Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

A memory allocation race in lx is causing nondeterministic crashes #351

Open
silentbicycle opened this issue Apr 28, 2021 · 2 comments
Open

A memory allocation race in lx is causing nondeterministic crashes #351

silentbicycle opened this issue Apr 28, 2021 · 2 comments

Comments

@silentbicycle
Copy link
Collaborator

Running the following command:

$ while true; do sleep 0.1; ./build/bin/lx -l test < src/lx/lexer.lx && echo ok; done

will produce a steady stream of memory-related errors in lx.

There appears to be a race on malloc/realloc on a shared pointer. I am going to post a PR in a moment that disables multithreading, this issue exists as a reminder to fix it later. It's currently a distraction from other more important work.
silentbicycle added a commit that referenced this issue Apr 28, 2021
@silentbicycle
Disable multithreading in lx for now.
ae73900 
Running this in a loop:

    $ while true; do sleep 0.1; ./build/bin/lx -l test < src/lx/lexer.lx \
        && echo ok; done

Produces a stream of intermittent failures. There appears to be
unsynchronized access to a shared/global resource, and races on
either `realloc`ing or `free`ing it can nondeterministically lead
to memory corruption.

For now, change to using only one thread -- issue #351 exists as a
reminder to-enable this once the underlying problem has been fixed.
@silentbicycle silentbicycle mentioned this issue Apr 28, 2021
Merged
katef pushed a commit that referenced this issue Apr 28, 2021
@silentbicycle @katef
Disable multithreading in lx for now.
b921bb3 
Running this in a loop:

    $ while true; do sleep 0.1; ./build/bin/lx -l test < src/lx/lexer.lx \
        && echo ok; done

Produces a stream of intermittent failures. There appears to be
unsynchronized access to a shared/global resource, and races on
either `realloc`ing or `free`ing it can nondeterministically lead
to memory corruption.

For now, change to using only one thread -- issue #351 exists as a
reminder to-enable this once the underlying problem has been fixed.
@katef katef mentioned this issue Dec 28, 2023
Closed
@katef
Copy link
Owner

katef commented Jan 4, 2024

Hm I can't reproduce this, I tried with and without asan, ubsan and efence. Any ideas?

@silentbicycle
Copy link
Collaborator Author

silentbicycle commented Jan 4, 2024
edited

You need to set the concurrency flag (-C) to use multiple threads. I just checked again on main and

$ while true; do sleep 0.1; ./build/bin/lx -C8 -l test < src/lx/lexer.lx && echo ok; done

still produces errors

ok
malloc_consolidate(): invalid chunk size
Aborted (core dumped)
ok
...
ok
double free or corruption (out)
Aborted (core dumped)
ok
corrupted size vs. prev_size
Aborted (core dumped)
ok
...
ok
corrupted size vs. prev_size
Aborted (core dumped)
ok
...
ok
malloc(): unsorted double linked list corrupted
Aborted (core dumped)
ok
double free or corruption (out)
Aborted (core dumped)
ok

It may depend somewhat on CPU load -- if I ran multiple processes of a busywait program to bog the CPU down the failures reduced in frequency, and they returned when I stopped the busywaiters.

It used to fail without the -C flag, because before ae73900 the default was 4 threads rather than 1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@silentbicycle @katef