upipe icon indicating copy to clipboard operation
upipe copied to clipboard

Published 20 hours ago verified publisher icon Upipe

data races in uring

Open funman opened this issue 8 years ago • 1 comments

tsan complains, and I am not sure if it shows a real problem or not.

I prefer to ask for advice before diving in there :)

upipe configured with gcc 6.2.0 (ubuntu 16.10)

./configure --enable-static --disable-shared CFLAGS="-fPIE -fsanitize=thread -O2 -g -fno-omit-frame-pointer" CXXFLAGS="-fPIE -fsanitize=thread -O2 -g -fno-omit-frame-pointer" LDFLAGS="-fsanitize=thread -pie"

Running on 3.19.0-39-generic from Ubuntu 15.04, because 3.19.0-40 and later have Linux commit d1fd836dcf00d2028c700c7e44d2c23404062c90 Supporting these kernels need a recent llvm patch so I just used an older kernel.

You might need to disable ASLR as well:

echo 0 | sudo tee /proc/sys/kernel/randomize_va_space

Although it seems to work for 3.19.0-39 even with ASLR enabled

==================
WARNING: ThreadSanitizer: data race (pid=18188)
  Read of size 2 at 0x7d840001ccd2 by thread T1:
    #0 uring_fifo_find ../../include/upipe/uring.h:333 (uplay+0x000000c94b8c)
    #1 uring_fifo_pop ../../include/upipe/uring.h:371 (uplay+0x000000c94b8c)
    #2 ufifo_pop_internal ../../include/upipe/ufifo.h:97 (uplay+0x000000c94b8c)
    #3 uqueue_pop_internal ../../include/upipe/uqueue.h:162 (uplay+0x000000c94b8c)
    #4 upipe_xfer_mgr_worker /home/fun/upipe/lib/upipe-modules/upipe_transfer.c:538 (uplay+0x000000c94b8c)
    #5 upump_common_dispatch /home/fun/upipe/lib/upipe/upump_common.c:146 (uplay+0x000000caaffe)
    #6 upump_ev_dispatch_io /home/fun/upipe/lib/upump-ev/upump_ev.c:90 (uplay+0x00000010a77d)
    #7 ev_invoke_pending <null> (libev.so.4+0x000000003d72)
    #8 upipe_pthread_start /home/fun/upipe/lib/upipe-pthread/upipe_pthread_transfer.c:109 (uplay+0x000000186609)
    #9 <null> <null> (libtsan.so.0+0x0000000245a9)

  Previous write of size 2 at 0x7d840001ccd2 by main thread:
    #0 uring_fifo_push ../../include/upipe/uring.h:411 (uplay+0x000000c97dc6)
    #1 ufifo_push ../../include/upipe/ufifo.h:85 (uplay+0x000000c97dc6)
    #2 uqueue_push ../../include/upipe/uqueue.h:138 (uplay+0x000000c97dc6)
    #3 upipe_xfer_mgr_send /home/fun/upipe/lib/upipe-modules/upipe_transfer.c:589 (uplay+0x000000c97dc6)
    #4 upipe_xfer_control /home/fun/upipe/lib/upipe-modules/upipe_transfer.c:447 (uplay+0x000000c9879a)
    #5 upipe_control_nodbg_va ../../include/upipe/upipe.h:1033 (uplay+0x00000015e788)
    #6 upipe_control_va ../../include/upipe/upipe.h:1051 (uplay+0x00000015e788)
    #7 upipe_control ../../include/upipe/upipe.h:1109 (uplay+0x00000015e788)
    #8 upipe_set_output ../../include/upipe/upipe.h:1150 (uplay+0x0000001609b0)
    #9 _upipe_wsrc_alloc /home/fun/upipe/lib/upipe-modules/upipe_worker_source.c:231 (uplay+0x0000001609b0)
    #10 upipe_alloc_va ../include/upipe/upipe.h:382 (uplay+0x0000000e31ab)
    #11 upipe_alloc ../include/upipe/upipe.h:404 (uplay+0x0000000e31ab)
    #12 upipe_wsrc_alloc ../include/upipe-modules/upipe_worker_source.h:121 (uplay+0x0000000e6874)
    #13 uplay_start /home/fun/upipe/examples/uplay.c:567 (uplay+0x0000000e6874)
    #14 upump_common_dispatch /home/fun/upipe/lib/upipe/upump_common.c:146 (uplay+0x000000caaffe)
    #15 upump_ev_dispatch_idle /home/fun/upipe/lib/upump-ev/upump_ev.c:119 (uplay+0x00000010a7dd)
    #16 ev_invoke_pending <null> (libev.so.4+0x000000003d72)
    #17 __libc_start_main <null> (libc.so.6+0x0000000203f0)

  Location is heap block of size 4592 at 0x7d840001cc00 allocated by main thread:
    #0 malloc <null> (libtsan.so.0+0x000000026c3c)
    #1 upipe_xfer_mgr_alloc /home/fun/upipe/lib/upipe-modules/upipe_transfer.c:678 (uplay+0x000000c98dfb)
    #2 upipe_pthread_xfer_mgr_alloc /home/fun/upipe/lib/upipe-pthread/upipe_pthread_transfer.c:175 (uplay+0x000000186b4d)
    #3 main /home/fun/upipe/examples/uplay.c:766 (uplay+0x0000000e24ba)

  Thread T1 (tid=18190, running) created by main thread at:
    #0 pthread_create <null> (libtsan.so.0+0x0000000284f0)
    #1 upipe_pthread_xfer_mgr_alloc /home/fun/upipe/lib/upipe-pthread/upipe_pthread_transfer.c:186 (uplay+0x000000186c06)
    #2 main /home/fun/upipe/examples/uplay.c:766 (uplay+0x0000000e24ba)

SUMMARY: ThreadSanitizer: data race ../../include/upipe/uring.h:333 in uring_fifo_find
==================

And many other warnings

funman avatar Oct 28 '16 14:10 funman

Works with clang-4.0 from http://apt.llvm.org/

CFLAGS="-fsanitize=thread -O2 -g -fno-omit-frame-pointer"; ../configure CFLAGS="$CFLAGS" CXXFLAGS="$CFLAGS" LDFLAGS=-fsanitize=thread CC=clang-4.0 CXX=clang++-4.0

funman avatar Nov 08 '16 09:11 funman