Commit-Queue | +1 |
Omer, could you please review the GC changes?
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
I sent a try job with this and the libc++ roll patched in: https://chromium-review.googlesource.com/c/chromium/src/+/5614917
Before: 9 test suite failures and 1000 failed tests: https://ci.chromium.org/ui/p/chromium/builders/try/linux_chromium_asan_rel_ng/1975737/test-results?sortby=&groupby=
After: 3 test suite failures and 10 failed tests: https://ci.chromium.org/ui/p/chromium/builders/try/linux_chromium_asan_rel_ng/1976797/test-results?sortby=&groupby=
That's a huge improvement.
But the first 2 of the 10 failed tests (I didn't look at more) have a fairly similar stack to what's fixed here:
```
==386739==ERROR: AddressSanitizer: container-overflow on address 0x7eec001caea9 at pc 0x5f7cfa75163e bp 0x7ffcd5263750 sp 0x7ffcd5262f10
WRITE of size 24 at 0x7eec001caea9 thread T0 (interactive_ui_)
#0 0x5f7cfa75163d in __asan_memcpy /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cpp:63:3
#1 0x5f7cfa78d394 in std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>>::basic_string(std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>>&&) third_party/libc++/src/include/string:975:9
#2 0x5f7d28582ea9 in FontFaceCreationParams third_party/blink/renderer/platform/fonts/font_face_creation_params.h:48:7
#3 0x5f7d28582ea9 in FontCacheKey third_party/blink/renderer/platform/fonts/font_cache_key.h:55:8
#4 0x5f7d28582ea9 in KeyValuePair third_party/blink/renderer/platform/wtf/key_value_pair.h:37:8
#5 0x5f7d28582ea9 in WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>* WTF::ConstructTraits<WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>, WTF::HashMapValueTraits<WTF::HashTraits<blink::FontCacheKey>, WTF::HashTraits<cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>>, blink::HeapAllocator>::Construct<WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>>(void*, WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>&&) third_party/blink/renderer/platform/wtf/construct_traits.h:27:9
...
#14 0x5f7d2852c1dd in blink::FontCache::GetFontData(blink::FontDescription const&, WTF::AtomicString const&, blink::AlternateFontName) third_party/blink/renderer/platform/fonts/font_cache.cc:182:47
#15 0x5f7d28561940 in blink::FontFallbackList::GetFontData(blink::FontDescription const&) third_party/blink/renderer/platform/fonts/font_fallback_list.cc:163:33
```
Looks like that's now about inserting the element into a hashmap and no longer about GC, so it might be somewhat unrelated to this CL. But it's at least similar. (…but possibly something for a different CL.)
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
I sent a try job with this and the libc++ roll patched in: https://chromium-review.googlesource.com/c/chromium/src/+/5614917
Before: 9 test suite failures and 1000 failed tests: https://ci.chromium.org/ui/p/chromium/builders/try/linux_chromium_asan_rel_ng/1975737/test-results?sortby=&groupby=
After: 3 test suite failures and 10 failed tests: https://ci.chromium.org/ui/p/chromium/builders/try/linux_chromium_asan_rel_ng/1976797/test-results?sortby=&groupby=
That's a huge improvement.
But the first 2 of the 10 failed tests (I didn't look at more) have a fairly similar stack to what's fixed here:
```
==386739==ERROR: AddressSanitizer: container-overflow on address 0x7eec001caea9 at pc 0x5f7cfa75163e bp 0x7ffcd5263750 sp 0x7ffcd5262f10
WRITE of size 24 at 0x7eec001caea9 thread T0 (interactive_ui_)
#0 0x5f7cfa75163d in __asan_memcpy /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cpp:63:3
#1 0x5f7cfa78d394 in std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>>::basic_string(std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>>&&) third_party/libc++/src/include/string:975:9
#2 0x5f7d28582ea9 in FontFaceCreationParams third_party/blink/renderer/platform/fonts/font_face_creation_params.h:48:7
#3 0x5f7d28582ea9 in FontCacheKey third_party/blink/renderer/platform/fonts/font_cache_key.h:55:8
#4 0x5f7d28582ea9 in KeyValuePair third_party/blink/renderer/platform/wtf/key_value_pair.h:37:8
#5 0x5f7d28582ea9 in WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>* WTF::ConstructTraits<WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>, WTF::HashMapValueTraits<WTF::HashTraits<blink::FontCacheKey>, WTF::HashTraits<cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>>, blink::HeapAllocator>::Construct<WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>>(void*, WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>&&) third_party/blink/renderer/platform/wtf/construct_traits.h:27:9
...
#14 0x5f7d2852c1dd in blink::FontCache::GetFontData(blink::FontDescription const&, WTF::AtomicString const&, blink::AlternateFontName) third_party/blink/renderer/platform/fonts/font_cache.cc:182:47
#15 0x5f7d28561940 in blink::FontFallbackList::GetFontData(blink::FontDescription const&) third_party/blink/renderer/platform/fonts/font_fallback_list.cc:163:33
```Looks like that's now about inserting the element into a hashmap and no longer about GC, so it might be somewhat unrelated to this CL. But it's at least similar. (…but possibly something for a different CL.)
Looks like 9 of the remaining 10 failures have this stack (MediaNotificationDeviceProviderTest.MaybeRemoveDefaultDeviceDoesNotRemoveDefaultDevice is the one that doesn't).
Nico WeberI sent a try job with this and the libc++ roll patched in: https://chromium-review.googlesource.com/c/chromium/src/+/5614917
Before: 9 test suite failures and 1000 failed tests: https://ci.chromium.org/ui/p/chromium/builders/try/linux_chromium_asan_rel_ng/1975737/test-results?sortby=&groupby=
After: 3 test suite failures and 10 failed tests: https://ci.chromium.org/ui/p/chromium/builders/try/linux_chromium_asan_rel_ng/1976797/test-results?sortby=&groupby=
That's a huge improvement.
But the first 2 of the 10 failed tests (I didn't look at more) have a fairly similar stack to what's fixed here:
```
==386739==ERROR: AddressSanitizer: container-overflow on address 0x7eec001caea9 at pc 0x5f7cfa75163e bp 0x7ffcd5263750 sp 0x7ffcd5262f10
WRITE of size 24 at 0x7eec001caea9 thread T0 (interactive_ui_)
#0 0x5f7cfa75163d in __asan_memcpy /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cpp:63:3
#1 0x5f7cfa78d394 in std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>>::basic_string(std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>>&&) third_party/libc++/src/include/string:975:9
#2 0x5f7d28582ea9 in FontFaceCreationParams third_party/blink/renderer/platform/fonts/font_face_creation_params.h:48:7
#3 0x5f7d28582ea9 in FontCacheKey third_party/blink/renderer/platform/fonts/font_cache_key.h:55:8
#4 0x5f7d28582ea9 in KeyValuePair third_party/blink/renderer/platform/wtf/key_value_pair.h:37:8
#5 0x5f7d28582ea9 in WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>* WTF::ConstructTraits<WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>, WTF::HashMapValueTraits<WTF::HashTraits<blink::FontCacheKey>, WTF::HashTraits<cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>>, blink::HeapAllocator>::Construct<WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>>(void*, WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>&&) third_party/blink/renderer/platform/wtf/construct_traits.h:27:9
...
#14 0x5f7d2852c1dd in blink::FontCache::GetFontData(blink::FontDescription const&, WTF::AtomicString const&, blink::AlternateFontName) third_party/blink/renderer/platform/fonts/font_cache.cc:182:47
#15 0x5f7d28561940 in blink::FontFallbackList::GetFontData(blink::FontDescription const&) third_party/blink/renderer/platform/fonts/font_fallback_list.cc:163:33
```Looks like that's now about inserting the element into a hashmap and no longer about GC, so it might be somewhat unrelated to this CL. But it's at least similar. (…but possibly something for a different CL.)
Looks like 9 of the remaining 10 failures have this stack (MediaNotificationDeviceProviderTest.MaybeRemoveDefaultDeviceDoesNotRemoveDefaultDevice is the one that doesn't).
The failure is unrelated to GC but indeed related to hashmap insertion.
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Code-Review | +1 |
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
[fonts] Disable concurrent tracing for FontCacheKey in ASAN builds
`FontCacheKey` contains an `std::string` which contains poisoned
metadata for detecting buffer overflows in short strings. Copying this
string as part of `KeyValuePairExtractor` will thus trigger ASAN
warnings. Just don't use concurrent tracing when running with ASAN.
This is even true if `kCanTraceConcurrently` is false as we always
used the same infrastructure for simplicity.
Side note: The better way of implementing this would be to define a
token that can be extracted explicitly from a key and users of the
traits need to implement. This token could then be checked against
what we need (e.g. being empty or deleted). This requires a larger
effort in more types though.
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Nico WeberI sent a try job with this and the libc++ roll patched in: https://chromium-review.googlesource.com/c/chromium/src/+/5614917
Before: 9 test suite failures and 1000 failed tests: https://ci.chromium.org/ui/p/chromium/builders/try/linux_chromium_asan_rel_ng/1975737/test-results?sortby=&groupby=
After: 3 test suite failures and 10 failed tests: https://ci.chromium.org/ui/p/chromium/builders/try/linux_chromium_asan_rel_ng/1976797/test-results?sortby=&groupby=
That's a huge improvement.
But the first 2 of the 10 failed tests (I didn't look at more) have a fairly similar stack to what's fixed here:
```
==386739==ERROR: AddressSanitizer: container-overflow on address 0x7eec001caea9 at pc 0x5f7cfa75163e bp 0x7ffcd5263750 sp 0x7ffcd5262f10
WRITE of size 24 at 0x7eec001caea9 thread T0 (interactive_ui_)
#0 0x5f7cfa75163d in __asan_memcpy /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cpp:63:3
#1 0x5f7cfa78d394 in std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>>::basic_string(std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>>&&) third_party/libc++/src/include/string:975:9
#2 0x5f7d28582ea9 in FontFaceCreationParams third_party/blink/renderer/platform/fonts/font_face_creation_params.h:48:7
#3 0x5f7d28582ea9 in FontCacheKey third_party/blink/renderer/platform/fonts/font_cache_key.h:55:8
#4 0x5f7d28582ea9 in KeyValuePair third_party/blink/renderer/platform/wtf/key_value_pair.h:37:8
#5 0x5f7d28582ea9 in WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>* WTF::ConstructTraits<WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>, WTF::HashMapValueTraits<WTF::HashTraits<blink::FontCacheKey>, WTF::HashTraits<cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>>, blink::HeapAllocator>::Construct<WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>>(void*, WTF::KeyValuePair<blink::FontCacheKey, cppgc::internal::BasicMember<blink::FontPlatformData const, cppgc::internal::WeakMemberTag, cppgc::internal::DijkstraWriteBarrierPolicy, cppgc::internal::DisabledCheckingPolicy, cppgc::internal::CompressedPointer>>&&) third_party/blink/renderer/platform/wtf/construct_traits.h:27:9
...
#14 0x5f7d2852c1dd in blink::FontCache::GetFontData(blink::FontDescription const&, WTF::AtomicString const&, blink::AlternateFontName) third_party/blink/renderer/platform/fonts/font_cache.cc:182:47
#15 0x5f7d28561940 in blink::FontFallbackList::GetFontData(blink::FontDescription const&) third_party/blink/renderer/platform/fonts/font_fallback_list.cc:163:33
```Looks like that's now about inserting the element into a hashmap and no longer about GC, so it might be somewhat unrelated to this CL. But it's at least similar. (…but possibly something for a different CL.)
Michael LippautzLooks like 9 of the remaining 10 failures have this stack (MediaNotificationDeviceProviderTest.MaybeRemoveDefaultDeviceDoesNotRemoveDefaultDevice is the one that doesn't).
The failure is unrelated to GC but indeed related to hashmap insertion.
The other crashes just look like copy construction of std::string (?) Is the feature maybe not working such cases?
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
I'd imagine that we'd have significantly more failing tests if copy construction just didn't work 😊
I'm guessing it's somehow related to having a std::string in a HashTable key. This might be the only instance of that.
I'll put this comment on the bug and will keep looking.
Thanks for this fix!
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |