Date: Thu, 17 Nov 2022 14:04:23 +0000 From: bugzilla-noreply@freebsd.org To: toolchain@FreeBSD.org Subject: [Bug 267768] Simple OpenMP example crashes with thread sanitizer (-fsanitize=thread) Message-ID: <bug-267768-29464-hwTKwOLh53@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-267768-29464@https.bugs.freebsd.org/bugzilla/> References: <bug-267768-29464@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D267768 Dimitry Andric <dim@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |emaste@freebsd.org --- Comment #1 from Dimitry Andric <dim@FreeBSD.org> --- Yeah, it looks like the combination of openmp and ThreadSaniziter is not well-tested or supported, even. If you do: export TSAN_OPTIONS=3D'ignore_noninstrumented_modules=3D1' as it recommends, the debugging session seems to work with some suppressed warnings: (gdb) r Starting program: /home/dim/tmp/foo warning: Could not load shared library symbols for [vdso]. Do you need "set solib-search-path" or "set sysroot"? [New LWP 888651 of process 49234] [New LWP 888652 of process 49234] [New LWP 888653 of process 49234] [New LWP 888654 of process 49234] ThreadSanitizer: thread T2 finished with ignores enabled, created at: ThreadSanitizer: thread T1 finished with ignores enabled, created at: ThreadSanitizer: thread T3 finished with ignores enabled, created at: [Detaching after fork from child process 49235] #0 pthread_create /usr/src/contrib/llvm-project/compiler-rt/lib/tsan/rtl/tsan_interceptors_po= six.cpp:1022:3 (foo+0x265a15) #1 __kmp_create_worker /usr/src/contrib/llvm-project/openmp/runtime/src/z_Linux_util.cpp:803:7 (libomp.so+0xce0c8) One of the following ignores was not ended (in order of probability) [LWP 888652 of process 49234 exited] [LWP 886429 of process 49234 exited] [LWP 888651 of process 49234 exited] [LWP 888654 of process 49234 exited] [Inferior 1 (process 49234) exited with code 0102] And if you let it core dump outside a debugger, you can see that it's becua= se of ASLR: Core was generated by `./foo'. Program terminated with signal SIGSEGV, Segmentation fault. Address not mapped to object. #0 0x0000000000000000 in ?? () (gdb) bt #0 0x0000000000000000 in ?? () #1 0x00000000002845ad in __interceptor_strlcpy (dst=3D0x8206c6570 "", src=3D0x8206ca578 "/home/dim/tmp/foo", size=3D1024) at /usr/src/contrib/llvm-project/compiler-rt/lib/tsan/rtl/tsan_interceptors.h:= 40 #2 0x0000000824a3eadd in _elf_aux_info (aux=3D<optimized out>, buf=3D0x820= 6c6570, buflen=3D1024) at /usr/src/lib/libc/gen/auxv.c:287 #3 0x000000000024e2a4 in __sanitizer::ReExec () at /usr/src/contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_li= nux_libcdep.cpp:909 #4 0x000000000024d0e2 in __sanitizer::CheckASLR () at /usr/src/contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_li= nux.cpp:2198 #5 0x00000000002b43df in __tsan::Initialize (thr=3Dthr@entry=3D0x8267071c0= ) at /usr/src/contrib/llvm-project/compiler-rt/lib/tsan/rtl/tsan_rtl.cpp:646 #6 0x0000000000262e00 in __tsan::LazyInitialize (thr=3D0x8267071c0) at /usr/src/contrib/llvm-project/compiler-rt/lib/tsan/rtl/tsan_rtl.h:637 #7 __tsan::ScopedInterceptor::ScopedInterceptor (this=3Dthis@entry=3D0x820= 6c6e38, thr=3Dthr@entry=3D0x8267071c0, fname=3D<optimized out>, pc=3D34975452123) at /usr/src/contrib/llvm-project/compiler-rt/lib/tsan/rtl/tsan_interceptors_po= six.cpp:249 #8 0x0000000000284288 in __interceptor_readlink (path=3D0x8249eeaaa "/etc/malloc.conf", buf=3Dbuf@entry=3D0x8206c8990 "hEl!\b", bufsiz=3Dbufsiz@entry=3D1024) at /usr/src/contrib/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_co= mmon_interceptors.inc:7353 #9 0x0000000824b30bdb in obtain_malloc_conf (which_source=3D2, buf=3D0x820= 6c8990 "hEl!\b") at jemalloc_jemalloc.c:984 #10 malloc_conf_init_helper (sc_data=3Dsc_data@entry=3D0x0, bin_shard_sizes=3Dbin_shard_sizes@entry=3D0x0, initial_call=3Dfalse, opts_cache=3Dopts_cache@entry=3D0x8206c8da0, buf=3Dbuf@entry=3D0x8206c8990 = "hEl!\b") at jemalloc_jemalloc.c:1042 #11 0x0000000824b307ed in malloc_conf_init (sc_data=3D0x8206c6fe0, bin_shard_sizes=3D0x8206c6f50) at jemalloc_jemalloc.c:1449 #12 malloc_init_hard_a0_locked () at jemalloc_jemalloc.c:1509 #13 0x0000000824b32aef in malloc_init_hard () at jemalloc_jemalloc.c:1754 #14 0x000037671ef0a02d in objlist_call_init (list=3Dlist@entry=3D0x8206c9dc= 8, lockstate=3Dlockstate@entry=3D0x8206c9bd8) at /usr/src/libexec/rtld-elf/rtl= d.c:3140 #15 0x000037671ef0862a in _rtld (sp=3D<optimized out>, exit_proc=3D0x8206c9= e40, objp=3D0x8206c9e48) at /usr/src/libexec/rtld-elf/rtld.c:981 #16 0x000037671ef05fd9 in rtld_start () at /usr/src/libexec/rtld-elf/amd64/rtld_start.S:39 #17 0x0000000000000000 in ?? () E.g. what happens here is that Ed's magic code that attempts to auto-restart the process without ASLR is causing some sort of issue. It might fare bette= r if ASLR is disabled globally, or just for the program itself. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-267768-29464-hwTKwOLh53>