Fix a memory error in a multithreaded test #51951
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dkwingsmt
added
the
autosubmit
engine-flutter-autoroll
added a commit
to engine-flutter-autoroll/flutter
that referenced
this pull request
Apr 6, 2024
auto-submit bot
pushed a commit
to flutter/flutter
that referenced
this pull request
Apr 6, 2024
…146377) flutter/engine@df9f743...b0d7ac5 2024-04-05 dkwingsmt@users.noreply.github.com Fix a memory error in a multithreaded test (flutter/engine#51951) 2024-04-05 skia-flutter-autoroll@skia.org Roll Skia from 98601d1c3ff4 to 46e7fea48565 (1 revision) (flutter/engine#51950) If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/flutter-engine-flutter-autoroll Please CC matanl@google.com,rmistry@google.com,zra@google.com on the revert to ensure that a human is aware of the problem. To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose To report a problem with the AutoRoller itself, please file a bug: https://issues.skia.org/issues/new?component=1389291&template=1850622 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
gilnobrega
pushed a commit
to gilnobrega/flutter
that referenced
this pull request
Apr 22, 2024
…lutter#146377) flutter/engine@df9f743...b0d7ac5 2024-04-05 dkwingsmt@users.noreply.github.com Fix a memory error in a multithreaded test (flutter/engine#51951) 2024-04-05 skia-flutter-autoroll@skia.org Roll Skia from 98601d1c3ff4 to 46e7fea48565 (1 revision) (flutter/engine#51950) If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/flutter-engine-flutter-autoroll Please CC matanl@google.com,rmistry@google.com,zra@google.com on the revert to ensure that a human is aware of the problem. To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose To report a problem with the AutoRoller itself, please file a bug: https://issues.skia.org/issues/new?component=1389291&template=1850622 Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The culprit test asks different threads to access some stack variables, but the stack might return earlier than the threads' completion. This PR fixes it by adding latches.
This test, despite being possibly fine for now, consistently triggers the following asan error when I make some unrelated trivial changes.
The thrown error:
[==========] Running 1 test from 1 test suite. [----------] Global test environment set-up. [----------] 1 test from EmbedderTest [ RUN ] EmbedderTest.EmbedderThreadHostUseCustomThreadConfig ================================================================= ==14398==ERROR: AddressSanitizer: stack-use-after-scope on address 0x00031833b530 at pc 0x00013248d543 bp 0x000318740390 sp 0x00031873fb58 WRITE of size 4 at 0x00031833b530 thread T2 #0 0x13248d542 in pthread_getschedparam+0x3d2 (libclang_rt.asan_osx_dynamic.dylib:x86_64+0x2c542) #1 0x100577671 in flutter::testing::EmbedderTest_EmbedderThreadHostUseCustomThreadConfig_Test::TestBody()::$_0::operator()() const+0x1a1 (embedder_unittests:x86_64+0x10030b671) #2 0x1005774a2 in decltype(std::declval()()) std::_fl::__invoke[abi:v15000](flutter::testing::EmbedderTest_EmbedderThreadHostUseCustomThreadConfig_Test::TestBody()::$_0&)+0x22 (embedder_unittests:x86_64+0x10030b4a2) #3 0x100577402 in void std::_fl::__invoke_void_return_wrapper::__call(flutter::testing::EmbedderTest_EmbedderThreadHostUseCustomThreadConfig_Test::TestBody()::$_0&)+0x22 (embedder_unittests:x86_64+0x10030b402) #4 0x1005773ba in std::_fl::__function::__alloc_func, void ()>::operator()[abi:v15000]()+0x2a (embedder_unittests:x86_64+0x10030b3ba) #5 0x1005734f6 in std::_fl::__function::__func, void ()>::operator()()+0x26 (embedder_unittests:x86_64+0x1003074f6) #6 0x10066a525 in std::_fl::__function::__value_func::operator()[abi:v15000]() const+0x105 (embedder_unittests:x86_64+0x1003fe525) #7 0x10066a3f2 in std::_fl::function::operator()() const+0x22 (embedder_unittests:x86_64+0x1003fe3f2) #8 0x100c229dc in fml::MessageLoopImpl::FlushTasks(fml::FlushType)+0x37c (embedder_unittests:x86_64+0x1009b69dc) #9 0x100c22577 in fml::MessageLoopImpl::RunExpiredTasksNow()+0x27 (embedder_unittests:x86_64+0x1009b6577) #10 0x100c8aa2f in fml::MessageLoopDarwin::OnTimerFire(__CFRunLoopTimer*, fml::MessageLoopDarwin*)+0x2f (embedder_unittests:x86_64+0x100a1ea2f) #11 0x7ff817b54508 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__+0x13 (CoreFoundation:x86_64+0x97508) #12 0x7ff817b540b8 in __CFRunLoopDoTimer+0x310 (CoreFoundation:x86_64+0x970b8) #13 0x7ff817b53ce9 in __CFRunLoopDoTimers+0x11c (CoreFoundation:x86_64+0x96ce9) #14 0x7ff817b380ac in __CFRunLoopRun+0x83b (CoreFoundation:x86_64+0x7b0ac) #15 0x7ff817b372a8 in CFRunLoopRunSpecific+0x22c (CoreFoundation:x86_64+0x7a2a8) #16 0x100c8b155 in fml::MessageLoopDarwin::Run()+0x305 (embedder_unittests:x86_64+0x100a1f155) #17 0x100c223d0 in fml::MessageLoopImpl::DoRun()+0x150 (embedder_unittests:x86_64+0x1009b63d0) #18 0x100c1f1fa in fml::MessageLoop::Run()+0x2a (embedder_unittests:x86_64+0x1009b31fa) #19 0x100c7baa4 in fml::Thread::Thread(std::_fl::function const&, fml::Thread::ThreadConfig const&)::$_0::operator()() const+0x194 (embedder_unittests:x86_64+0x100a0faa4) #20 0x100c7b8e2 in decltype(std::declval const&, fml::Thread::ThreadConfig const&)::$_0&>()()) std::_fl::__invoke[abi:v15000] const&, fml::Thread::ThreadConfig const&)::$_0&>(fml::Thread::Thread(std::_fl::function const&, fml::Thread::ThreadConfig const&)::$_0&)+0x22 (embedder_unittests:x86_64+0x100a0f8e2) #21 0x100c7b842 in void std::_fl::__invoke_void_return_wrapper::__call const&, fml::Thread::ThreadConfig const&)::$_0&>(fml::Thread::Thread(std::_fl::function const&, fml::Thread::ThreadConfig const&)::$_0&)+0x22 (embedder_unittests:x86_64+0x100a0f842) #22 0x100c7b7fa in std::_fl::__function::__alloc_func const&, fml::Thread::ThreadConfig const&)::$_0, std::_fl::allocator const&, fml::Thread::ThreadConfig const&)::$_0>, void ()>::operator()[abi:v15000]()+0x2a (embedder_unittests:x86_64+0x100a0f7fa) #23 0x100c77ad6 in std::_fl::__function::__func const&, fml::Thread::ThreadConfig const&)::$_0, std::_fl::allocator const&, fml::Thread::ThreadConfig const&)::$_0>, void ()>::operator()()+0x26 (embedder_unittests:x86_64+0x100a0bad6) #24 0x10066a525 in std::_fl::__function::__value_func::operator()[abi:v15000]() const+0x105 (embedder_unittests:x86_64+0x1003fe525) #25 0x10066a3f2 in std::_fl::function::operator()() const+0x22 (embedder_unittests:x86_64+0x1003fe3f2) #26 0x100c75388 in fml::ThreadHandle::ThreadHandle(std::_fl::function&&)::$_0::operator()(void*) const+0xe8 (embedder_unittests:x86_64+0x100a09388) #27 0x100c75227 in fml::ThreadHandle::ThreadHandle(std::_fl::function&&)::$_0::__invoke(void*)+0xc7 (embedder_unittests:x86_64+0x100a09227) #28 0x1324b3e76 in asan_thread_start(void*)+0x46 (libclang_rt.asan_osx_dynamic.dylib:x86_64+0x52e76) #29 0x7ff817a5c18a in _pthread_start+0x62 (libsystem_pthread.dylib:x86_64+0x618a) #30 0x7ff817a57ae2 in thread_start+0xe (libsystem_pthread.dylib:x86_64+0x1ae2)Address 0x00031833b530 is located in stack of thread T0 at offset 144 in frame
#0 0x1002d051f in flutter::testing::EmbedderTest_EmbedderThreadHostUseCustomThreadConfig_Test::TestBody()+0xf (embedder_unittests:x86_64+0x10006451f)
This frame has 12 object(s):
[32, 40) 'thread_host' (line 3445)
[64, 112) 'ref.tmp' (line 3446)
[144, 148) 'ui_policy' (line 3449) <== Memory access at offset 144 is inside this variable
[160, 168) 'ui_param' (line 3450)
[192, 200) 'ref.tmp2' (line 3452)
[224, 272) 'ref.tmp5' (line 3452)
[304, 320) 'agg.tmp'
[336, 340) 'io_policy' (line 3458)
[352, 360) 'io_param' (line 3459)
[384, 392) 'ref.tmp6' (line 3460)
[416, 464) 'ref.tmp10' (line 3460)
[496, 512) 'agg.tmp11'
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions are supported)
SUMMARY: AddressSanitizer: stack-use-after-scope (libclang_rt.asan_osx_dynamic.dylib:x86_64+0x2c542) in pthread_getschedparam+0x3d2
Shadow bytes around the buggy address:
0x00031833b280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00031833b300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00031833b380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00031833b400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00031833b480: 00 00 00 00 f1 f1 f1 f1 00 f2 f2 f2 f8 f8 f8 f8
=>0x00031833b500: f8 f8 f2 f2 f2 f2[f8]f2 f8 f2 f2 f2 f8 f2 f2 f2
0x00031833b580: f8 f8 f8 f8 f8 f8 f2 f2 f2 f2 00 00 f2 f2 f8 f2
0x00031833b600: f8 f2 f2 f2 f8 f2 f2 f2 f8 f8 f8 f8 f8 f8 f2 f2
0x00031833b680: f2 f2 00 00 f3 f3 f3 f3 00 00 00 00 00 00 00 00
0x00031833b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00031833b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Thread T2 created by T0 here:
#0 0x1324ae92d in pthread_create+0x5d (libclang_rt.asan_osx_dynamic.dylib:x86_64+0x4d92d)
#1 0x100c73901 in fml::ThreadHandle::ThreadHandle(std::_fl::function<void ()>&&)+0x401 (embedder_unittests:x86_64+0x100a07901)
#2 0x100c73cca in fml::ThreadHandle::ThreadHandle(std::_fl::function<void ()>&&)+0x2a (embedder_unittests:x86_64+0x100a07cca)
#3 0x100c748c9 in std::_fl::__unique_iffml::ThreadHandle::__unique_single std::_fl::make_unique[abi:v15000]<fml::ThreadHandle, fml::Thread::Thread(std::_fl::function<void (fml::Thread::ThreadConfig const&)> const&, fml::Thread::ThreadConfig const&)::$_0>(fml::Thread::Thread(std::_fl::function<void (fml::Thread::ThreadConfig const&)> const&, fml::Thread::ThreadConfig const&)::$_0&&)+0x149 (embedder_unittests:x86_64+0x100a088c9)
#4 0x100c74335 in fml::Thread::Thread(std::_fl::function<void (fml::Thread::ThreadConfig const&)> const&, fml::Thread::ThreadConfig const&)+0x255 (embedder_unittests:x86_64+0x100a08335)
#5 0x100c746b2 in fml::Thread::Thread(std::_fl::function<void (fml::Thread::ThreadConfig const&)> const&, fml::Thread::ThreadConfig const&)+0x32 (embedder_unittests:x86_64+0x100a086b2)
#6 0x106ee0b1a in std::_fl::__unique_iffml::Thread::__unique_single std::_fl::make_unique[abi:v15000]<fml::Thread, std::_fl::function<void (fml::Thread::ThreadConfig const&)> const&, fml::Thread::ThreadConfig&>(std::_fl::function<void (fml::Thread::ThreadConfig const&)> const&, fml::Thread::ThreadConfig&)+0x4a (embedder_unittests:x86_64+0x106c74b1a)
#7 0x106ee08e8 in flutter::ThreadHost::CreateThread(flutter::ThreadHost::Type, std::_fl::optionalfml::Thread::ThreadConfig, flutter::ThreadHost::ThreadHostConfig const&) const+0x1b8 (embedder_unittests:x86_64+0x106c748e8)
#8 0x106ee1466 in flutter::ThreadHost::ThreadHost(flutter::ThreadHost::ThreadHostConfig const&)+0x2f6 (embedder_unittests:x86_64+0x106c75466)
#9 0x106ee19ca in flutter::ThreadHost::ThreadHost(flutter::ThreadHost::ThreadHostConfig const&)+0x2a (embedder_unittests:x86_64+0x106c759ca)
#10 0x100b6f730 in flutter::EmbedderThreadHost::CreateEngineManagedThreadHost(std::_fl::function<void (fml::Thread::ThreadConfig const&)> const&)+0x3a0 (embedder_unittests:x86_64+0x100903730)
#11 0x100b6e51c in flutter::EmbedderThreadHost::CreateEmbedderOrEngineManagedThreadHost(FlutterCustomTaskRunners const*, std::_fl::function<void (fml::Thread::ThreadConfig const&)> const&)+0xcc (embedder_unittests:x86_64+0x10090251c)
#12 0x1002d0748 in flutter::testing::EmbedderTest_EmbedderThreadHostUseCustomThreadConfig_Test::TestBody()+0x238 (embedder_unittests:x86_64+0x100064748)
#13 0x1089ce93b in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::)(), char const)+0x21b (embedder_unittests:x86_64+0x10876293b)
#14 0x108955bdf in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::)(), char const)+0x2cf (embedder_unittests:x86_64+0x1086e9bdf)
#15 0x108955755 in testing::Test::Run()+0x3a5 (embedder_unittests:x86_64+0x1086e9755)
#16 0x108957b23 in testing::TestInfo::Run()+0x593 (embedder_unittests:x86_64+0x1086ebb23)
#17 0x10895a8f2 in testing::TestSuite::Run()+0x6e2 (embedder_unittests:x86_64+0x1086ee8f2)
#18 0x108977d7a in testing::internal::UnitTestImpl::RunAllTests()+0xb9a (embedder_unittests:x86_64+0x10870bd7a)
#19 0x1089ee88b in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::)(), char const)+0x21b (embedder_unittests:x86_64+0x10878288b)
#20 0x1089770ac in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::)(), char const)+0x2cc (embedder_unittests:x86_64+0x10870b0ac)
#21 0x108976c3b in testing::UnitTest::Run()+0x28b (embedder_unittests:x86_64+0x10870ac3b)
#22 0x1083e45e2 in RUN_ALL_TESTS()+0x22 (embedder_unittests:x86_64+0x1081785e2)
#23 0x1083e43c8 in main+0x6e8 (embedder_unittests:x86_64+0x1081783c8)
#24 0x213ff0365 ()
==14398==ABORTING
[1] 14398 abort ../out/host_debug_unopt/embedder_unittests
The changes I made (isolated from a larger change, therefore it doesn't seem reasonable by itself):
// shell/common/platform_view.cc, L33 void PlatformView::DispatchPointerDataPacket( std::unique_ptr<PointerDataPacket> packet) { - delegate_.OnPlatformViewDispatchPointerDataPacket( - pointer_data_packet_converter_.Convert(std::move(packet))); + delegate_.OnPlatformViewDispatchPointerDataPacket(std::move(packet)); } // shell/common/platform_view.h, L875 - PointerDataPacketConverter pointer_data_packet_converter_;Base engine rev: de2a73c
Environment: Macbook with M1 Max Chip, OS 14.4.1
Compiling with:
Pre-launch Checklist
///).If you need help, consider asking for advice on the #hackers-new channel on Discord.