Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cilksan reporting race condition with malloc/realloc/free #218

Closed
bababuck opened this issue Nov 20, 2023 · 3 comments
Closed

Cilksan reporting race condition with malloc/realloc/free #218

bababuck opened this issue Nov 20, 2023 · 3 comments
Labels
bug Something isn't working

Comments

@bababuck
Copy link

Describe the bug

Cilksan is reporting a race condition for when I free memory allocated by malloc. I have a small working example. My malloc/realloc/free manual specifies safe for multithreading:

> man malloc
ATTRIBUTES
       For an explanation of the terms used in this section, see attributes(7).

       ┌─────────────────────┬───────────────┬─────────┐
       │Interface            │ Attribute     │ Value   │
       ├─────────────────────┼───────────────┼─────────┤
       │malloc(), free(),    │ Thread safety │ MT-Safe │
       │calloc(), realloc()  │               │         │
       └─────────────────────┴───────────────┴─────────┘

Maybe it has to do with reuse of addresses by malloc after free. I could also be wrong and this is a race condition, but I don't see how.

Expected behavior

No race conditions detected.

OpenCilk version

clang version 14.0.6 (https://github.com/OpenCilk/opencilk-project fc90ded2b090672f84c58d12d8d85cd999eb6c1a)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /software/OpenCilk/20.04/2.0.0//bin

Steps to reproduce (include relevant output)

cilksan.c

/**
 * Simple replicated case of CILKSAN wrongly reported memory race.
 */

#include <stdlib.h>
#include <cilk/cilk.h>

void test(int *arr, int count) {
  if (count == 0) {
    free(arr);
    return ;
  }

  cilk_scope {
    for (int i = 0; i < 15; ++i) {
      int *new_arr = malloc(10 * sizeof(int));
      new_arr = realloc(new_arr, 10 * sizeof(int));
      cilk_spawn test(new_arr, count - 1);
    }
  }
  return ;
}

int main(int argc, char *argv[]) {
  test(NULL, 1);
}
clang -std=gnu11 -Wall -fopencilk -fsanitize=cilk -DCILKSAN=1 -O3 -DNDEBUG -march=znver2  -o cilksan.exe cilksan.c
./cilksan.exe
Running Cilksan race detector.
Race detected on location 11d8b900
*     Free 4846c9 test cilksan.c
+     Call 484b40 test cilksan.c
+    Spawn 4847ba test cilksan.c
|*    Free 4846c9 test cilksan.c
|+    Call 484b40 test cilksan.c
|+   Spawn 4847ba test cilksan.c
\| Common calling context
 +    Call 484967 main cilksan.c


Cilksan detected 1 distinct races.
Cilksan suppressed 12 duplicate race reports.
@bababuck bababuck added the bug Something isn't working label Nov 20, 2023
@neboat
Copy link
Collaborator

neboat commented Nov 20, 2023

Thanks for the report. I replicated the issue on my end, and I'll look into it.

neboat added a commit to neboat/productivity-tools that referenced this issue Nov 21, 2023
@neboat
[cilksan] Fix handling of a realloc when the allocation of the given …
93ac0bb 
…old pointer is not instrumented.

Fixes issue OpenCilk/opencilk-project#218
@neboat neboat mentioned this issue Nov 21, 2023
Merged
@neboat
Copy link
Collaborator

neboat commented Nov 21, 2023

This is indeed a bug. There's now a PR with a fix for it here: OpenCilk/productivity-tools#41

neboat added a commit to OpenCilk/productivity-tools that referenced this issue Jan 6, 2024
@neboat
[cilksan] Fix handling of a realloc when the allocation of the given …
15c8cd4 
…old pointer is not instrumented.

Fixes issue OpenCilk/opencilk-project#218
@neboat
Copy link
Collaborator

neboat commented Jan 13, 2024

This bug has been fixed in the latest release.

@neboat neboat closed this as completed Jan 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@neboat @bababuck