Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sized delete called with incorrect size #181

Open
SrivastavaAnubhav opened this issue Jun 1, 2023 · 0 comments
Open

Sized delete called with incorrect size #181

SrivastavaAnubhav opened this issue Jun 1, 2023 · 0 comments

Comments

@SrivastavaAnubhav
Copy link

I have a program which does some basic enqueues and dequeues, and noticed that when I run with google/TCMalloc I get the following error:

size check failed 1152 32 3

This indicates that there was a call to a sized delete with size 32 bytes (rounded up to the nearest size class I believe), when the pointer returned by allocate pointed to memory of size 1152 bytes. I think it's likely that the allocated pointer was cast to a base class somewhere, and then deleted (I've verified that doing this causes the same tcmalloc error). This is not allowed link:

Deallocates the storage referenced by the pointer p, which must be a pointer obtained by an earlier call to allocate()

I was unable to figure out if the bad cast was in the hazard pointer code or the segmented queue code, but here is a stack trace that might be helpful:

tcmalloc/tcmalloc.cc:917] size check failed 1152 32 3
tcmalloc/tcmalloc.cc:804] CorrectSize(ptr, size, align) @ 0x40f14c 0x7ffff77901c2 0x414998 0x4149ff 0x7ffff6402ba3
*** Aborted at 1685643512 (unix time) try "date -d @1685643512" if you are using GNU date ***
PC: @                0x0 (unknown)
*** SIGABRT (@0x88900007eeb) received by PID 32491 (TID 0x7fff702c8700) from PID 32491; stack trace: ***
    @     0x7ffff7e32667 google::(anonymous namespace)::FailureSignalHandler()
    @     0x7ffff5b98cf0 (unknown)
    @     0x7ffff580caff __GI_raise
    @     0x7ffff57dfea5 __GI_abort
    @           0x40b1de _ZN8tcmalloc17tcmalloc_internal5CrashENS0_9CrashModeEPKciNS0_7LogItemES4_S4_S4_S4_S4_.cold
    @           0x4918bf TCMallocInternalDeleteArraySized
    @           0x40f14c _ZZN3cds2gc2HP6retireINS_9intrusive14SegmentedQueueIS1_lNS_9container7details20make_segmented_queueIS1_lNS5_15segmented_queue6traitsEE21intrusive_type_traitsEE12segment_list16segment_disposerENSC_7segmentEEEvPT0_ENUlPvE_4_FUNESI_
    @     0x7ffff77901c2 cds::gc::hp::smr::inplace_scan()
    @           0x414998 _ZZN2yb22QueuePerformanceHelper11DoTestQueueIN3cds9container14SegmentedQueueINS2_2gc2HPElNS3_15segmented_queue6traitsEEEJEEEvRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEPT_ENKUlvE_clEv
    @           0x4149ff _ZNSt6thread11_State_implINS_8_InvokerISt5tupleIJZN2yb22QueuePerformanceHelper11DoTestQueueIN3cds9container14SegmentedQueueINS6_2gc2HPElNS7_15segmented_queue6traitsEEEJEEEvRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEPT_EUlvE_EEEEE6_M_runEv
    @     0x7ffff6402ba3 (unknown)
    @     0x7ffff5b8e1cf start_thread
    @     0x7ffff57f7e73 __GI___clone
    @                0x0 (unknown)

This isn't an issue in BasketQueue, MoirQueue, FCQueue, OptimisticQueue, MSQueue, RWQueue, or VyukovMPMCCycleQueue.
SrivastavaAnubhav added a commit to yugabyte/yugabyte-db that referenced this issue Aug 17, 2023
@SrivastavaAnubhav
[#16813] docdb: Remove SegmentedQueue from LockfreeTest.QueuePerformance
b3a0f9b 
Summary:
This test was meant to measure the performance of various lockfree queues in libcds. It seems that SegmentedQueue calls `delete` with a size on gcc11, but the size does not match what was allocated. This causes tcmalloc to segfault with the following error:
```
size check failed 160 32 3
```
This queue is not used anywhere else in our code, so it should be fine to remove it from this test. I also opened an issue with libcds here: khizmax/libcds#181.
Jira: DB-6160

Test Plan: `ybd --gcc11 --cxx_test lockfree-test --gtest_filter="LockfreeTest.QueuePerformance"`

Reviewers: sergei

Reviewed By: sergei

Subscribers: yql, ybase

Differential Revision: https://phorge.dev.yugabyte.com/D27843
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SrivastavaAnubhav