I am currently checking the inplementation of coroutine of a certain web server, when using address sanitizer, the project kept giving me output such as :
==66911==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x5622e7c41f26 bp 0x7ff107851ee0 sp 0x7ff107851eb0 T0)
==66911==The signal is caused by a READ memory access.
==66911==Hint: this fault was caused by a dereference of a high value address (see register values below). Dissassemble the provided pc to learn which register was used.
==66912==WARNING: ASan is ignoring requested __asan_handle_no_return: stack type: default top: 0x7ffce0bdc000; bottom 0x7ff107850000; size: 0x000bd938c000 (50889015296)
False positive error reports may follow
For details see https://github.com/google/sanitizers/issues/189
#0 0x5622e7c41f26 in add_to_timer_node src/coro/sched.c:124
#1 0x5622e7c41f26 in move_to_inactive_tree src/coro/sched.c:159
#2 0x5622e7c41f26 in schedule_timeout src/coro/sched.c:345
#3 0x5622e7c44adc in worker_accept_cycle src/process.c:170
#4 0x5622e7c4160d in coro_routine_proxy src/coro/sched.c:321
#5 0x5622e7c413c0 (/home/joshua/linux2023/cserv/cserv+0xef3c0)
the corresponding code as follow:
// sched.c
static void add_to_timer_node(struct timer_node *tm_node,
struct coroutine *coro)
{
struct rb_node **newer = &tm_node->root.rb_node, *parent = NULL;
while (*newer) {
struct coroutine *each = container_of(*newer, struct coroutine, node);
* int result = coro->coro_id - each->coro_id; // this line causes error
parent = *newer;
newer = (result < 0) ? &(*newer)->rb_left : &(*newer)->rb_right;
}
rb_link_node(&coro->node, parent, newer);
rb_insert_color(&coro->node, &tm_node->root);
}
I don't understand in what way can a program access rbTree causing race condition(or other problem)
I tried putting spin lock to the line, but it doesn't help