ThreadSanitizer (TSan) v. 2

Quick links

Other sites

Except as otherwise noted, the content of this page is licensed under a Creative Commons Attribution 2.5 license, and examples are licensed under the BSD License.

For Developers‎ > ‎Testing and infrastructure‎ > ‎

ThreadSanitizer v2 is a compiler-based version of ThreadSanitizer with a brand new state machine. It is only supported on Linux so far.

GYP_GENERATORS=ninja GYP_DEFINES='tsan=1 linux_use_tcmalloc=0 disable_nacl=1' gclient runhooks

export TSAN_OPTIONS=report_thread_leaks=0 # suppress reports in the host binaries

ninja -C out/Release base_unittests

(TSan calls __libc_malloc and __libc_free from the malloc()/free() interceptors, therefore we have to disable TCMalloc)

# ProcessUtilTest.GetAppOutputRestrictedNoZombies just takes too much time to run.

export G_SLICE=always-malloc

export NSS_DISABLE_ARENA_FREE_LIST=1

export NSS_DISABLE_UNLOAD=1

TSAN_OPTIONS="external_symbolizer_path=third_party/llvm-build/Release+Asserts/bin/llvm-symbolizer suppressions=tools/valgrind/tsan_v2/suppressions.txt report_signal_unsafe=0 report_thread_leaks=0" out/Release/base_unittests --gtest_filter=-ProcessUtilTest.GetAppOutputRestrictedNoZombies --no-sandbox 2>&1 | tee log

TSAN_OPTIONS="atexit_sleep_ms=200 flush_memory_ms=2000 suppressions=tools/valgrind/tsan_v2/suppressions.txt" out/Release/chrome --no-sandbox 2>&1 | tee log

atexit_sleep_ms is 1 second by default. Some tests waiting for child processes may fail with such a big timeout.

Tests with big memory footprint may hang your machine, so you need to flush periodically (flush_memory_ms) and skip heavy tests (like OOM)

flush_memory_ms may lead to false negatives, thus the flushing period should be chosen carefully.

Note: --no-sandbox is essential if you're running Chrome or tests that invoke Chrome (browser_tests, content_browsertests etc.)

Buildbot: http://build.chromium.org/p/chromium.fyi/builders/Chromium%20Linux%20TSan%20v2

LKGR bot building Chromium with TSan: https://commondatastorage.googleapis.com/chromium-browser-tsan/index.html

Reproducing race reports in tests, suppressions and ignores

Before trying to reproduce a race report in a Chromium test, make sure they are not suppressed or ignored.

Suppressions from tools/valgrind/tsan_v2/suppressions.txt are applied at program runtime. If the top frame of the last memory access in the race report matches a line in the suppressions file, TSan does not print that report.

Ignores from tools/valgrind/tsan_v2/ignores.txt are applied at compile time. If the function name matches a "fun:" line in the ignores file, TSan does not instrument that function, effectively ignoring all memory accesses (but not synchronization) in that function. If the source file name matches a "src:" line, every function in that file is ignored. Note that the tests do not depend on ignores.txt, so you need to touch all the affected source files manually before rebuilding (or make a clean build) after any change to ignores.txt.

Comments