752)
[144, 145) 'ref.tmp8' (line 752)
[160, 184) 'ref.tmp10' (line 752)
[224, 248) 'ref.tmp14' (line 752) <== Memory access at offset 222 underflows this variable
[288, 300) 'ref.tmp19' (line 752)
[320, 488) 'ref.tmp21' (line 752)
[560, 664) 'ref.tmp22' (line 752)
HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
(longjmp, SEH and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow C:\b\c\b\CrWinAsan\src\components\omnibox\browser\scored_history_match.cc:211 in ScoredHistoryMatch::ScoredHistoryMatch
Shadow bytes around the buggy address:
0x3007bca0: f2 f2 f8 f8 f2 f2 f8 f8 f2 f2 f8 f8 f2 f2 f8 f8
0x3007bcb0: f2 f2 f8 f3 f3 f3 00 00 00 00 00 00 00 00 00 00
0x3007bcc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x3007bcd0: 00 00 00 00 00 00 00 00 f1 f1 00 00 00 f2 f2 f2
0x3007bce0: f2 f2 00 04 f2 f2 00 04 f2 f2 01 f2 00 00 00 f2
=>0x3007bcf0: f2 f2 f2[f2]00 00 00 f2 f2 f2 f2 f2 00 04 f2 f2
0x3007bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x3007bd10: 00 00 00 00 00 f2 f2 f2 f2 f2 f2 f2 f2 f2 00 00
0x3007bd20: 00 00 00 00 00 00 00 00 00 00 00 f3 f3 f3 f3 f3
0x3007bd30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x3007bd40: f1 f1 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==3240==ABORTING
Comment 1 by h...@chromium.org
, Dec 12 2017Status: WontFix (was: Available)