Mir

Race between MirConnection::released() and MirConnection::~MirConnection() causes deadlocks, possible crashes and memory corruption

Bug #1653658 reported by Daniel van Vugt on 2017-01-03
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mir
Fix Released
Critical
Daniel van Vugt
mir (Ubuntu)
Undecided
Unassigned

Bug Description

Race between MirConnection::released() and MirConnection::~MirConnection() causes deadlocks, possible crashes and memory corruption.

This is happening reliably only in one of my branches on krillin, where the thread calling released() is deadlocked trying to use internal locking primitives that another thread calling ~MirConnection is in the process of destructing.

It appears this is a known problem already judging by this comment:

MirConnection::~MirConnection() noexcept
{
    // We don't die while if are pending callbacks (as they touch this).
    // But, if after 500ms we don't get a call, assume it won't happen.
    connect_wait_handle.wait_for_pending(std::chrono::milliseconds(500));

    std::lock_guard<decltype(mutex)> lock(mutex);
    surface_map.reset();

Although that code only waits for connections and doesn't bother to wait for releases which are the problem here.

Related branches

Changed in mir:
milestone: none → 0.26.0
Changed in mir:
assignee: nobody → Daniel van Vugt (vanvugt)
status: New → In Progress
Mir CI Bot (mir-ci-bot) wrote :

Fix committed into lp:mir at revision None, scheduled for release in mir, milestone 0.26.0

Changed in mir:
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (7.2 KiB)

This bug was fixed in the package mir - 0.26.0+17.04.20170126.3-0ubuntu1

---------------
mir (0.26.0+17.04.20170126.3-0ubuntu1) zesty; urgency=medium

  [ Daniel van Vugt ]
  * New upstream release 0.26.0 (https://launchpad.net/mir/+milestone/0.26.0)
    - ABI summary:
      . mirclient ABI unchanged at 9
      . mirserver ABI bumped to 43
      . mircommon ABI unchanged at 7
      . mirplatform ABI unchanged at 14
      . mirprotobuf ABI unchanged at 3
      . mirplatformgraphics ABI unchanged at 11
      . mirclientplatform ABI unchanged at 5
      . mirinputplatform ABI unchanged at 6
      . mircore ABI unchanged at 1
    - Enhancements:
      . New/improved toolkit APIs: MirInputConfig and related functions,
        MirWindow and related functions, DisplayConfig and related functions,
        MirScreencastSpec and related functions,
      . Support for configuring input configuration
      . Introduce toolkit extension mechanism for platform specific APIs.
      . Toolkit extensions for: mesa_drm_auth, set_gbm_device and
        window_coordinate_translation
      . Screencasting to a specific MirBuffer.
      . Add DisplayConfigurationController::base_configuration() so downstreams
        can get the base configuration. (Weirdly they can already set it.).
      . x11 platform: allow adjustable scale parameter.
      . Added EDID support: client API, server logging and in mirout.
      . mirout: Add newer attributes only available in the new display
        config API: scaling factor, subpixel arrangement and form factor.
      . mirout: Log the orientation and logical size of each output too.
      . Replace the mir::Server-overridable Reports with Observers.
      . Add xkbcommon to mirclient.pc Requires.private.
      . Deprecate legacy toolkit APIs that will be removed in Mir 1.0
      . Introduced 'client-side vsync', which dramatically reduces latency
        from the client to the screen (particularly for nested servers like
        Unity8).
    - Bugs fixed:
      . [performance] Restore support for better-than-triple buffering by
        default. (LP: #1240909)
      . Frame rate is artificially low on Diamondville Intel Atom systems due
        to aggressive power management (LP: #1388490)
      . [testsfail] failure in CI in
        AndroidInputReceiverSetup.slow_raw_input_doesnt_cause_frameskipping
        (LP: #1394369)
      . [trusted prompt sessions] Can't open two prompt sessions at the same
        time (LP: #1494197)
      . Changing scale, formFactor or DPI in display configuration causes
        renderer teardown/recreate unnecessarily (LP: #1556142)
      . [testsfail] ApplicationNotRespondingDetection.failure_to_pong_is_
        noticed (LP: #1570327)
      . CI failure in TestClientInput.receives_one_touch_event_per_frame
        (LP: #1570698)
      . Mir-on-X mouse input is jerky/stuttery compared to Mir-on-KMS
        (LP: #1576600)
      . [regression] Two fingers in mir_proving_server now resizes/moves app
        windows (two finger apps unusable) (LP: #1586311)
      . Pointer/cursor input lag in unity8 session (LP: #1591328)
      . PointerConfinement.test_we_update_our_confined_region_on_a_resize
      ...

Read more...

Changed in mir (Ubuntu):
status: New → Fix Released
Changed in mir:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers