Mir

[regression] Nested server segfaults or rapidly logs exceptions when a fullscreen client starts [in mir_presentation_chain_set_dropping_mode ... std::exception::what: Operation not permitted]

Bug #1661508 reported by Daniel van Vugt on 2017-02-03
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mir
Fix Released
Critical
Kevin DuBois
0.26
Fix Released
Critical
Kevin DuBois
mir (Ubuntu)
Critical
Unassigned

Bug Description

Nested server segfaults when a fullscreen client starts

Using Mir 0.26.0 (zesty release):

The client dies:

[2017-02-03 15:05:44.315444] <ERROR> Mesa/NativeSurface: Caught exception at Mir/EGL driver boundary (in advance_buffer): /build/mir-1Sl_GZ/mir-0.26.0+17.04.20170126.3/src/client/no_tls_future-inl.h(76): Throw in function void mir::client::PromiseStateBase<T>::break_promise() [with T = std::shared_ptr<mir::client::MirBuffer>]
Dynamic exception type: boost::exception_detail::error_info_injector<std::runtime_error>
std::exception::what: broken_promise

Because the server died:

Segmentation fault (core dumped)
(gdb) bt
#0 __GI___pthread_mutex_lock (mutex=0x0) at ../nptl/pthread_mutex_lock.c:67
#1 0x00007fcceb7b4003 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirclient.so.9
#2 0x00007fcceb7d1961 in mir_presentation_chain_set_dropping_mode ()
   from /usr/lib/x86_64-linux-gnu/libmirclient.so.9
#3 0x00007fccec0e3a7a in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirserver.so.43
#4 0x00007fccec09fd2d in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirserver.so.43
#5 0x00007fccec09f018 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirserver.so.43
#6 0x00007fccec0e2c79 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirserver.so.43
#7 0x00007fccebcfab2f in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#8 0x00007fcce95326ca in start_thread (arg=0x7fccde2b4700)
    at pthread_create.c:333
#9 0x00007fccec4710ff in clone ()
    at ../sysdeps/unix/sysv/linux/x86_64/clone.S:105

However in development builds the server does not die and just floods the log instead:

[2017-02-03 16:52:44.382460] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 16:52:44.399142] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 16:52:44.415823] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 16:52:44.432504] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

*** WORKAROUND ***
Start your nested server with --nested-passthrough=OFF
Which works on the 0.26.0 release, but not on anything newer because you'll then hit the more recent regression bug 1661521.

Related branches

Changed in mir:
importance: Undecided → Critical
milestone: none → 1.0.0
summary: - Fullscreen clients of nested servers crash on start-up [<ERROR>
- Mesa/NativeSurface: Caught exception at Mir/EGL driver boundary (in
- advance_buffer) ... std::exception::what: broken_promise]
+ Nested server segfaults when a fullscreen client starts
tags: added: nested
description: updated
description: updated
description: updated

The above crash happens with the zesty release binaries, but when I use lp:mir/0.26 I get this instead of a crash:

[2017-02-03 15:31:05.336685] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 15:31:05.337362] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 15:31:05.337433] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

[2017-02-03 15:31:05.338185] <ERROR> mirclient: Caught exception at client library boundary (in mir_presentation_chain_set_dropping_mode): Dynamic exception type: std::system_error
std::exception::what: Operation not permitted

.....

summary: - Nested server segfaults when a fullscreen client starts
+ Nested server segfaults or rapidly logs exceptions in
+ mir_presentation_chain_set_dropping_mode() when a fullscreen client
+ starts
summary: - Nested server segfaults or rapidly logs exceptions in
- mir_presentation_chain_set_dropping_mode() when a fullscreen client
- starts
+ Nested server segfaults or rapidly logs exceptions when a fullscreen
+ client starts [in mir_presentation_chain_set_dropping_mode ...
+ std::exception::what: Operation not permitted]
Changed in mir (Ubuntu):
importance: Undecided → Critical
summary: - Nested server segfaults or rapidly logs exceptions when a fullscreen
- client starts [in mir_presentation_chain_set_dropping_mode ...
- std::exception::what: Operation not permitted]
+ [regression] Nested server segfaults or rapidly logs exceptions when a
+ fullscreen client starts [in mir_presentation_chain_set_dropping_mode
+ ... std::exception::what: Operation not permitted]
tags: added: regression
Daniel van Vugt (vanvugt) wrote :

Bisected somewhat. The flood of exceptions started here:

------------------------------------------------------------
revno: 3982 [merge]
author: Brandon Schaefer <email address hidden>
committer: Cemil Azizoglu <email address hidden>
branch nick: mir
timestamp: Tue 2017-01-24 10:24:25 -0600
message:
  Deprecate mir_wait_for*
------------------------------------------------------------

I can't tell if that's different to the crash in the same function, or if it's just the same exception flood causing a crash in our release binaries...

Changed in mir:
status: New → Triaged
Changed in mir (Ubuntu):
status: New → Triaged
description: updated
Daniel van Vugt (vanvugt) wrote :

As a workaround on zesty (0.26.0) you can use --nested-passthrough=OFF

However that workaround stops being useful in lp:mir and lp:mir/0.26 because it will trigger bug 1661521.

description: updated
Kevin DuBois (kdub) wrote :

yep, was the removal-of waithandle MP. needed some more checks before waiting for interval configuration.

Kevin DuBois (kdub) wrote :

Why this crashes sometimes and other times spams is that wait_for_all() is sometimes called on a nullptr MirWaitHandle. The first thing that fn does is grab a lock. Some libc's seem smart enough to recognize that the memory isn't there and throw system_error, but its pretty conceivable that this could segfault if libc wasn't able to detect the memory issue and throw.

Mir CI Bot (mir-ci-bot) wrote :

Fix committed into lp:mir at revision None, scheduled for release in mir, milestone 1.0.0

Changed in mir:
status: Triaged → Fix Committed
Changed in mir:
assignee: nobody → Kevin DuBois (kdub)
Daniel van Vugt (vanvugt) wrote :

Fix committed to lp:mir/0.26 at revision 4007, scheduled for release in Mir 0.26.1

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mir - 0.26.1+17.04.20170209.1-0ubuntu1

---------------
mir (0.26.1+17.04.20170209.1-0ubuntu1) zesty; urgency=medium

  * New upstream release 0.26.1 (https://launchpad.net/mir/+milestone/0.26.1)
    - ABI summary:
      . mirclient ABI unchanged at 9
      . mirserver ABI unchanged at 43
      . mircommon ABI unchanged at 7
      . mirplatform ABI bumped to 15
      . mirprotobuf ABI unchanged at 3
      . mirplatformgraphics ABI bumped to 12
      . mirclientplatform ABI unchanged at 5
      . mirinputplatform ABI unchanged at 6
      . mircore ABI unchanged at 1
    - Enhancements:
      . Support for MirBuffer API that allows for better management of
        hardware/software buffers.
      . Support for MirPresentationChain API that allows better control
        over {de}queueing of individual buffers {from}to the server.
      . Interim support for MirRenderSurface API that provides a unit of
        renderable for lower level content such as MirBufferStreams and
        MirPresentationChains, etc.. MirRenderSurface API is marked
        deprecated as it (and the relevant entry points) will be renamed to
        MirSurface before general availability. It will initially be used for
        revamping support for EGL drivers.
      . Synchronous version of mir_prompt_session_new_fds_for_prompt_providers()
        API (mir_prompt_session_new_fds_for_prompt_providers_sync()) added for
        convenience.
      . Better name for MirPersistentId-->MirWindowId. MirPersistentId has now
        been deprecated.
    - Bugs fixed:
      . [regression] Unity8 stutters constantly (like half frame rate).
        (LP: #1661128)
      . mir 0.26 - spinner loading animation, minimize, maximize too fast.
        (LP: #1661072)
      . [regression] Nested server segfaults or rapidly logs exceptions when a
        fullscreen client starts [in mir_presentation_chain_set_dropping_mode
        ... std::exception::what: Operation not permitted] (LP: #1661508)
      . mir_window_request_persistent_id_sync seg faults when called twice.
        (LP: #1661704)
      . [regression] Windowed clients of nested servers are all black.
        (LP: #1661521)
      . Mir graphics platform ABI broke in series 0.26 but sonames never
        changed (LP: #1662455)
      . Fixes for 0.26 changelog.
      . [regression] mirscreencast hangs during screencast creation. (LP: #1662997)
      . libmirclient-dev missing build dependency on libmircore-dev. (LP: #1662942)
      . mir_window_spec_set_cursor_name() doesn't trigger
        mir::scene::SurfaceObserver::cursor_image_set_to. (LP: #1663197)
      . [regression] Software clients of nested servers are all black in Mir 0.25.0
        and later. (LP: #1663062)

 -- Cemil Azizoglu <email address hidden> Thu, 09 Feb 2017 21:46:32 +0000

Changed in mir (Ubuntu):
status: Triaged → Fix Released
Changed in mir:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers