-
Notifications
You must be signed in to change notification settings - Fork 189
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Netopeer crashes by get / get-config request #1
Comments
Hi, Regards, |
works correctly now, I'm closing the issue |
Closed
This was referenced Jan 22, 2020
jktjkt
added a commit
to jktjkt/Netopeer2
that referenced
this issue
Jun 15, 2023
As per the docs, the SIGEV_THREAD sigevent option instructs the kernel to create a thread in this process when that timer expires (in fact this is done by the C library, and the kernel "just" wakes up that thread AFAICT). However, this newly created thread appears to have completely bypassed TSAN, and when the just-created thread hits any TSAN interceptor which assumes that some per-thread TSAN structures have been already set up, the application segfaults (for example like this): #0 0x00005555556192d4 in __tsan::user_alloc_internal(__tsan::ThreadState*, unsigned long, unsigned long, unsigned long, bool) () CESNET#1 0x00005555556196a4 in __tsan::user_alloc(__tsan::ThreadState*, unsigned long, unsigned long) () CESNET#2 0x00005555555d3db5 in malloc () CESNET#3 0x00007ffff7889470 in timer_helper_thread (arg=<optimized out>) at ../sysdeps/unix/sysv/linux/timer_routines.c:88 CESNET#4 0x00007ffff787ddd4 in start_thread (arg=<optimized out>) at pthread_create.c:444 CESNET#5 0x00007ffff78ff9b0 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 That's with the latest clang, or, in another case, with GCC: #0 0x00007ffff4e88fc6 in __sanitizer::CombinedAllocator<__sanitizer::SizeClassAllocator64<__tsan::AP64>, __sanitizer::LargeMmapAllocatorPtrArrayDynamic>::Allocate(__sanitizer::SizeClassAllocator64LocalCache<__sanitizer::SizeClassAllocator64<__tsan::AP64> >*, unsigned long, unsigned long) () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 CESNET#1 0x00007ffff4e8686a in __tsan::user_alloc_internal(__tsan::ThreadState*, unsigned long, unsigned long, unsigned long, bool) () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 CESNET#2 0x00007ffff4e869d8 in __tsan::user_alloc(__tsan::ThreadState*, unsigned long, unsigned long) () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 CESNET#3 0x00007ffff4e4331e in malloc () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 CESNET#4 0x00007ffff4cab4c0 in timer_helper_thread (arg=<optimized out>) at ../sysdeps/unix/sysv/linux/timer_routines.c:88 CESNET#5 0x00007ffff4c9fe24 in start_thread (arg=<optimized out>) at pthread_create.c:444 CESNET#6 0x00007ffff4d219b0 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 I have no clue on how to fix this properly within TSAN. Bug: google/sanitizers#1612
jktjkt
added a commit
to jktjkt/Netopeer2
that referenced
this issue
Jun 16, 2023
As per the docs, the SIGEV_THREAD sigevent option instructs the kernel to create a thread in this process when that timer expires (in fact this is done by the C library, and the kernel "just" wakes up that thread AFAICT). However, this newly created thread appears to have completely bypassed TSAN, and when the just-created thread hits any TSAN interceptor which assumes that some per-thread TSAN structures have been already set up, the application segfaults (for example like this): #0 0x00005555556192d4 in __tsan::user_alloc_internal(__tsan::ThreadState*, unsigned long, unsigned long, unsigned long, bool) () CESNET#1 0x00005555556196a4 in __tsan::user_alloc(__tsan::ThreadState*, unsigned long, unsigned long) () CESNET#2 0x00005555555d3db5 in malloc () CESNET#3 0x00007ffff7889470 in timer_helper_thread (arg=<optimized out>) at ../sysdeps/unix/sysv/linux/timer_routines.c:88 CESNET#4 0x00007ffff787ddd4 in start_thread (arg=<optimized out>) at pthread_create.c:444 CESNET#5 0x00007ffff78ff9b0 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 That's with the latest clang, or, in another case, with GCC: #0 0x00007ffff4e88fc6 in __sanitizer::CombinedAllocator<__sanitizer::SizeClassAllocator64<__tsan::AP64>, __sanitizer::LargeMmapAllocatorPtrArrayDynamic>::Allocate(__sanitizer::SizeClassAllocator64LocalCache<__sanitizer::SizeClassAllocator64<__tsan::AP64> >*, unsigned long, unsigned long) () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 CESNET#1 0x00007ffff4e8686a in __tsan::user_alloc_internal(__tsan::ThreadState*, unsigned long, unsigned long, unsigned long, bool) () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 CESNET#2 0x00007ffff4e869d8 in __tsan::user_alloc(__tsan::ThreadState*, unsigned long, unsigned long) () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 CESNET#3 0x00007ffff4e4331e in malloc () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 CESNET#4 0x00007ffff4cab4c0 in timer_helper_thread (arg=<optimized out>) at ../sysdeps/unix/sysv/linux/timer_routines.c:88 CESNET#5 0x00007ffff4c9fe24 in start_thread (arg=<optimized out>) at pthread_create.c:444 CESNET#6 0x00007ffff4d219b0 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 I have no clue on how to fix this properly within TSAN. Bug: google/sanitizers#1612
michalvasko
pushed a commit
that referenced
this issue
Jun 16, 2023
As per the docs, the SIGEV_THREAD sigevent option instructs the kernel to create a thread in this process when that timer expires (in fact this is done by the C library, and the kernel "just" wakes up that thread AFAICT). However, this newly created thread appears to have completely bypassed TSAN, and when the just-created thread hits any TSAN interceptor which assumes that some per-thread TSAN structures have been already set up, the application segfaults (for example like this): #0 0x00005555556192d4 in __tsan::user_alloc_internal(__tsan::ThreadState*, unsigned long, unsigned long, unsigned long, bool) () #1 0x00005555556196a4 in __tsan::user_alloc(__tsan::ThreadState*, unsigned long, unsigned long) () #2 0x00005555555d3db5 in malloc () #3 0x00007ffff7889470 in timer_helper_thread (arg=<optimized out>) at ../sysdeps/unix/sysv/linux/timer_routines.c:88 #4 0x00007ffff787ddd4 in start_thread (arg=<optimized out>) at pthread_create.c:444 #5 0x00007ffff78ff9b0 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 That's with the latest clang, or, in another case, with GCC: #0 0x00007ffff4e88fc6 in __sanitizer::CombinedAllocator<__sanitizer::SizeClassAllocator64<__tsan::AP64>, __sanitizer::LargeMmapAllocatorPtrArrayDynamic>::Allocate(__sanitizer::SizeClassAllocator64LocalCache<__sanitizer::SizeClassAllocator64<__tsan::AP64> >*, unsigned long, unsigned long) () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 #1 0x00007ffff4e8686a in __tsan::user_alloc_internal(__tsan::ThreadState*, unsigned long, unsigned long, unsigned long, bool) () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 #2 0x00007ffff4e869d8 in __tsan::user_alloc(__tsan::ThreadState*, unsigned long, unsigned long) () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 #3 0x00007ffff4e4331e in malloc () from /nix/store/ds46sf6mb9xydn0gy97131y1w5hag5s8-gcc-12.2.0-lib/lib/libtsan.so.2 #4 0x00007ffff4cab4c0 in timer_helper_thread (arg=<optimized out>) at ../sysdeps/unix/sysv/linux/timer_routines.c:88 #5 0x00007ffff4c9fe24 in start_thread (arg=<optimized out>) at pthread_create.c:444 #6 0x00007ffff4d219b0 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 I have no clue on how to fix this properly within TSAN. Bug: google/sanitizers#1612
Closed
Closed
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Netopeer crashes by get / get-config request. Logs + backtrace:
List of modules installed in sysrepo (minimal set required by Netopeer + turing-machine):
The text was updated successfully, but these errors were encountered: