double free or corruption in gtest ArenaAllocator without jemalloc
Categories
(Testing :: GTest, defect, P3)
Tracking
(Not tracked)
People
(Reporter: msirringhaus, Unassigned)
References
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:67.0) Gecko/20100101 Firefox/67.0
Steps to reproduce:
Building mozilla-esr68 with --disable-jemalloc
and repeatedly running ./mach gtest ArenaAllocator*
Noticed the failures on an s390x machine. After activating --disable-jemalloc
, this can be reproduced on an x86_64 machine as well.
Actual results:
Test fails either in ArenaAllocator.MemoryIsValid
with double free or corruption (!prev)
or in ArenaAllocator.AllocationsPerChunk
with an actual gtest-failure (ASSERT_EQ of 2 addresses fails).
The failure seems due to the fact that filling up the ArenaChunk with small Allocations fails at some point.
Expected results:
Tests succeed.
This seems to have happend before: #1353882 and #1358163 mention the same location of test-aborts. But the solution was to simply deactivate that test, it seems.
Looked at the code in question and couldn't find a place where disabling of jemalloc might make a difference.
The bug might be somewhere else and only get triggered because of different addresses returned by malloc
.
I somehow suspect AlignedSize()
, but couldn't yet trigger any ill behavior.
Reporter | ||
Comment 1•5 years ago
|
||
Just found bug 1358744, which is still open and seems to be the same issue.
Comment 2•5 years ago
|
||
Sebastian, this is a duplicate after bug 1358744?
Comment 4•5 years ago
|
||
This bug has more info (thank you msirringhaus) - set the other one as duplicate and kept this one open.
Updated•5 years ago
|
Comment 5•5 years ago
|
||
The priority flag is not set for this bug.
:ahal, could you have a look please?
For more information, please visit auto_nag documentation.
Updated•5 years ago
|
Updated•2 years ago
|
Description
•