After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 778096 - race in gdbusconnection reported by TSan
race in gdbusconnection reported by TSan
Status: RESOLVED FIXED
Product: glib
Classification: Platform
Component: gdbus
2.50.x
Other Linux
: Normal normal
: ---
Assigned To: gtkdev
gtkdev
Depends on:
Blocks:
 
 
Reported: 2017-02-02 19:23 UTC by Fabrice Bellet
Modified: 2017-02-05 16:17 UTC
See Also:
GNOME target: ---
GNOME version: ---


Attachments
ThreadSanitizer: data race glib-2-50/gio/gdbusconnection.c:3469 in g_dbus_connection_signal_subscribe (14.22 KB, text/plain)
2017-02-02 19:23 UTC, Fabrice Bellet
  Details
use atomic functions to increment _global_subscriber_id (635 bytes, patch)
2017-02-02 20:42 UTC, Fabrice Bellet
none Details | Review
gdbus: make gdbusconnection ids thread-safe (3.15 KB, patch)
2017-02-03 16:59 UTC, Fabrice Bellet
committed Details | Review

Description Fabrice Bellet 2017-02-02 19:23:35 UTC
Created attachment 344806 [details]
ThreadSanitizer: data race glib-2-50/gio/gdbusconnection.c:3469 in g_dbus_connection_signal_subscribe

This case reported by the ThreadSanitizer suggests an atomic access to the _global_subscriber_id counter.
Comment 1 Fabrice Bellet 2017-02-02 20:42:44 UTC
Created attachment 344812 [details] [review]
use atomic functions to increment _global_subscriber_id
Comment 2 Philip Withnall 2017-02-03 00:23:17 UTC
Review of attachment 344812 [details] [review]:

I would also mark the declaration of _global_subscriber_id as volatile to indicate it should be accessed atomically; or add a comment there or something.

The same change needs to be made to _global_registration_id and _global_subtree_registration_id, as they’re also both accessed by functions which are only locked under a single GDBusConnection’s lock.

::: gio/gdbusconnection.c
@@ +3467,3 @@
   subscriber.user_data = user_data;
   subscriber.user_data_free_func = user_data_free_func;
+  subscriber.id = g_atomic_int_add (&_global_subscriber_id, 1); /* TODO: overflow etc. */

Could use g_atomic_int_inc() instead to make things a little simpler. It would be good to fix the overflow handling in a separate patch.
Comment 3 Philip Withnall 2017-02-03 00:24:19 UTC
(In reply to Philip Withnall from comment #2)
> Review of attachment 344812 [details] [review] [review]:
> 
> I would also mark the declaration of _global_subscriber_id as volatile to
> indicate it should be accessed atomically; or add a comment there or
> something.
> 
> The same change needs to be made to _global_registration_id and
> _global_subtree_registration_id, as they’re also both accessed by functions
> which are only locked under a single GDBusConnection’s lock.

And _global_filter_id.
Comment 4 Philip Withnall 2017-02-03 09:53:47 UTC
(In reply to Philip Withnall from comment #2)
> ::: gio/gdbusconnection.c
> @@ +3467,3 @@
>    subscriber.user_data = user_data;
>    subscriber.user_data_free_func = user_data_free_func;
> +  subscriber.id = g_atomic_int_add (&_global_subscriber_id, 1); /* TODO:
> overflow etc. */
> 
> Could use g_atomic_int_inc() instead to make things a little simpler.

Whoops, no, that doesn’t return a value.
Comment 5 Fabrice Bellet 2017-02-03 16:59:13 UTC
Created attachment 344874 [details] [review]
gdbus: make gdbusconnection ids thread-safe
Comment 6 Philip Withnall 2017-02-04 00:23:10 UTC
Review of attachment 344874 [details] [review]:

Looks reasonable to me (though note I don’t have the authority to ack GLib patches to be pushed). Are you going to do a patch to sort out the overflow handling as well?
Comment 7 Philip Withnall 2017-02-05 13:24:39 UTC
Allison says this is good. I’ll push it shortly.
Comment 8 Philip Withnall 2017-02-05 13:26:07 UTC
Pushed, thanks.

Attachment 344874 [details] pushed as b1f1414 - gdbus: make gdbusconnection ids thread-safe
Comment 9 Fabrice Bellet 2017-02-05 16:17:36 UTC
(In reply to Philip Withnall from comment #6)
> Are you going to do a patch to sort out the overflow
> handling as well?

I think I am not. guint are 4 bytes on current architectures, so the risk of an overflow seems very low to me. A program incrementing the counter 10 times per seconds, should run for more than 13 years before reaching to max uint value.