Closed Bug 845362 Opened 11 years ago Closed 11 years ago

TSan: Thread data race in lsm_increment_call_chn_cnt vs. lsm_get_available_line

Categories

(Core :: WebRTC, defect, P2)

Product:
Core
Component:
WebRTC
Platform:
x86_64
Linux
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla22
Tracking Flags:
Tracking Status
firefox21 --- disabled
firefox22 --- fixed

People

(Reporter: posidron, Assigned: ehugg)

References

(
URL
)

Details

(Keywords: sec-want, Whiteboard: [tsan][tsan-test-blocker][webrtc][blocking-webrtc+][qa-])

Attachments

(2 files)

trace
21.01 KB, text/plain
Details
Signaling - Remove max calls per line
28.40 KB, patch
abr
: review+
akeybl
: approval-mozilla-aurora+
Details | Diff | Splinter Review
Attached file trace 
During initial tests with ThreadSanitizer (LLVM version), we get a data race reported as described in the attached log. Trace was created on mozilla-central with changeset 122820:c233837cce08.

According to the TSan devs, most of the reported traces should be real data races, even though they can be "benign". We need to determine if the race can/should be fixed, or put on the ignore list. Even for benign races, TSan devs suggest to fix them (second priority), as they can also cause problems [1].

[1] http://software.intel.com/en-us/blogs/2013/01/06/benign-data-races-what-could-possibly-go-wrong
This looks like a real race, though it may not be an issue in practice (would need to understand this code better to say)
Assignee: nobody → ethanhugg
Priority: -- → P2
Whiteboard: [tsan][tsan-test-blocker] → [tsan][tsan-test-blocker][webrtc][blocking-webrtc?]
Note that it's a real race, but we may not be making use of this.
Whiteboard: [tsan][tsan-test-blocker][webrtc][blocking-webrtc?] → [tsan][tsan-test-blocker][webrtc][blocking-webrtc+]
Comment on attachment 732519 [details] [diff] [review]
Signaling - Remove max calls per line

Review of attachment 732519 [details] [diff] [review]:
-----------------------------------------------------------------

I recommend just removing the max-calls-per-line concept altogether.
Attachment #732519 - Flags: review?(adam)
Comment on attachment 732519 [details] [diff] [review]
Signaling - Remove max calls per line

Review of attachment 732519 [details] [diff] [review]:
-----------------------------------------------------------------

Except for the format string issue I mention below, this all looks good to me.

::: media/webrtc/signaling/src/sipcc/core/common/config_api.c
@@ +301,5 @@
>          }
>          table++;
>      }
>  
> +    debugif_printf("%s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s\n",

I count seventeen "%s" but only sixteen parameters.
Attachment #732519 - Flags: review?(adam) → review+
https://hg.mozilla.org/mozilla-central/rev/ba80ed4de343
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla23
Whiteboard: [tsan][tsan-test-blocker][webrtc][blocking-webrtc+] → [tsan][tsan-test-blocker][webrtc][blocking-webrtc+][webrtc-uplift]
Flags: in-testsuite-
Whiteboard: [tsan][tsan-test-blocker][webrtc][blocking-webrtc+][webrtc-uplift] → [tsan][tsan-test-blocker][webrtc][blocking-webrtc+][webrtc-uplift][qa-]
Comment on attachment 732519 [details] [diff] [review]
Signaling - Remove max calls per line

[Approval Request Comment]
Bug caused by (feature/regressing bug #): N/A

User impact if declined: TSAN bugs are inherently risky and compiler/optimizer and runtime timing dependent.  Nuclear missiles could be launched (to borrow a phrase from the "there are no such things as benign data races" article.

Testing completed (on m-c, etc.): On m-c for a while.

Risk to taking this patch (and alternatives if risky): Minimal risk; it removes a feature of the imported signaling library we weren't using and had no intention to use.


String or IDL/UUID changes made by this patch: only debug log message format strings
Attachment #732519 - Flags: approval-mozilla-aurora?
Comment on attachment 732519 [details] [diff] [review]
Signaling - Remove max calls per line

We won't track these unknown-criticality webrtc security issues, but will take the fixes up to Aurora.
Attachment #732519 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
https://hg.mozilla.org/releases/mozilla-aurora/rev/97a210433b0c
status-firefox21: affecteddisabled
status-firefox22: affectedfixed
Whiteboard: [tsan][tsan-test-blocker][webrtc][blocking-webrtc+][webrtc-uplift][qa-] → [tsan][tsan-test-blocker][webrtc][blocking-webrtc+][qa-]
Target Milestone: mozilla23 → mozilla22
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: