New issue
Advanced search Search tips

Issue 874056 link

Starred by 2 users
Status: Verified
Owner:
rmcelrath@chromium.org
Closed: Dec 1
Cc:
kkaluri@chromium.org
alexilin@chromium.org
rmcelrath@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 3
Type: Bug



Sign in to add a comment

CHECK failure: shared_memory_region_.IsValid() in gamepad_controller.cc

Project Member Reported by ClusterFuzz, Aug 14 
Detailed report: https://clusterfuzz.com/testcase?key=6370951328169984

Fuzzer: ochang_domfuzzer
Job Type: linux_msan_content_shell_drt
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  shared_memory_region_.IsValid() in gamepad_controller.cc
  test_runner::GamepadController::GamepadController
  test_runner::TestInterfaces::TestInterfaces
  
Sanitizer: memory (MSAN)

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6370951328169984

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.

Note: This crash might not be reproducible with the provided testcase. That said, for the past 14 days we've been seeing this crash frequently. If you are unable to reproduce this, please try a speculative fix based on the crash stacktrace in the report. The fix can be verified by looking at the crash statistics in the report, a day after the fix is deployed. We will auto-close the bug if the crash is not seen for 14 days.
Project Member

Comment 1 by ClusterFuzz, Aug 14

Labels: Test-Predator-Auto-Components
Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Comment 2 by kkaluri@chromium.org, Aug 20

Cc: kkaluri@chromium.org
Components: Blink>GamepadAPI
Owner: alexilin@chromium.org
Status: Assigned (was: Untriaged)
Predator and CL could not provide any possible suspects.

Using Code Search for the file, "gamepad_controller.cc" suspecting the below Cl might have caused this issue

Suspect CL: https://chromium.googlesource.com/chromium/src/+/1ce671509c922ab463f3c2c9aff736745ade2850

alexilin@ -- Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks!

Comment 3 by alexilin@chromium.org, Oct 22

Labels: -Pri-1 Pri-3
Owner: rmcelrath@chromium.org
This is a crash in the test runner code due to failure to allocate shared memory. The GPU process cannot allocate shared memory itself so it delegates the creation to the broker process using Mojo:

mojo::ScopedSharedBufferHandle mojo_buffer =
      mojo::SharedBufferHandle::Create(buffer_size);

This call often fails for some reason and the gpu process CHECK-crashes:
[1:1:0814/023053.952044:ERROR:broker_posix.cc(106)] Error sending sync broker message: Broken pipe (32)
[1:1:0814/023053.953172:FATAL:gamepad_controller.cc(166)] Check failed: shared_memory_region_.IsValid().

My CL was just a refactoring of the shared memory API, reassigning to rmcelrath@ who introduced the shared memory to the test_runner::GamepadController.

Lowering the priority since it's a crash in the testing infrastructure.

Comment 4 by alexilin@chromium.org, Nov 13

Cc: alexilin@chromium.org rmcelrath@chromium.org
 Issue 904342  has been merged into this issue.
Project Member

Comment 5 by ClusterFuzz, Dec 1

Labels: ClusterFuzz-Verified
Status: Verified (was: Assigned)
ClusterFuzz testcase 5818745106464768 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Comment 6 by alexilin@chromium.org, Dec 3 

At the end, it was a real bug that was fixed in  Issue 901646

Sign in to add a comment