Skip to content

Data races in isc_buffer_peekuint8, rdataset_settrust, and memmove

Job #3848477 failed for c4fcdbef.

There are three new types of TSAN errors in the failed respdiff-long:tsan CI job.

I did not happen yesterday on 64ef6968, so should this be caused by a new code, the only theoretically relevant MR is !8515 (merged).

WARNING: ThreadSanitizer: data race 
  Read of size 1 at 0x000000000001 by main thread:
    #0 isc_buffer_peekuint8 ../../lib/isc/include/isc/buffer.h:847
    #1 isc_buffer_getuint8 ../../lib/isc/include/isc/buffer.h:854
    #2 dns_ncache_getsigrdataset lib/dns/ncache.c:630
    #3 validate_ncache lib/dns/validator.c:2388
    #4 validate_nx lib/dns/validator.c:2431
    #5 validator_start lib/dns/validator.c:2994
    #6 isc__async_cb lib/isc/async.c:111
    #7 uv__async_io /usr/src/libuv-v1.47.0/src/unix/async.c:176
    #8 thread_body lib/isc/thread.c:85
    #9 isc_thread_main lib/isc/thread.c:116
    #10 isc_loopmgr_run lib/isc/loop.c:454
    #11 main bin/named/main.c:1574

  Previous write of size 1 at 0x000000000001 by thread T0001:
    #0 rdataset_settrust lib/dns/ncache.c:499
    #1 dns_rdataset_settrust lib/dns/rdataset.c:597
    #2 marksecure lib/dns/validator.c:202
    #3 validate_answer lib/dns/validator.c:1528
    #4 validator_start lib/dns/validator.c:2935
    #5 isc__async_cb lib/isc/async.c:111
    #6 uv__async_io /usr/src/libuv-v1.47.0/src/unix/async.c:176
    #7 thread_body lib/isc/thread.c:85
    #8 thread_run lib/isc/thread.c:100

  Location is heap block of size 1015 at 0x000000000020 allocated by main thread:
    #0 malloc ../../../../src/libsanitizer/tsan/tsan_interceptors_posix.cpp:647
    #1 mallocx lib/isc/jemalloc_shim.h:67
    #2 mem_get lib/isc/mem.c:303
    #3 isc__mem_get lib/isc/mem.c:675
    #4 dns_rdataslab_fromrdataset lib/dns/rdataslab.c:332
    #5 dns__rbtdb_addrdataset lib/dns/rbtdb.c:3153
    #6 dns__db_addrdataset lib/dns/db.c:681
    #7 addoptout lib/dns/ncache.c:283
    #8 dns_ncache_add lib/dns/ncache.c:103
    #9 ncache_adderesult lib/dns/resolver.c:6358
    #10 validated lib/dns/resolver.c:5385
    #11 validator_done_cb lib/dns/validator.c:210
    #12 isc__async_cb lib/isc/async.c:111
    #13 uv__async_io /usr/src/libuv-v1.47.0/src/unix/async.c:176
    #14 thread_body lib/isc/thread.c:85
    #15 isc_thread_main lib/isc/thread.c:116
    #16 isc_loopmgr_run lib/isc/loop.c:454
    #17 main bin/named/main.c:1574

  Thread T0001 'isc-loop-0002' (running) created by main thread at:
    #0 pthread_create ../../../../src/libsanitizer/tsan/tsan_interceptors_posix.cpp:1001
    #1 isc_thread_create lib/isc/thread.c:139
    #2 isc_loopmgr_run lib/isc/loop.c:448
    #3 main bin/named/main.c:1574

SUMMARY: ThreadSanitizer: data race ../../lib/isc/include/isc/buffer.h:847 in isc_buffer_peekuint8
WARNING: ThreadSanitizer: data race 
  Write of size 1 at 0x000000000001 by main thread:
    #0 rdataset_settrust lib/dns/ncache.c:499
    #1 dns_rdataset_settrust lib/dns/rdataset.c:597
    #2 marksecure lib/dns/validator.c:202
    #3 validate_answer lib/dns/validator.c:1528
    #4 validator_start lib/dns/validator.c:2935
    #5 isc__async_cb lib/isc/async.c:111
    #6 uv__async_io /usr/src/libuv-v1.47.0/src/unix/async.c:176
    #7 thread_body lib/isc/thread.c:85
    #8 isc_thread_main lib/isc/thread.c:116
    #9 isc_loopmgr_run lib/isc/loop.c:454
    #10 main bin/named/main.c:1574

  Previous write of size 1 at 0x000000000001 by thread T0001:
    #0 rdataset_settrust lib/dns/ncache.c:499
    #1 dns_rdataset_settrust lib/dns/rdataset.c:597
    #2 marksecure lib/dns/validator.c:202
    #3 validate_answer lib/dns/validator.c:1528
    #4 validator_start lib/dns/validator.c:2935
    #5 isc__async_cb lib/isc/async.c:111
    #6 uv__async_io /usr/src/libuv-v1.47.0/src/unix/async.c:176
    #7 thread_body lib/isc/thread.c:85
    #8 thread_run lib/isc/thread.c:100

  Location is heap block of size 1015 at 0x000000000014 allocated by thread T0002:
    #0 malloc ../../../../src/libsanitizer/tsan/tsan_interceptors_posix.cpp:647
    #1 mallocx lib/isc/jemalloc_shim.h:67
    #2 mem_get lib/isc/mem.c:303
    #3 isc__mem_get lib/isc/mem.c:675
    #4 dns_rdataslab_fromrdataset lib/dns/rdataslab.c:332
    #5 dns__rbtdb_addrdataset lib/dns/rbtdb.c:3153
    #6 dns__db_addrdataset lib/dns/db.c:681
    #7 addoptout lib/dns/ncache.c:283
    #8 dns_ncache_add lib/dns/ncache.c:103
    #9 ncache_adderesult lib/dns/resolver.c:6358
    #10 validated lib/dns/resolver.c:5385
    #11 validator_done_cb lib/dns/validator.c:210
    #12 isc__async_cb lib/isc/async.c:111
    #13 uv__async_io /usr/src/libuv-v1.47.0/src/unix/async.c:176
    #14 thread_body lib/isc/thread.c:85
    #15 thread_run lib/isc/thread.c:100

  Thread T0001 'isc-loop-0001' (running) created by main thread at:
    #0 pthread_create ../../../../src/libsanitizer/tsan/tsan_interceptors_posix.cpp:1001
    #1 isc_thread_create lib/isc/thread.c:139
    #2 isc_loopmgr_run lib/isc/loop.c:448
    #3 main bin/named/main.c:1574

  Thread T0002 'isc-loop-0002' (running) created by main thread at:
    #0 pthread_create ../../../../src/libsanitizer/tsan/tsan_interceptors_posix.cpp:1001
    #1 isc_thread_create lib/isc/thread.c:139
    #2 isc_loopmgr_run lib/isc/loop.c:448
    #3 main bin/named/main.c:1574

SUMMARY: ThreadSanitizer: data race lib/dns/ncache.c:499 in rdataset_settrust
WARNING: ThreadSanitizer: data race 
  Read of size 8 at 0x000000000001 by main thread:
    #0 memmove ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:810
    #1 memmove ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:808
    #2 memmove /usr/include/x86_64-linux-gnu/bits/string_fortified.h:36
    #3 dns_name_fromregion lib/dns/name.c:739
    #4 dns_ncache_current lib/dns/ncache.c:701
    #5 validate_ncache lib/dns/validator.c:2382
    #6 validate_nx lib/dns/validator.c:2431
    #7 validator_start lib/dns/validator.c:2994
    #8 isc__async_cb lib/isc/async.c:111
    #9 uv__async_io /usr/src/libuv-v1.47.0/src/unix/async.c:176
    #10 thread_body lib/isc/thread.c:85
    #11 isc_thread_main lib/isc/thread.c:116
    #12 isc_loopmgr_run lib/isc/loop.c:454
    #13 main bin/named/main.c:1574

  Previous write of size 1 at 0x000000000014 by thread T0001:
    #0 rdataset_settrust lib/dns/ncache.c:499
    #1 dns_rdataset_settrust lib/dns/rdataset.c:597
    #2 marksecure lib/dns/validator.c:200
    #3 validate_answer lib/dns/validator.c:1528
    #4 validator_start lib/dns/validator.c:2935
    #5 isc__async_cb lib/isc/async.c:111
    #6 uv__async_io /usr/src/libuv-v1.47.0/src/unix/async.c:176
    #7 thread_body lib/isc/thread.c:85
    #8 thread_run lib/isc/thread.c:100

  Location is heap block of size 1047 at 0x000000000021 allocated by thread T0001:
    #0 malloc ../../../../src/libsanitizer/tsan/tsan_interceptors_posix.cpp:647
    #1 mallocx lib/isc/jemalloc_shim.h:67
    #2 mem_get lib/isc/mem.c:303
    #3 isc__mem_get lib/isc/mem.c:675
    #4 dns_rdataslab_fromrdataset lib/dns/rdataslab.c:332
    #5 dns__rbtdb_addrdataset lib/dns/rbtdb.c:3153
    #6 dns__db_addrdataset lib/dns/db.c:681
    #7 addoptout lib/dns/ncache.c:283
    #8 dns_ncache_add lib/dns/ncache.c:103
    #9 ncache_adderesult lib/dns/resolver.c:6358
    #10 validated lib/dns/resolver.c:5385
    #11 validator_done_cb lib/dns/validator.c:210
    #12 isc__async_cb lib/isc/async.c:111
    #13 uv__async_io /usr/src/libuv-v1.47.0/src/unix/async.c:176
    #14 thread_body lib/isc/thread.c:85
    #15 thread_run lib/isc/thread.c:100

  Thread T0001 'isc-loop-0001' (running) created by main thread at:
    #0 pthread_create ../../../../src/libsanitizer/tsan/tsan_interceptors_posix.cpp:1001
    #1 isc_thread_create lib/isc/thread.c:139
    #2 isc_loopmgr_run lib/isc/loop.c:448
    #3 main bin/named/main.c:1574

SUMMARY: ThreadSanitizer: data race /usr/include/x86_64-linux-gnu/bits/string_fortified.h:36 in memmove

I restarted the job, and this is a reproducible issue.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information