Mir

[regression] Nested server segfaults or rapidly logs exceptions when a fullscreen client starts [in mir_presentation_chain_set_dropping_mode ... std::exception::what: Operation not permitted]

Bug #1661508 reported by Daniel van Vugt on 2017-02-03

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
Mir	Fix Released	Critical	Kevin DuBois	Mir 0.27.0
0.26	Fix Released	Critical	Kevin DuBois	Mir 0.26.1
mir (Ubuntu)	Fix Released	Critical	Unassigned

Bug Description

Nested server segfaults when a fullscreen client starts

Using Mir 0.26.0 (zesty release):

The client dies:

[2017-02-03 15:05:44.315444] <ERROR> Mesa/NativeSurface: Caught exception at Mir/EGL driver boundary (in advance_buffer): /build/mir-1Sl_GZ/mir-0.26.0+17.04.20170126.3/src/client/no_tls_future-inl.h(76): Throw in function void mir::client::PromiseStateBase<T>::break_promise() [with T = std::shared_ptr<mir::client::MirBuffer>]
Dynamic exception type: boost::exception_detail::error_info_injector<std::runtime_error>
std::exception::what: broken_promise

Because the server died:

Segmentation fault (core dumped)
(gdb) bt
#0 __GI___pthread_mutex_lock (mutex=0x0) at ../nptl/pthread_mutex_lock.c:67
#1 0x00007fcceb7b4003 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirclient.so.9
#2 0x00007fcceb7d1961 in mir_presentation_chain_set_dropping_mode ()
   from /usr/lib/x86_64-linux-gnu/libmirclient.so.9
#3 0x00007fccec0e3a7a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirserver.so.43
#4 0x00007fccec09fd2d in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirserver.so.43
#5 0x00007fccec09f018 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirserver.so.43
#6 0x00007fccec0e2c79 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirserver.so.43
#7 0x00007fccebcfab2f in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#8 0x00007fcce95326ca in start_thread (arg=0x7fccde2b4700)
    at pthread_create.c:333
#9 0x00007fccec4710ff in clone ()
    at ../sysdeps/unix/sysv/linux/x86_64/clone.S:105

However in development builds the server does not die and just floods the log instead:

[2017-02-03 16:52:44.382460] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 16:52:44.399142] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 16:52:44.415823] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 16:52:44.432504] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

*** WORKAROUND ***
Start your nested server with --nested-passthrough=OFF
Which works on the 0.26.0 release, but not on anything newer because you'll then hit the more recent regression bug 1661521.

See original description

Tags:

Related branches

lp:~kdub/mir/fix-1661508

Merged into lp:mir at revision 4011

Cemil Azizoglu (community): Approve on 2017-02-03

Mir CI Bot: Approve (continuous-integration) on 2017-02-03

lp:~mir-team/mir/0.26-old

Rejected for merging into lp:mir/ubuntu

Michał Sawicz: Disapprove on 2017-06-05

lp:~ci-train-bot/mir/mir-ubuntu-zesty-2435 (Merged)

lp:~ci-train-bot/mir/mir-ubuntu-zesty-2683

lp:~ci-train-bot/mir/mir-ubuntu-xenial-2736

lp:~ci-train-bot/mir/mir-ubuntu-yakkety-2783.1

lp:~ci-train-bot/mir/mir-ubuntu-yakkety-2783

lp:~ci-train-bot/mir/mir-ubuntu-artful-2806

lp:~ci-train-bot/mir/mir-ubuntu-zesty-2818

Daniel van Vugt (vanvugt) on 2017-02-03

Changed in mir:
importance:	Undecided → Critical
milestone:	none → 1.0.0
summary:	- Fullscreen clients of nested servers crash on start-up [<ERROR> - Mesa/NativeSurface: Caught exception at Mir/EGL driver boundary (in - advance_buffer) ... std::exception::what: broken_promise] + Nested server segfaults when a fullscreen client starts
tags:	added: nested
description:	updated
description:	updated

Daniel van Vugt (vanvugt) on 2017-02-03

description:

updated

Revision history for this message

Daniel van Vugt (vanvugt) wrote on 2017-02-03: Re: Nested server segfaults when a fullscreen client starts

The above crash happens with the zesty release binaries, but when I use lp:mir/0.26 I get this instead of a crash:

[2017-02-03 15:31:05.336685] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 15:31:05.337362] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 15:31:05.337433] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 15:31:05.338185] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

.....

summary:

- Nested server segfaults when a fullscreen client starts
+ Nested server segfaults or rapidly logs exceptions in
+ mir_presentation_chain_set_dropping_mode() when a fullscreen client
+ starts

Daniel van Vugt (vanvugt) on 2017-02-03

summary:

- Nested server segfaults or rapidly logs exceptions in
- mir_presentation_chain_set_dropping_mode() when a fullscreen client
- starts
+ Nested server segfaults or rapidly logs exceptions when a fullscreen
+ client starts [in mir_presentation_chain_set_dropping_mode ...
+ std::exception::what: Operation not permitted]

Daniel van Vugt (vanvugt) on 2017-02-03

Changed in mir (Ubuntu):
importance:	Undecided → Critical

Daniel van Vugt (vanvugt) on 2017-02-03

summary:	- Nested server segfaults or rapidly logs exceptions when a fullscreen - client starts [in mir_presentation_chain_set_dropping_mode ... - std::exception::what: Operation not permitted] + [regression] Nested server segfaults or rapidly logs exceptions when a + fullscreen client starts [in mir_presentation_chain_set_dropping_mode + ... std::exception::what: Operation not permitted]
tags:	added: regression

Revision history for this message

Daniel van Vugt (vanvugt) wrote on 2017-02-03:

Bisected somewhat. The flood of exceptions started here:

------------------------------------------------------------
revno: 3982 [merge]
author: Brandon Schaefer <email address hidden>
committer: Cemil Azizoglu <email address hidden>
branch nick: mir
timestamp: Tue 2017-01-24 10:24:25 -0600
message:
Deprecate mir_wait_for*
------------------------------------------------------------

I can't tell if that's different to the crash in the same function, or if it's just the same exception flood causing a crash in our release binaries...

Changed in mir:
status:	New → Triaged
Changed in mir (Ubuntu):
status:	New → Triaged
description:	updated

Revision history for this message

Daniel van Vugt (vanvugt) wrote on 2017-02-03:

As a workaround on zesty (0.26.0) you can use --nested-passthrough=OFF

However that workaround stops being useful in lp:mir and lp:mir/0.26 because it will trigger bug 1661521.

description:

updated

Revision history for this message

Kevin DuBois (kdub) wrote on 2017-02-03:

yep, was the removal-of waithandle MP. needed some more checks before waiting for interval configuration.

Revision history for this message

Kevin DuBois (kdub) wrote on 2017-02-03:

Why this crashes sometimes and other times spams is that wait_for_all() is sometimes called on a nullptr MirWaitHandle. The first thing that fn does is grab a lock. Some libc's seem smart enough to recognize that the memory isn't there and throw system_error, but its pretty conceivable that this could segfault if libc wasn't able to detect the memory issue and throw.

Revision history for this message

Mir CI Bot (mir-ci-bot) wrote on 2017-02-03:

Fix committed into lp:mir at revision None, scheduled for release in mir, milestone 1.0.0

Changed in mir:
status:	Triaged → Fix Committed

Daniel van Vugt (vanvugt) on 2017-02-04

Changed in mir:
assignee:	nobody → Kevin DuBois (kdub)

Revision history for this message

Daniel van Vugt (vanvugt) wrote on 2017-02-04:

Fix committed to lp:mir/0.26 at revision 4007, scheduled for release in Mir 0.26.1

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-02-16:

This bug was fixed in the package mir - 0.26.1+17.04.20170209.1-0ubuntu1

---------------
mir (0.26.1+17.04.20170209.1-0ubuntu1) zesty; urgency=medium

  * New upstream release 0.26.1 (https://launchpad.net/mir/+milestone/0.26.1)
    - ABI summary:
      . mirclient ABI unchanged at 9
      . mirserver ABI unchanged at 43
      . mircommon ABI unchanged at 7
      . mirplatform ABI bumped to 15
      . mirprotobuf ABI unchanged at 3
      . mirplatformgraphics ABI bumped to 12
      . mirclientplatform ABI unchanged at 5
      . mirinputplatform ABI unchanged at 6
      . mircore ABI unchanged at 1
    - Enhancements:
      . Support for MirBuffer API that allows for better management of
        hardware/software buffers.
      . Support for MirPresentationChain API that allows better control
        over {de}queueing of individual buffers {from}to the server.
      . Interim support for MirRenderSurface API that provides a unit of
        renderable for lower level content such as MirBufferStreams and
        MirPresentationChains, etc.. MirRenderSurface API is marked
        deprecated as it (and the relevant entry points) will be renamed to
        MirSurface before general availability. It will initially be used for
        revamping support for EGL drivers.
      . Synchronous version of mir_prompt_session_new_fds_for_prompt_providers()
        API (mir_prompt_session_new_fds_for_prompt_providers_sync()) added for
        convenience.
      . Better name for MirPersistentId-->MirWindowId. MirPersistentId has now
        been deprecated.
    - Bugs fixed:
      . [regression] Unity8 stutters constantly (like half frame rate).
        (LP: #1661128)
      . mir 0.26 - spinner loading animation, minimize, maximize too fast.
        (LP: #1661072)
      . [regression] Nested server segfaults or rapidly logs exceptions when a
        fullscreen client starts [in mir_presentation_chain_set_dropping_mode
        ... std::exception::what: Operation not permitted] (LP: #1661508)
      . mir_window_request_persistent_id_sync seg faults when called twice.
        (LP: #1661704)
      . [regression] Windowed clients of nested servers are all black.
        (LP: #1661521)
      . Mir graphics platform ABI broke in series 0.26 but sonames never
        changed (LP: #1662455)
      . Fixes for 0.26 changelog.
      . [regression] mirscreencast hangs during screencast creation. (LP: #1662997)
      . libmirclient-dev missing build dependency on libmircore-dev. (LP: #1662942)
      . mir_window_spec_set_cursor_name() doesn't trigger
        mir::scene::SurfaceObserver::cursor_image_set_to. (LP: #1663197)
      . [regression] Software clients of nested servers are all black in Mir 0.25.0
        and later. (LP: #1663062)

-- Cemil Azizoglu <email address hidden> Thu, 09 Feb 2017 21:46:32 +0000

This bug was fixed in the package mir - 0.26.1+17.04.20170209.1-0ubuntu1

---------------
mir (0.26.1+17.04.20170209.1-0ubuntu1) zesty; urgency=medium

-- Cemil Azizoglu <cemil.azizoglu@canonical.com>  Thu, 09 Feb 2017 21:46:32 +0000

Changed in mir (Ubuntu):
status:	Triaged → Fix Released

Daniel van Vugt (vanvugt) on 2017-07-11

Changed in mir:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.