Loading...

Details

Type: Bug
Resolution: Done
Priority: P3: Somewhat important
Fix Version/s: 5.3.1
Affects Version/s: 5.3.0
Component/s: D-Bus
Labels:
None
Environment:

Hide
Linux, clang-3.3

Qt configured with
CXXFLAGS="-fsanitize=thread -std=c++11" LDFLAGS="-fsanitize=thread" CFLAGS="-fsanitize=thread" ../configure -platform linux-clang -c++11 -developer-build -opensource -confirm-license

#define QT_LINUX_FUTEX commented out in qmutex_p.h

Show
Linux, clang-3.3 Qt configured with CXXFLAGS="-fsanitize=thread -std=c++11" LDFLAGS="-fsanitize=thread" CFLAGS="-fsanitize=thread" ../configure -platform linux-clang -c++11 -developer-build -opensource -confirm-license #define QT_LINUX_FUTEX commented out in qmutex_p.h

Description

void QDBusConnectionPrivate::registerServiceNoLock(const QString &serviceName)
{
    serviceNames.append(serviceName);
}

(in the main thread) races with

bool QDBusConnectionPrivate::isServiceRegisteredByThread(const QString &serviceName) const
{
    if (!serviceName.isEmpty() && serviceName == baseService)
        return true;
    QStringList copy = serviceNames;
    return copy.contains(serviceName);
}

(in a secondary thread)

This code (the faulty "NoLock" slot) was introduced by 5e257bd44fa4a76f4c2c573a6c5623802022ff18.

WARNING: ThreadSanitizer: data race (pid=14622)
  Write of size 8 at 0x7d44000097e0 by thread T9:
    #0 QListData::detach_grow(int*, int) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/tools/qlist.cpp:112 (libQt5Core.so.5+0x0000002f2ea6)
    #1 QList<QString>::detach_helper_grow(int, int) /s/qt/5/kdab/qt5-clang/build/qtbase/src/dbus/../../include/QtCore/../../../../qtbase/src/corelib/tools/qlist.h:689 (libQt5DBus.so.5+0x00000006178d)
    #2 QList<QString>::append(QString const&) /s/qt/5/kdab/qt5-clang/build/qtbase/src/dbus/../../include/QtCore/../../../../qtbase/src/corelib/tools/qlist.h:520 (libQt5DBus.so.5+0x0000000512be)
    #3 QDBusConnectionPrivate::registerServiceNoLock(QString const&) /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusintegrator.cpp:2477 (libQt5DBus.so.5+0x000000047487)
    #4 QDBusConnectionPrivate::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /s/qt/5/kdab/qt5-clang/build/qtbase/src/dbus/.moc/moc_qdbusconnection_p.cpp:135 (libQt5DBus.so.5+0x000000112f4a)
    #5 QDBusConnectionPrivate::qt_metacall(QMetaObject::Call, int, void**) /s/qt/5/kdab/qt5-clang/build/qtbase/src/dbus/.moc/moc_qdbusconnection_p.cpp:202 (libQt5DBus.so.5+0x000000113bd2)
    #6 QDBusConnectionPrivate::deliverCall(QObject*, int, QDBusMessage const&, QVector<int> const&, int) /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusintegrator.cpp:991 (libQt5DBus.so.5+0x00000002fee2)
    #7 QDBusConnectionPrivate::activateSignal(QDBusConnectionPrivate::SignalHook const&, QDBusMessage const&) /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusintegrator.cpp:813 (libQt5DBus.so.5+0x00000002f0dc)
    #8 QDBusConnectionPrivate::handleSignal(QString const&, QDBusMessage const&) /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusintegrator.cpp:1634 (libQt5DBus.so.5+0x00000003ba6b)
    #9 QDBusConnectionPrivate::handleSignal(QDBusMessage const&) /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusintegrator.cpp:1653 (libQt5DBus.so.5+0x00000002e1a8)
    #10 QDBusConnectionPrivate::handleMessage(QDBusMessage const&) /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusintegrator.cpp:578 (libQt5DBus.so.5+0x00000002df87)
    #11 qDBusSignalFilter(DBusConnection*, DBusMessage*, void*) /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusintegrator.cpp:559 (libQt5DBus.so.5+0x00000003f23f)
    #12 dbus_connection_dispatch /usr/src/debug/dbus-1.7.4/dbus/dbus-connection.c:4652 (libdbus-1.so.3+0x0000000108e5)
    #13 QDBusConnectionPrivate::doDispatch() /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusintegrator.cpp:1178 (libQt5DBus.so.5+0x00000003377a)
    #14 QDBusConnectionPrivate::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /s/qt/5/kdab/qt5-clang/build/qtbase/src/dbus/.moc/moc_qdbusconnection_p.cpp:129 (libQt5DBus.so.5+0x000000112b25)
    #15 QMetaCallEvent::placeMetaCall(QObject*) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qobject.cpp:489 (libQt5Core.so.5+0x000000833978)
    #16 QObject::event(QEvent*) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qobject.cpp:1249 (libQt5Core.so.5+0x000000837e6e)
    #17 QCoreApplicationPrivate::notify_helper(QObject*, QEvent*) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qcoreapplication.cpp:1057 (libQt5Core.so.5+0x000000776582)
    #18 QCoreApplication::notify(QObject*, QEvent*) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qcoreapplication.cpp:1002 (libQt5Core.so.5+0x0000007763cd)
    #19 QCoreApplication::notifyInternal(QObject*, QEvent*) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qcoreapplication.cpp:940 (libQt5Core.so.5+0x00000077611e)
    #20 QCoreApplication::sendEvent(QObject*, QEvent*) /s/qt/5/kdab/qt5-clang/build/qtbase/src/corelib/../../include/QtCore/../../../../qtbase/src/corelib/kernel/qcoreapplication.h:237 (libQt5Core.so.5+0x0000007806fa)
    #21 QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qcoreapplication.cpp:1544 (libQt5Core.so.5+0x0000007791f7)
    #22 QCoreApplication::sendPostedEvents(QObject*, int) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qcoreapplication.cpp:1402 (libQt5Core.so.5+0x0000007775f4)
    #23 postEventSourceDispatch(_GSource*, int (*)(void*), void*) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qeventdispatcher_glib.cpp:279 (libQt5Core.so.5+0x0000008ef9e8)
    #24 g_main_dispatch /usr/src/debug/glib-2.38.2/glib/gmain.c:3066 (libglib-2.0.so.0+0x00000004b315)
    #25 QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qeventloop.cpp:136 (libQt5Core.so.5+0x00000076ca36)
    #26 QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qeventloop.cpp:212 (libQt5Core.so.5+0x00000076cecd)
    #27 QThread::exec() /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/thread/qthread.cpp:511 (libQt5Core.so.5+0x00000010dfcf)
    #28 tst_QDBusThreading::callbackInMainThread_thread() /d/qt/5/kdab/qt5-clang/qtbase/tests/auto/dbus/qdbusthreading/tst_qdbusthreading.cpp:514 (exe+0x000000052052)
    #29 tst_QDBusThreading::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /d/qt/5/kdab/qt5-clang/build/qtbase/tests/auto/dbus/qdbusthreading/.moc/tst_qdbusthreading.moc:244 (exe+0x000000053e7d)
    #30 QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qmetaobject.cpp:2169 (libQt5Core.so.5+0x000000797476)
    #31 QMetaObject::invokeMethod(QObject*, char const*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qmetaobject.cpp:1463 (libQt5Core.so.5+0x000000796585)
    #32 QMetaObject::invokeMethod(QObject*, char const*, Qt::ConnectionType, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) /d/qt/5/kdab/qt5-clang/build/qtbase/tests/auto/dbus/qdbusthreading/../../../../include/QtCore/../../../../qtbase/src/corelib/kernel/qobjectdefs.h:398 (exe+0x000000056095)
    #33 Thread::run() /d/qt/5/kdab/qt5-clang/qtbase/tests/auto/dbus/qdbusthreading/tst_qdbusthreading.cpp:200 (exe+0x00000004a749)
    #34 QThreadPrivate::start(void*) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/thread/qthread_unix.cpp:345 (libQt5Core.so.5+0x0000001247c3)

  Previous read of size 8 at 0x7d44000097e0 by main thread:
    #0 QList /s/qt/5/kdab/qt5-clang/build/qtbase/src/dbus/../../include/QtCore/../../../../qtbase/src/corelib/tools/qlist.h:741 (libQt5DBus.so.5+0x00000002a58e)
    #1 QStringList /s/qt/5/kdab/qt5-clang/build/qtbase/src/dbus/../../include/QtCore/../../../../qtbase/src/corelib/tools/qstringlist.h:61 (libQt5DBus.so.5+0x00000002a503)
    #2 QStringList /s/qt/5/kdab/qt5-clang/build/qtbase/src/dbus/../../include/QtCore/../../../../qtbase/src/corelib/tools/qstringlist.h:61 (libQt5DBus.so.5+0x00000002a2a0)
    #3 QDBusConnectionPrivate::isServiceRegisteredByThread(QString const&) const /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusintegrator.cpp:2495 (libQt5DBus.so.5+0x000000041bee)
    #4 QDBusConnectionPrivate::sendWithReplyAsync(QDBusMessage const&, QObject*, char const*, char const*, int) /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusintegrator.cpp:2036 (libQt5DBus.so.5+0x00000004254a)
    #5 QDBusConnection::callWithCallback(QDBusMessage const&, QObject*, char const*, char const*, int) const /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusconnection.cpp:523 (libQt5DBus.so.5+0x000000016576)
    #6 QDBusAbstractInterface::callWithCallback(QString const&, QList<QVariant> const&, QObject*, char const*, char const*) /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusabstractinterface.cpp:560 (libQt5DBus.so.5+0x00000007ca03)
    #7 QDBusAbstractInterface::callWithCallback(QString const&, QList<QVariant> const&, QObject*, char const*) /d/qt/5/kdab/qt5-clang/qtbase/src/dbus/qdbusabstractinterface.cpp:590 (libQt5DBus.so.5+0x00000007cb8d)
    #8 tst_QDBusThreading::callbackInMainThread() /d/qt/5/kdab/qt5-clang/qtbase/tests/auto/dbus/qdbusthreading/tst_qdbusthreading.cpp:527 (exe+0x0000000522c5)
 #9 tst_QDBusThreading::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /d/qt/5/kdab/qt5-clang/build/qtbase/tests/auto/dbus/qdbusthreading/.moc/tst_qdbusthreading.moc:256 (exe+0x000000053fb5)
    #10 QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qmetaobject.cpp:2169 (libQt5Core.so.5+0x000000797476)
    #11 QMetaObject::invokeMethod(QObject*, char const*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qmetaobject.cpp:1463 (libQt5Core.so.5+0x000000796585)
    #12 QMetaObject::invokeMethod(QObject*, char const*, Qt::ConnectionType, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) /s/qt/5/kdab/qt5-clang/build/qtbase/src/testlib/../../include/QtCore/../../../../qtbase/src/corelib/kernel/qobjectdefs.h:398 (libQt5Test.so.5+0x0000000271f5)
    #13 QTest::qInvokeTestMethodDataEntry(char*) /d/qt/5/kdab/qt5-clang/qtbase/src/testlib/qtestcase.cpp:1889 (libQt5Test.so.5+0x000000018969)
    #14 QTest::qInvokeTestMethod(char const*, char const*) /d/qt/5/kdab/qt5-clang/qtbase/src/testlib/qtestcase.cpp:2015 (libQt5Test.so.5+0x000000017f32)
    #15 QTest::qInvokeTestMethods(QObject*) /d/qt/5/kdab/qt5-clang/qtbase/src/testlib/qtestcase.cpp:2242 (libQt5Test.so.5+0x000000012d6f)
    #16 QTest::qExec(QObject*, int, char**) /d/qt/5/kdab/qt5-clang/qtbase/src/testlib/qtestcase.cpp:2475 (libQt5Test.so.5+0x0000000122dd)
    #17 main /d/qt/5/kdab/qt5-clang/qtbase/tests/auto/dbus/qdbusthreading/tst_qdbusthreading.cpp:612 (exe+0x000000053739)

  Location is heap block of size 264 at 0x7d4400009740 allocated by thread T9:
    #0 malloc /home/abuild/rpmbuild/BUILD/llvm-3.3/projects/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc:421 (exe+0x000000010a96)
    #1 <null> <null>:0 (libstdc++.so.6+0x000000063ebc)
    #2 tst_QDBusThreading::callbackInMainThread_thread() /d/qt/5/kdab/qt5-clang/qtbase/tests/auto/dbus/qdbusthreading/tst_qdbusthreading.cpp:511 (exe+0x00000005201c)
    #3 tst_QDBusThreading::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /d/qt/5/kdab/qt5-clang/build/qtbase/tests/auto/dbus/qdbusthreading/.moc/tst_qdbusthreading.moc:244 (exe+0x000000053e7d)
    #4 QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qmetaobject.cpp:2169 (libQt5Core.so.5+0x000000797476)
    #5 QMetaObject::invokeMethod(QObject*, char const*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qmetaobject.cpp:1463 (libQt5Core.so.5+0x000000796585)
    #6 QMetaObject::invokeMethod(QObject*, char const*, Qt::ConnectionType, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) /d/qt/5/kdab/qt5-clang/build/qtbase/tests/auto/dbus/qdbusthreading/../../../../include/QtCore/../../../../qtbase/src/corelib/kernel/qobjectdefs.h:398 (exe+0x000000056095)
    #7 Thread::run() /d/qt/5/kdab/qt5-clang/qtbase/tests/auto/dbus/qdbusthreading/tst_qdbusthreading.cpp:200 (exe+0x00000004a749)
    #8 QThreadPrivate::start(void*) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/thread/qthread_unix.cpp:345 (libQt5Core.so.5+0x0000001247c3)

  Thread T9 'Aux thread 9' (tid=14632, running) created by main thread at:
    #0 pthread_create /home/abuild/rpmbuild/BUILD/llvm-3.3/projects/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc:812 (exe+0x000000013f70)
    #1 QThread::start(QThread::Priority) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/thread/qthread_unix.cpp:624 (libQt5Core.so.5+0x000000125d73)
    #2 Thread /d/qt/5/kdab/qt5-clang/qtbase/tests/auto/dbus/qdbusthreading/tst_qdbusthreading.cpp:192 (exe+0x00000004a383)
    #3 tst_QDBusThreading::callbackInMainThread() /d/qt/5/kdab/qt5-clang/qtbase/tests/auto/dbus/qdbusthreading/tst_qdbusthreading.cpp:520 (exe+0x0000000521bd)
    #4 tst_QDBusThreading::qt_static_metacall(QObject*, QMetaObject::Call, int, void**) /d/qt/5/kdab/qt5-clang/build/qtbase/tests/auto/dbus/qdbusthreading/.moc/tst_qdbusthreading.moc:256 (exe+0x000000053fb5)
    #5 QMetaMethod::invoke(QObject*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) const /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qmetaobject.cpp:2169 (libQt5Core.so.5+0x000000797476)
    #6 QMetaObject::invokeMethod(QObject*, char const*, Qt::ConnectionType, QGenericReturnArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/kernel/qmetaobject.cpp:1463 (libQt5Core.so.5+0x000000796585)
    #7 QMetaObject::invokeMethod(QObject*, char const*, Qt::ConnectionType, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument, QGenericArgument) /s/qt/5/kdab/qt5-clang/build/qtbase/src/testlib/../../include/QtCore/../../../../qtbase/src/corelib/kernel/qobjectdefs.h:398 (libQt5Test.so.5+0x0000000271f5)
    #8 QTest::qInvokeTestMethodDataEntry(char*) /d/qt/5/kdab/qt5-clang/qtbase/src/testlib/qtestcase.cpp:1889 (libQt5Test.so.5+0x000000018969)
    #9 QTest::qInvokeTestMethod(char const*, char const*) /d/qt/5/kdab/qt5-clang/qtbase/src/testlib/qtestcase.cpp:2015 (libQt5Test.so.5+0x000000017f32)
    #10 QTest::qInvokeTestMethods(QObject*) /d/qt/5/kdab/qt5-clang/qtbase/src/testlib/qtestcase.cpp:2242 (libQt5Test.so.5+0x000000012d6f)
    #11 QTest::qExec(QObject*, int, char**) /d/qt/5/kdab/qt5-clang/qtbase/src/testlib/qtestcase.cpp:2475 (libQt5Test.so.5+0x0000000122dd)
    #12 main /d/qt/5/kdab/qt5-clang/qtbase/tests/auto/dbus/qdbusthreading/tst_qdbusthreading.cpp:612 (exe+0x000000053739)

SUMMARY: ThreadSanitizer: data race /d/qt/5/kdab/qt5-clang/qtbase/src/corelib/tools/qlist.cpp:112 QListData::detach_grow(int*, int)
==================
PASS   : tst_QDBusThreading::callbackInMainThread()

Attachments

Issue Links

relates to

QTBUG-39528 QDBusConnection::sessionBus() is not threadsafe

Closed

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

For Gerrit Dashboard: QTBUG-39285
#	Subject	Branch	Project	Status	CR	V
87074,2	Fix data race in accessing QDBusConnectionPrivate::serviceNames	5.3	qt/qtbase	Status: MERGED	+2	0

QDBusConnectionPrivate: data race on serviceNames list

Details

Description

Attachments

Issue Links

Gerrit Reviews

Activity

People

Dates

Gerrit Reviews