My favorites | Sign in
Project Home Downloads Wiki Issues Code Search
New issue   Search
for
  Advanced search   Search tips   Subscriptions
Issue 249750: ThreadSanitizer v2 reports a data race in v8::UnboundQueue
1 person starred this issue and may be notified of changes. Back to list
 
Project Member Reported by gli...@chromium.org, Jun 14, 2013
See https://cluster-fuzz.appspot.com/testcase?key=190218304:

==================
WARNING: ThreadSanitizer: data race (pid=22500)
  Write of size 8 at 0x7d300000aae8 by main thread:
    #0 v8::internal::OS::ReleaseStore(long volatile*, long) v8/src/platform-linux.cc:320 (chrome+0x000003cfad1e)
    #1 Enqueue v8/src/unbound-queue-inl.h:81 (chrome+0x0000038985ac)
    #2 v8::internal::ProfilerEventsProcessor::AddCurrentStack() v8/src/cpu-profiler.cc:189 (chrome+0x0000038985ac)
    #3 GetName v8/src/cpu-profiler.cc:443 (chrome+0x000003899c2b)
    #4 v8::internal::CpuProfiler::StartProfiling(v8::internal::String*, bool) v8/src/cpu-profiler.cc:448 (chrome+0x000003899c2b)
    #5 v8::CpuProfiler::StartCpuProfiling(v8::Handle<v8::String>, bool) v8/src/api.cc:7339:26 (chrome+0x000003853612)
    #6 WebCore::ScriptProfiler::start(WTF::String const&) third_party/WebKit/Source/bindings/v8/ScriptProfiler.cpp:67:33 (chrome+0x0000022fdc8c)
    #7 WebCore::Console::profile(WebCore::ScriptState*, WTF::String const&) third_party/WebKit/Source/core/page/Console.cpp:169 (chrome+0x000003417303)
    #8 profileMethod out/Release/gen/webcore/bindings/V8Console.cpp:373 (chrome+0x000001e995af)
    #9 WebCore::ConsoleV8Internal::profileMethodCallback(v8::FunctionCallbackInfo<v8::Value> const&) out/Release/gen/webcore/bindings/V8Console.cpp:386 (chrome+0x000001e995af)
    #10 v8::internal::FunctionCallbackArguments::Call(v8::Handle<v8::Value> (*)(v8::Arguments const&)) v8/src/arguments.cc:99 (chrome+0x000003858762)
    #11 HandleApiCallHelper<false> v8/src/builtins.cc:1276 (chrome+0x000003879ec9)
    #12 Builtin_implHandleApiCall v8/src/builtins.cc:1294 (chrome+0x000003879ec9)
    #13 v8::internal::Builtin_HandleApiCall(int, v8::internal::Object**, v8::internal::Isolate*) v8/src/builtins.cc:1293 (chrome+0x000003879ec9)
    #14 <null> <null>:0 (0x7fda8030686e)
    #15 v8::internal::Execution::Call(v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*, bool*, bool) v8/src/execution.cc:182 (chrome+0x0000038cfee8)
    #16 v8::Script::Run() v8/src/api.cc:1969 (chrome+0x000003837f2c)
    #17 WebCore::V8ScriptRunner::runCompiledScript(v8::Handle<v8::Script>, WebCore::ScriptExecutionContext*) third_party/WebKit/Source/bindings/v8/V8ScriptRunner.cpp:66 (chrome+0x00000221a887)
    #18 WebCore::ScriptController::compileAndRunScript(WebCore::ScriptSourceCode const&) third_party/WebKit/Source/bindings/v8/ScriptController.cpp:240 (chrome+0x0000021e9116)
    #19 WebCore::ScheduledAction::execute(WebCore::Frame*) third_party/WebKit/Source/bindings/v8/ScheduledAction.cpp:103 (chrome+0x0000022fd615)
    #20 WebCore::ScheduledAction::execute(WebCore::ScriptExecutionContext*) third_party/WebKit/Source/bindings/v8/ScheduledAction.cpp:80 (chrome+0x0000022fd37b)
    #21 WebCore::DOMTimer::fired() third_party/WebKit/Source/core/page/DOMTimer.cpp:160 (chrome+0x000003432506)
    #22 WebCore::ThreadTimers::sharedTimerFiredInternal() third_party/WebKit/Source/core/platform/ThreadTimers.cpp:129 (chrome+0x0000018337c1)
    #23 WebCore::ThreadTimers::sharedTimerFired() third_party/WebKit/Source/core/platform/ThreadTimers.cpp:105 (chrome+0x00000183353e)
    #24 webkit_glue::WebKitPlatformSupportImpl::DoTimeout() webkit/glue/webkitplatformsupport_impl.h:184 (chrome+0x000004f0321c)
    #25 Run base/bind_internal.h:134 (chrome+0x000004f03b02)
    #26 MakeItSo base/bind_internal.h:871 (chrome+0x000004f03b02)
    #27 base::internal::Invoker<1, base::internal::BindState<base::internal::RunnableAdapter<void (webkit_glue::WebKitPlatformSupportImpl::*)()>, void (webkit_glue::WebKitPlatformSupportImpl*), void (base::internal::UnretainedWrapper<webkit_glue::WebKitPlatformSupportImpl>)>, void (webkit_glue::WebKitPlatformSupportImpl*)>::Run(base::internal::BindStateBase*) base/bind_internal.h:1169 (chrome+0x000004f03b02)
    #28 Run base/callback.h:396 (chrome+0x000003fb378c)
    #29 base::Timer::RunScheduledTask() base/timer.cc:181 (chrome+0x000003fb378c)
    #30 base::BaseTimerTaskInternal::Run() base/timer.cc:46 (chrome+0x000003fb364d)
    #31 Run base/bind_internal.h:134 (chrome+0x000003fb3962)
    #32 MakeItSo base/bind_internal.h:871 (chrome+0x000003fb3962)
    #33 base::internal::Invoker<1, base::internal::BindState<base::internal::RunnableAdapter<void (base::BaseTimerTaskInternal::*)()>, void (base::BaseTimerTaskInternal*), void (base::internal::OwnedWrapper<base::BaseTimerTaskInternal>)>, void (base::BaseTimerTaskInternal*)>::Run(base::internal::BindStateBase*) base/bind_internal.h:1169 (chrome+0x000003fb3962)
    #34 Run base/callback.h:396 (chrome+0x000003f65511)
    #35 base::MessageLoop::RunTask(base::PendingTask const&) base/message_loop.cc:484 (chrome+0x000003f65511)
    #36 base::MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) base/message_loop.cc:496 (chrome+0x000003f658f7)
    #37 base::MessageLoop::DoDelayedWork(base::TimeTicks*) base/message_loop.cc:726 (chrome+0x000003f66140)
    #38 base::MessagePumpDefault::Run(base::MessagePump::Delegate*) base/message_pump_default.cc:33 (chrome+0x000003f68dfa)
    #39 base::MessageLoop::RunInternal() base/message_loop.cc:441 (chrome+0x000003f64bd0)
    #40 base::MessageLoop::RunHandler() base/message_loop.cc:414 (chrome+0x000003f64a89)
    #41 base::RunLoop::Run() base/run_loop.cc:45 (chrome+0x000003f87e12)
    #42 base::MessageLoop::Run() base/message_loop.cc:321 (chrome+0x000003f63eb5)
    #43 content::RendererMain(content::MainFunctionParams const&) content/renderer/renderer_main.cc:236 (chrome+0x0000052ac641)
    #44 content::RunZygote(content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:385 (chrome+0x0000042b90c0)
    #45 content::RunNamedProcessTypeMain(std::string const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:441 (chrome+0x0000042b9a04)
    #46 content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:756 (chrome+0x0000042ba76a)
    #47 content::ContentMain(int, char const**, content::ContentMainDelegate*) content/app/content_main.cc:35 (chrome+0x0000042b8c0e)
    #48 ChromeMain chrome/app/chrome_main.cc:32 (chrome+0x0000007ebe13)
    #49 main chrome/app/chrome_exe_main_gtk.cc:39 (chrome+0x0000007ebdbe)

  Previous read of size 8 at 0x7d300000aae8 by thread T6:
    #0 IsEmpty v8/src/unbound-queue.h:51 (chrome+0x000003898854)
    #1 v8::internal::ProfilerEventsProcessor::ProcessTicks(unsigned int) v8/src/cpu-profiler.cc:217 (chrome+0x000003898854)
    #2 v8::internal::ProfilerEventsProcessor::Run() v8/src/cpu-profiler.cc:253 (chrome+0x000003898a12)
    #3 NotifyStartedAndRun v8/src/platform.h:614 (chrome+0x000003cfbda3)
    #4 v8::internal::ThreadEntry(void*) v8/src/platform-linux.cc:813 (chrome+0x000003cfbda3)

  Location is heap block of size 184 at 0x7d300000aa40 allocated by main thread:
    #0 operator new(unsigned long) /work/chromium/src/third_party/llvm/projects/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc:498 (chrome+0x0000007b9ea6)
    #1 v8::internal::CpuProfiler::StartProcessorIfNotStarted() v8/src/cpu-profiler.cc:458 (chrome+0x0000038997ef)
    #2 GetName v8/src/cpu-profiler.cc:441 (chrome+0x000003899c19)
    #3 v8::internal::CpuProfiler::StartProfiling(v8::internal::String*, bool) v8/src/cpu-profiler.cc:448 (chrome+0x000003899c19)
    #4 v8::CpuProfiler::StartCpuProfiling(v8::Handle<v8::String>, bool) v8/src/api.cc:7339:26 (chrome+0x000003853612)
    #5 WebCore::ScriptProfiler::start(WTF::String const&) third_party/WebKit/Source/bindings/v8/ScriptProfiler.cpp:67:33 (chrome+0x0000022fdc8c)
    #6 WebCore::Console::profile(WebCore::ScriptState*, WTF::String const&) third_party/WebKit/Source/core/page/Console.cpp:169 (chrome+0x000003417303)
    #7 profileMethod out/Release/gen/webcore/bindings/V8Console.cpp:373 (chrome+0x000001e995af)
    #8 WebCore::ConsoleV8Internal::profileMethodCallback(v8::FunctionCallbackInfo<v8::Value> const&) out/Release/gen/webcore/bindings/V8Console.cpp:386 (chrome+0x000001e995af)
    #9 v8::internal::FunctionCallbackArguments::Call(v8::Handle<v8::Value> (*)(v8::Arguments const&)) v8/src/arguments.cc:99 (chrome+0x000003858762)
    #10 HandleApiCallHelper<false> v8/src/builtins.cc:1276 (chrome+0x000003879ec9)
    #11 Builtin_implHandleApiCall v8/src/builtins.cc:1294 (chrome+0x000003879ec9)
    #12 v8::internal::Builtin_HandleApiCall(int, v8::internal::Object**, v8::internal::Isolate*) v8/src/builtins.cc:1293 (chrome+0x000003879ec9)
    #13 <null> <null>:0 (0x7fda8030686e)
    #14 v8::internal::Execution::Call(v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*, bool*, bool) v8/src/execution.cc:182 (chrome+0x0000038cfee8)
    #15 v8::Script::Run() v8/src/api.cc:1969 (chrome+0x000003837f2c)
    #16 WebCore::V8ScriptRunner::runCompiledScript(v8::Handle<v8::Script>, WebCore::ScriptExecutionContext*) third_party/WebKit/Source/bindings/v8/V8ScriptRunner.cpp:66 (chrome+0x00000221a887)
    #17 WebCore::ScriptController::compileAndRunScript(WebCore::ScriptSourceCode const&) third_party/WebKit/Source/bindings/v8/ScriptController.cpp:240 (chrome+0x0000021e9116)
    #18 WebCore::ScheduledAction::execute(WebCore::Frame*) third_party/WebKit/Source/bindings/v8/ScheduledAction.cpp:103 (chrome+0x0000022fd615)
    #19 WebCore::ScheduledAction::execute(WebCore::ScriptExecutionContext*) third_party/WebKit/Source/bindings/v8/ScheduledAction.cpp:80 (chrome+0x0000022fd37b)
    #20 WebCore::DOMTimer::fired() third_party/WebKit/Source/core/page/DOMTimer.cpp:160 (chrome+0x000003432506)
    #21 WebCore::ThreadTimers::sharedTimerFiredInternal() third_party/WebKit/Source/core/platform/ThreadTimers.cpp:129 (chrome+0x0000018337c1)
    #22 WebCore::ThreadTimers::sharedTimerFired() third_party/WebKit/Source/core/platform/ThreadTimers.cpp:105 (chrome+0x00000183353e)
    #23 webkit_glue::WebKitPlatformSupportImpl::DoTimeout() webkit/glue/webkitplatformsupport_impl.h:184 (chrome+0x000004f0321c)
    #24 Run base/bind_internal.h:134 (chrome+0x000004f03b02)
    #25 MakeItSo base/bind_internal.h:871 (chrome+0x000004f03b02)
    #26 base::internal::Invoker<1, base::internal::BindState<base::internal::RunnableAdapter<void (webkit_glue::WebKitPlatformSupportImpl::*)()>, void (webkit_glue::WebKitPlatformSupportImpl*), void (base::internal::UnretainedWrapper<webkit_glue::WebKitPlatformSupportImpl>)>, void (webkit_glue::WebKitPlatformSupportImpl*)>::Run(base::internal::BindStateBase*) base/bind_internal.h:1169 (chrome+0x000004f03b02)
    #27 Run base/callback.h:396 (chrome+0x000003fb378c)
    #28 base::Timer::RunScheduledTask() base/timer.cc:181 (chrome+0x000003fb378c)
    #29 base::BaseTimerTaskInternal::Run() base/timer.cc:46 (chrome+0x000003fb364d)
    #30 Run base/bind_internal.h:134 (chrome+0x000003fb3962)
    #31 MakeItSo base/bind_internal.h:871 (chrome+0x000003fb3962)
    #32 base::internal::Invoker<1, base::internal::BindState<base::internal::RunnableAdapter<void (base::BaseTimerTaskInternal::*)()>, void (base::BaseTimerTaskInternal*), void (base::internal::OwnedWrapper<base::BaseTimerTaskInternal>)>, void (base::BaseTimerTaskInternal*)>::Run(base::internal::BindStateBase*) base/bind_internal.h:1169 (chrome+0x000003fb3962)
    #33 Run base/callback.h:396 (chrome+0x000003f65511)
    #34 base::MessageLoop::RunTask(base::PendingTask const&) base/message_loop.cc:484 (chrome+0x000003f65511)
    #35 base::MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) base/message_loop.cc:496 (chrome+0x000003f658f7)
    #36 base::MessageLoop::DoDelayedWork(base::TimeTicks*) base/message_loop.cc:726 (chrome+0x000003f66140)
    #37 base::MessagePumpDefault::Run(base::MessagePump::Delegate*) base/message_pump_default.cc:33 (chrome+0x000003f68dfa)
    #38 base::MessageLoop::RunInternal() base/message_loop.cc:441 (chrome+0x000003f64bd0)
    #39 base::MessageLoop::RunHandler() base/message_loop.cc:414 (chrome+0x000003f64a89)
    #40 base::RunLoop::Run() base/run_loop.cc:45 (chrome+0x000003f87e12)
    #41 base::MessageLoop::Run() base/message_loop.cc:321 (chrome+0x000003f63eb5)
    #42 content::RendererMain(content::MainFunctionParams const&) content/renderer/renderer_main.cc:236 (chrome+0x0000052ac641)
    #43 content::RunZygote(content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:385 (chrome+0x0000042b90c0)
    #44 content::RunNamedProcessTypeMain(std::string const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:441 (chrome+0x0000042b9a04)
    #45 content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:756 (chrome+0x0000042ba76a)
    #46 content::ContentMain(int, char const**, content::ContentMainDelegate*) content/app/content_main.cc:35 (chrome+0x0000042b8c0e)
    #47 ChromeMain chrome/app/chrome_main.cc:32 (chrome+0x0000007ebe13)
    #48 main chrome/app/chrome_exe_main_gtk.cc:39 (chrome+0x0000007ebdbe)

  Thread T6 v8:ProfEvntProc (tid=22569, running) created by main thread at:
    #0 pthread_create /work/chromium/src/third_party/llvm/projects/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc:812 (chrome+0x0000007bcc02)
    #1 v8::internal::Thread::Start() v8/src/platform-linux.cc:836 (chrome+0x000003cfbd09)
    #2 StartSynchronously v8/src/platform.h:557 (chrome+0x000003899a2d)
    #3 v8::internal::CpuProfiler::StartProcessorIfNotStarted() v8/src/cpu-profiler.cc:460 (chrome+0x000003899a2d)
    #4 GetName v8/src/cpu-profiler.cc:441 (chrome+0x000003899c19)
    #5 v8::internal::CpuProfiler::StartProfiling(v8::internal::String*, bool) v8/src/cpu-profiler.cc:448 (chrome+0x000003899c19)
    #6 v8::CpuProfiler::StartCpuProfiling(v8::Handle<v8::String>, bool) v8/src/api.cc:7339:26 (chrome+0x000003853612)
    #7 WebCore::ScriptProfiler::start(WTF::String const&) third_party/WebKit/Source/bindings/v8/ScriptProfiler.cpp:67:33 (chrome+0x0000022fdc8c)
    #8 WebCore::Console::profile(WebCore::ScriptState*, WTF::String const&) third_party/WebKit/Source/core/page/Console.cpp:169 (chrome+0x000003417303)
    #9 profileMethod out/Release/gen/webcore/bindings/V8Console.cpp:373 (chrome+0x000001e995af)
    #10 WebCore::ConsoleV8Internal::profileMethodCallback(v8::FunctionCallbackInfo<v8::Value> const&) out/Release/gen/webcore/bindings/V8Console.cpp:386 (chrome+0x000001e995af)
    #11 v8::internal::FunctionCallbackArguments::Call(v8::Handle<v8::Value> (*)(v8::Arguments const&)) v8/src/arguments.cc:99 (chrome+0x000003858762)
    #12 HandleApiCallHelper<false> v8/src/builtins.cc:1276 (chrome+0x000003879ec9)
    #13 Builtin_implHandleApiCall v8/src/builtins.cc:1294 (chrome+0x000003879ec9)
    #14 v8::internal::Builtin_HandleApiCall(int, v8::internal::Object**, v8::internal::Isolate*) v8/src/builtins.cc:1293 (chrome+0x000003879ec9)
    #15 <null> <null>:0 (0x7fda8030686e)
    #16 v8::internal::Execution::Call(v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*, bool*, bool) v8/src/execution.cc:182 (chrome+0x0000038cfee8)
    #17 v8::Script::Run() v8/src/api.cc:1969 (chrome+0x000003837f2c)
    #18 WebCore::V8ScriptRunner::runCompiledScript(v8::Handle<v8::Script>, WebCore::ScriptExecutionContext*) third_party/WebKit/Source/bindings/v8/V8ScriptRunner.cpp:66 (chrome+0x00000221a887)
    #19 WebCore::ScriptController::compileAndRunScript(WebCore::ScriptSourceCode const&) third_party/WebKit/Source/bindings/v8/ScriptController.cpp:240 (chrome+0x0000021e9116)
    #20 WebCore::ScheduledAction::execute(WebCore::Frame*) third_party/WebKit/Source/bindings/v8/ScheduledAction.cpp:103 (chrome+0x0000022fd615)
    #21 WebCore::ScheduledAction::execute(WebCore::ScriptExecutionContext*) third_party/WebKit/Source/bindings/v8/ScheduledAction.cpp:80 (chrome+0x0000022fd37b)
    #22 WebCore::DOMTimer::fired() third_party/WebKit/Source/core/page/DOMTimer.cpp:160 (chrome+0x000003432506)
    #23 WebCore::ThreadTimers::sharedTimerFiredInternal() third_party/WebKit/Source/core/platform/ThreadTimers.cpp:129 (chrome+0x0000018337c1)
    #24 WebCore::ThreadTimers::sharedTimerFired() third_party/WebKit/Source/core/platform/ThreadTimers.cpp:105 (chrome+0x00000183353e)
    #25 webkit_glue::WebKitPlatformSupportImpl::DoTimeout() webkit/glue/webkitplatformsupport_impl.h:184 (chrome+0x000004f0321c)
    #26 Run base/bind_internal.h:134 (chrome+0x000004f03b02)
    #27 MakeItSo base/bind_internal.h:871 (chrome+0x000004f03b02)
    #28 base::internal::Invoker<1, base::internal::BindState<base::internal::RunnableAdapter<void (webkit_glue::WebKitPlatformSupportImpl::*)()>, void (webkit_glue::WebKitPlatformSupportImpl*), void (base::internal::UnretainedWrapper<webkit_glue::WebKitPlatformSupportImpl>)>, void (webkit_glue::WebKitPlatformSupportImpl*)>::Run(base::internal::BindStateBase*) base/bind_internal.h:1169 (chrome+0x000004f03b02)
    #29 Run base/callback.h:396 (chrome+0x000003fb378c)
    #30 base::Timer::RunScheduledTask() base/timer.cc:181 (chrome+0x000003fb378c)
    #31 base::BaseTimerTaskInternal::Run() base/timer.cc:46 (chrome+0x000003fb364d)
    #32 Run base/bind_internal.h:134 (chrome+0x000003fb3962)
    #33 MakeItSo base/bind_internal.h:871 (chrome+0x000003fb3962)
    #34 base::internal::Invoker<1, base::internal::BindState<base::internal::RunnableAdapter<void (base::BaseTimerTaskInternal::*)()>, void (base::BaseTimerTaskInternal*), void (base::internal::OwnedWrapper<base::BaseTimerTaskInternal>)>, void (base::BaseTimerTaskInternal*)>::Run(base::internal::BindStateBase*) base/bind_internal.h:1169 (chrome+0x000003fb3962)
    #35 Run base/callback.h:396 (chrome+0x000003f65511)
    #36 base::MessageLoop::RunTask(base::PendingTask const&) base/message_loop.cc:484 (chrome+0x000003f65511)
    #37 base::MessageLoop::DeferOrRunPendingTask(base::PendingTask const&) base/message_loop.cc:496 (chrome+0x000003f658f7)
    #38 base::MessageLoop::DoDelayedWork(base::TimeTicks*) base/message_loop.cc:726 (chrome+0x000003f66140)
    #39 base::MessagePumpDefault::Run(base::MessagePump::Delegate*) base/message_pump_default.cc:33 (chrome+0x000003f68dfa)
    #40 base::MessageLoop::RunInternal() base/message_loop.cc:441 (chrome+0x000003f64bd0)
    #41 base::MessageLoop::RunHandler() base/message_loop.cc:414 (chrome+0x000003f64a89)
    #42 base::RunLoop::Run() base/run_loop.cc:45 (chrome+0x000003f87e12)
    #43 base::MessageLoop::Run() base/message_loop.cc:321 (chrome+0x000003f63eb5)
    #44 content::RendererMain(content::MainFunctionParams const&) content/renderer/renderer_main.cc:236 (chrome+0x0000052ac641)
    #45 content::RunZygote(content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:385 (chrome+0x0000042b90c0)
    #46 content::RunNamedProcessTypeMain(std::string const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:441 (chrome+0x0000042b9a04)
    #47 content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:756 (chrome+0x0000042ba76a)
    #48 content::ContentMain(int, char const**, content::ContentMainDelegate*) content/app/content_main.cc:35 (chrome+0x0000042b8c0e)
    #49 ChromeMain chrome/app/chrome_main.cc:32 (chrome+0x0000007ebe13)
    #50 main chrome/app/chrome_exe_main_gtk.cc:39 (chrome+0x0000007ebdbe)

SUMMARY: ThreadSanitizer: data race v8/src/platform-linux.cc:320 v8::internal::OS::ReleaseStore(long volatile*, long)


Looks like TSan doesn't understand that OS::ReleaseStore is an atomic operation with release semantics. But anyway it occurs concurrently with a non-atomic access in IsEmpty(), causing a data race.
Jun 14, 2013
#1 danno@chromium.org
Yury, I think this is a CPU profiler issue. If not, I'll re-triage inside the V8 team. 
Owner: yurys@chromium.org
Jun 14, 2013
#2 yurys@chromium.org
Yeah, all the signs point to CPU profiler. I'll take a look.
Cc: a...@chromium.org loi...@chromium.org
Jun 17, 2013
#3 yurys@chromium.org
@glider: https://codereview.chromium.org/17222004/ replaces OS::ReleaseStore with Release_Store from atomicops.h which should help TSan to undestand the semantics of the operation.

It seems to me that the behavior is expected IsEmpty reads divider_ which is atomic operation and compares it with another pointer. I don't see a problem with that. Would it help to wrap divider_ field access into NoBarrier_Load?


Jun 17, 2013
#4 gli...@chromium.org
The lock-free queue implementation (https://code.google.com/p/chromium/codesearch#chromium/src/v8/src/unbound-queue-inl.h&sq=package:chromium) looked suspicious to me, because there were only OS::ReleaseStore operations, but no OS::AcquireLoad, so I've asked dvyukov@ for help.

He told me that the producer should really do AcquireLoad() on |divider_| in Enqueue(), while the consumer must acquire |last_| in Dequeue(). In this case it'll be fine to make a no-barrier load of |divider_| and |last_| in IsEmpty(), since IsEmpty() isn't used in Enqueue() and Dequeue().

But IsEmpty() is always called before Dequeue(), so it doesn't make much sense to load |last_| twice - Dequeue() can instead be changed to call IsEmpty() and return false in the case the queue is empty.
Jun 20, 2013
#6 gli...@chromium.org
Let us keep the bug open until the V8 revision reaches Chromium.
Status: Started
Oct 10, 2013
#7 yurys@chromium.org
(No comment was entered for this change.)
Status: Fixed
Sign in to add a comment

Powered by Google Project Hosting