Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/0232eb54cff5578b3a4365a58e5db788368c6251 (crash_keys: Convert keys in //components/discardable_memory to the new API.).

If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.

This is a known issue with the Breakpad/Crashpad SimpleStringDictionary implementation. The global object in which the key/value pairs are stored is not thread safe. The solution is to transition to Crashpad Annotations (https://docs.google.com/document/d/1IeWeuvwhYqEK66V4-4TChU6UmdFbuEr5lgu-WvlLlOA/edit, note "Thread Safety" under "Design Problems"), which is happening on Mac and Windows in  issue 598854 . Indeed, the CL pinpointed by #2 actually fixes this data race on Mac/Win.

This specific issue is not new, either. The difference is that as part of  issue 598854 , crash keys no longer need to be pre-initialized in order to be used. That meant in tests, setting crash keys was actually a no-op, so the code path was never tested (and the data race never observed). Because crash keys auto-initialize now, setting a crash key actually has an effect in tests, so the data race was observed.

Tl;dr: Nothing to do here at the moment. This is fixed on Mac/Win, but it's dependent no Crashpad for Linux to replace Breakpad.

 Issue 796475  has been merged into this issue.

Testcase 6004094081957888 is a top crash on ClusterFuzz for linux platform. Please prioritize fixing this crash.

Marking this crash as a Beta release blocker.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

ClusterFuzz has detected this issue as fixed in range 525864:525869.

Detailed report: https://clusterfuzz.com/testcase?key=6004094081957888

Fuzzer: ifratric-browserfuzzer-v3
Job Type: linux_tsan_chrome_mp
Platform Id: linux

Crash Type: Data race READ 1
Crash Address: 0x7bb4000005e8
Crash State:
  google_breakpad::NonAllocatingMap<40ul, 128ul, 200ul>::SetKeyValue
  crash_reporter::internal::CrashKeyStringImpl::Set
  discardable_memory::ClientDiscardableSharedMemoryManager::MemoryUsageChanged
  
Sanitizer: thread (TSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_tsan_chrome_mp&range=523781:523782
Fixed: https://clusterfuzz.com/revisions?job=linux_tsan_chrome_mp&range=525864:525869

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6004094081957888

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

 Issue 797830  has been merged into this issue.

 Issue 805191  has been merged into this issue.

 Issue 820712  has been merged into this issue.

We're also seeing similar reports on the 'Linux TSan Tests' bot (https://logs.chromium.org/v/?s=chromium%2Fbb%2Fchromium.memory%2FLinux_TSan_Tests%2F19310%2F%2B%2Frecipes%2Fsteps%2Fcontent_browsertests%2F0%2Flogs%2FDomSerializerTests.SerializeHTMLDOMWithBaseTag%2F0)

Robert, wasn't  issue 598854  supposed to fix them?

 Issue 598854  resolves the thread safety issues for anything using Crashpad, which currently is Windows and Mac. Linux still uses Breakpad, so this race is expected until Crashpad is ready there.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/55978c043b1c30b77739e2fcd3822eae438cfb13

commit 55978c043b1c30b77739e2fcd3822eae438cfb13
Author: Alexander Potapenko <glider@google.com>
Date: Tue Mar 20 15:47:02 2018

Suppress data races in crash_reporter::InitializeCrashKeys()

BUG=794920
TBR=rsesek@chromium.org

Change-Id: I3ea15492e4f08a0879fdd0c5476a09bcf5db6836
Reviewed-on: https://chromium-review.googlesource.com/970477
Reviewed-by: Alexander Potapenko <glider@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Alexander Potapenko <glider@chromium.org>
Cr-Commit-Position: refs/heads/master@{#544381}
[modify] https://crrev.com/55978c043b1c30b77739e2fcd3822eae438cfb13/build/sanitizers/tsan_suppressions.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/92c168a6fec7480404fc18c369246300cf271a78

commit 92c168a6fec7480404fc18c369246300cf271a78
Author: Alexander Potapenko <glider@google.com>
Date: Wed Mar 21 16:14:59 2018

Fix the TSan suppression for issue 794920

TSan suppressions can't be applied to memory allocation stacks in
the reports, only to memory access stacks.
Therefore suppress the access that occurs in base::debug::SetCrashKeyString()

BUG=794920
TBR=rsesek@chromium.org

Change-Id: I607bf4f13af69eade9a5c745d556a615f4c2d1c2
Reviewed-on: https://chromium-review.googlesource.com/972984
Reviewed-by: Alexander Potapenko <glider@chromium.org>
Commit-Queue: Alexander Potapenko <glider@chromium.org>
Cr-Commit-Position: refs/heads/master@{#544724}
[modify] https://crrev.com/92c168a6fec7480404fc18c369246300cf271a78/build/sanitizers/tsan_suppressions.cc

This crash occurs very frequently on linux platform and is likely preventing the fuzzer ochang_domfuzzer from making much progress. Fixing this will allow more bugs to be found.

Marking this bug as a blocker for next Beta release.

If this is incorrect, please add ClusterFuzz-Wrong label and remove the ReleaseBlock-Beta label.

Re: #15: Is the suppression in #14 not working? Fixing this is not tractable at the moment, but Crashpad for Linux and Android is coming soon (probably EOQ2).

 Issue 827040  has been merged into this issue.

 Issue 829543  has been merged into this issue.

 Issue 833055  has been merged into this issue.

Yes suppression is not working. Probably need to add
crash_reporter::internal::CrashKeyStringImpl::Set ?

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/78340952136237b8bf790be02f037fa5c814a38a

commit 78340952136237b8bf790be02f037fa5c814a38a
Author: Abhishek Arya <inferno@chromium.org>
Date: Tue Apr 24 15:59:45 2018

Add another TSan suppression for issue 794920.

TBR=glider@chromium.org

Bug: 794920
Change-Id: I46fd3e886acb2db047655c055f0b887971a8c09b
Reviewed-on: https://chromium-review.googlesource.com/1025968
Reviewed-by: Abhishek Arya <inferno@chromium.org>
Commit-Queue: Abhishek Arya <inferno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#553143}
[modify] https://crrev.com/78340952136237b8bf790be02f037fa5c814a38a/build/sanitizers/tsan_suppressions.cc

ClusterFuzz has detected this issue as fixed in range 528993:528995.

Detailed report: https://clusterfuzz.com/testcase?key=6004094081957888

Fuzzer: ifratric-browserfuzzer-v3
Job Type: linux_tsan_chrome_mp
Platform Id: linux

Crash Type: Data race READ 1
Crash Address: 0x7bb4000005e8
Crash State:
  google_breakpad::NonAllocatingMap<40ul, 128ul, 200ul>::SetKeyValue
  crash_reporter::internal::CrashKeyStringImpl::Set
  discardable_memory::ClientDiscardableSharedMemoryManager::MemoryUsageChanged
  
Sanitizer: thread (TSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_tsan_chrome_mp&range=523781:523782
Fixed: https://clusterfuzz.com/revisions?job=linux_tsan_chrome_mp&range=528993:528995

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6004094081957888

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.