Firefox hang on start because ibus calls g_object_new inside a class_init function

Bug #1179554 reported by Chris Coulson on 2013-05-13
40
This bug affects 9 people
Affects Status Importance Assigned to Milestone
GLib
Expired
Medium
glib2.0 (Ubuntu)
High
Unassigned

Bug Description

There's an unusually large number of reports about Firefox not starting at all for some users on raring. I'm not sure if this is the same issue, but I've just hit the same deadlock when starting Firefox twice in 30 minutes on a fresh raring VM.

Here's a stack trace of the 2 most interesting threads:

Thread 2 (Thread 0x7fb4b73af700 (LWP 21183)):
#0 0x00007fb4ca42982c in __lll_lock_wait () from /lib/x86_64-linux-gnu/libpthread.so.0
#1 0x00007fb4ca425197 in _L_lock_1035 () from /lib/x86_64-linux-gnu/libpthread.so.0
#2 0x00007fb4ca425029 in pthread_mutex_lock () from /lib/x86_64-linux-gnu/libpthread.so.0
#3 0x00007fb4c4e41506 in g_type_class_ref (type=type@entry=140414177259232)
    at /build/buildd/glib2.0-2.36.0/./gobject/gtype.c:2947
#4 0x00007fb4c4e2a281 in g_object_newv (object_type=object_type@entry=140414177259232,
    n_parameters=n_parameters@entry=0, parameters=parameters@entry=0x0)
    at /build/buildd/glib2.0-2.36.0/./gobject/gobject.c:1624
#5 0x00007fb4c4e2a81c in g_object_new (object_type=140414177259232,
    first_property_name=first_property_name@entry=0x0)
    at /build/buildd/glib2.0-2.36.0/./gobject/gobject.c:1548
#6 0x00007fb4c2c055e9 in g_cancellable_new () at /build/buildd/glib2.0-2.36.0/./gio/gcancellable.c:178
#7 0x00007fb4c2ca01d1 in _g_dbus_worker_new (stream=0x7fb4b88e5c00,
    capabilities=G_DBUS_CAPABILITY_FLAGS_UNIX_FD_PASSING, initially_frozen=0,
    message_received_callback=message_received_callback@entry=0x7fb4c2c8dee0 <on_worker_message_received>,
    message_about_to_be_sent_callback=message_about_to_be_sent_callback@entry=0x7fb4c2c8ba40 <on_worker_message_about_to_be_sent>,
    disconnected_callback=disconnected_callback@entry=0x7fb4c2c8bd20 <on_worker_closed>,
    user_data=user_data@entry=0x7fb4b88ae1c0) at /build/buildd/glib2.0-2.36.0/./gio/gdbusprivate.c:1668
#8 0x00007fb4c2c93e07 in initable_init (initable=0x7fb4b88ae1c0, cancellable=<optimised out>,
    error=0x7fb4b73aee38) at /build/buildd/glib2.0-2.36.0/./gio/gdbusconnection.c:2640
#9 0x00007fb4c2c01e41 in async_init_thread (task=0x7fb4c9db1c40, source_object=<optimised out>,
    task_data=<optimised out>, cancellable=<optimised out>)
    at /build/buildd/glib2.0-2.36.0/./gio/gasyncinitable.c:260
#10 0x00007fb4c2c4d835 in g_task_thread_pool_thread (thread_data=0x7fb4c9db1c40,
    pool_data=<optimised out>) at /build/buildd/glib2.0-2.36.0/./gio/gtask.c:1242
#11 0x00007fb4c4b846f2 in g_thread_pool_thread_proxy (data=<optimised out>)
---Type <return> to continue, or q <return> to quit---
    at /build/buildd/glib2.0-2.36.0/./glib/gthreadpool.c:309
#12 0x00007fb4c4b83eb5 in g_thread_proxy (data=0x7fb4b88c0680)
    at /build/buildd/glib2.0-2.36.0/./glib/gthread.c:798
#13 0x00007fb4ca422f8e in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#14 0x00007fb4ca14ce1d in clone () from /lib/x86_64-linux-gnu/libc.so.6

Thread 1 (Thread 0x7fb4cb04b740 (LWP 21176)):
#0 0x00007fb4ca42982c in __lll_lock_wait () from /lib/x86_64-linux-gnu/libpthread.so.0
#1 0x00007fb4ca4251b2 in _L_lock_1142 () from /lib/x86_64-linux-gnu/libpthread.so.0
#2 0x00007fb4ca425130 in pthread_mutex_lock () from /lib/x86_64-linux-gnu/libpthread.so.0
#3 0x00007fb4c4b9f5c1 in g_mutex_lock (mutex=mutex@entry=0x7fb4b88ae1e0)
    at /build/buildd/glib2.0-2.36.0/./glib/gthread-posix.c:210
#4 0x00007fb4c2c93c3d in initable_init (initable=0x7fb4b88ae1c0, cancellable=0x0, error=0x0)
    at /build/buildd/glib2.0-2.36.0/./gio/gdbusconnection.c:2527
#5 0x00007fb4c2c945d1 in g_bus_get_sync (bus_type=bus_type@entry=G_BUS_TYPE_SESSION,
    cancellable=cancellable@entry=0x0, error=error@entry=0x0)
    at /build/buildd/glib2.0-2.36.0/./gio/gdbusconnection.c:6882
#6 0x00007fb4b5db24f8 in g_daemon_vfs_init (vfs=0x7fb4b9246240) at gdaemonvfs.c:297
#7 0x00007fb4c4e4395f in g_type_create_instance (type=<optimised out>)
    at /build/buildd/glib2.0-2.36.0/./gobject/gtype.c:1917
#8 0x00007fb4c4e28718 in g_object_constructor (type=<optimised out>, n_construct_properties=0,
    construct_params=0x0) at /build/buildd/glib2.0-2.36.0/./gobject/gobject.c:1855
#9 0x00007fb4c4e2a1d1 in g_object_newv (object_type=object_type@entry=140414223903424,
    n_parameters=n_parameters@entry=0, parameters=parameters@entry=0x0)
    at /build/buildd/glib2.0-2.36.0/./gobject/gobject.c:1638
#10 0x00007fb4c4e2a81c in g_object_new (object_type=object_type@entry=140414223903424,
    first_property_name=first_property_name@entry=0x0)
    at /build/buildd/glib2.0-2.36.0/./gobject/gobject.c:1548
#11 0x00007fb4c2c2c311 in try_implementation (extension=<optimised out>,
    verify_func=verify_func@entry=0x7fb4c2c57650 <g_vfs_is_active>)
    at /build/buildd/glib2.0-2.36.0/./gio/giomodule.c:759
#12 0x00007fb4c2c2c4c0 in _g_io_module_get_default (
    extension_point=extension_point@entry=0x7fb4c2ccbd3b "gio-vfs",
    envvar=envvar@entry=0x7fb4c2cd4402 "GIO_USE_VFS",
    verify_func=verify_func@entry=0x7fb4c2c57650 <g_vfs_is_active>)
    at /build/buildd/glib2.0-2.36.0/./gio/giomodule.c:858
#13 0x00007fb4c2c57a8e in g_vfs_get_default () at /build/buildd/glib2.0-2.36.0/./gio/gvfs.c:199
#14 0x00007fb4c2c18ede in g_file_new_for_path (
---Type <return> to continue, or q <return> to quit---
    path=0x7fb4b88cc780 "/home/chr1s/.config/ibus/bus/5856426a429d25c6d179116c517eee1b-unix-0")
    at /build/buildd/glib2.0-2.36.0/./gio/gfile.c:6017
#15 0x00007fb4b657ddda in ibus_bus_init (bus=0x7fb4b88e5720) at ibusbus.c:352
#16 0x00007fb4c4e4395f in g_type_create_instance (type=<optimised out>)
    at /build/buildd/glib2.0-2.36.0/./gobject/gtype.c:1917
#17 0x00007fb4c4e28718 in g_object_constructor (type=<optimised out>, n_construct_properties=0,
    construct_params=0x0) at /build/buildd/glib2.0-2.36.0/./gobject/gobject.c:1855
#18 0x00007fb4b657bd75 in ibus_bus_constructor (params=<optimised out>, n_params=0,
    type=140414223902528) at ibusbus.c:370
#19 ibus_bus_constructor (type=140414223902528, n_params=0, params=<optimised out>) at ibusbus.c:362
#20 0x00007fb4c4e2a1d1 in g_object_newv (object_type=object_type@entry=140414223902528,
    n_parameters=n_parameters@entry=0, parameters=parameters@entry=0x0)
    at /build/buildd/glib2.0-2.36.0/./gobject/gobject.c:1638
#21 0x00007fb4c4e2a81c in g_object_new (object_type=140414223902528,
    first_property_name=first_property_name@entry=0x0)
    at /build/buildd/glib2.0-2.36.0/./gobject/gobject.c:1548
#22 0x00007fb4b657bdca in ibus_bus_new () at ibusbus.c:487
#23 0x00007fb4b67a810a in ibus_im_context_class_init (class=<optimised out>) at ibusimcontext.c:507
#24 0x00007fb4c4e41956 in type_class_init_Wm (pclass=0x7fb4b922a7d0, node=0x7fb4bbefe6d0)
    at /build/buildd/glib2.0-2.36.0/./gobject/gtype.c:2244
#25 g_type_class_ref (type=type@entry=140414223902416)
    at /build/buildd/glib2.0-2.36.0/./gobject/gtype.c:2959
#26 0x00007fb4c4e2a281 in g_object_newv (object_type=object_type@entry=140414223902416,
    n_parameters=n_parameters@entry=0, parameters=parameters@entry=0x0)
    at /build/buildd/glib2.0-2.36.0/./gobject/gobject.c:1624
#27 0x00007fb4c4e2a81c in g_object_new (object_type=140414223902416, first_property_name=0x0)
    at /build/buildd/glib2.0-2.36.0/./gobject/gobject.c:1548
#28 0x00007fb4b67a8bc2 in ibus_im_context_new ()
   from /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/immodules/im-ibus.so
#29 0x00007fb4c32693f6 in _gtk_im_module_create (context_id=<optimised out>)
    at /build/buildd/gtk+2.0-2.24.17/gtk/gtkimmodule.c:614
#30 0x00007fb4c3269cd9 in gtk_im_multicontext_get_slave (multicontext=multicontext@entry=0x7fb4b88e7180)
    at /build/buildd/gtk+2.0-2.24.17/gtk/gtkimmulticontext.c:254
#31 0x00007fb4c3269f7d in gtk_im_multicontext_set_client_window (context=0x7fb4b88e7180,
    window=0x7fb4b927a120) at /build/buildd/gtk+2.0-2.24.17/gtk/gtkimmulticontext.c:300
#32 0x00007fb4c320efda in gtk_entry_realize (widget=0x7fb4bbe22030)
    at /build/buildd/gtk+2.0-2.24.17/gtk/gtkentry.c:2809
#33 0x00007fb4c4e23620 in g_closure_invoke (closure=0x7fb4c9dfb3a0, return_value=0x0, n_param_values=1,
---Type <return> to continue, or q <return> to quit---
    param_values=0x7fff170de0f0, invocation_hint=0x7fff170de090)
    at /build/buildd/glib2.0-2.36.0/./gobject/gclosure.c:777
#34 0x00007fb4c4e34544 in signal_emit_unlocked_R (node=node@entry=0x7fb4c9de7dc0,
    detail=detail@entry=0, instance=instance@entry=0x7fb4bbe22030,
    emission_return=emission_return@entry=0x0,
    instance_and_params=instance_and_params@entry=0x7fff170de0f0)
    at /build/buildd/glib2.0-2.36.0/./gobject/gsignal.c:3514
#35 0x00007fb4c4e3cd11 in g_signal_emit_valist (instance=0x7fb4bbe22030, signal_id=<optimised out>,
    detail=0, var_args=var_args@entry=0x7fff170de338)
    at /build/buildd/glib2.0-2.36.0/./gobject/gsignal.c:3328
#36 0x00007fb4c4e3cf92 in g_signal_emit (instance=instance@entry=0x7fb4bbe22030,
    signal_id=<optimised out>, detail=detail@entry=0)
    at /build/buildd/glib2.0-2.36.0/./gobject/gsignal.c:3384
#37 0x00007fb4c33a1a00 in IA__gtk_widget_realize (widget=0x7fb4bbe22030)
    at /build/buildd/gtk+2.0-2.24.17/gtk/gtkwidget.c:3554
#38 0x00007fb4c6a726ce in nsLookAndFeel::InitLookAndFeel ()
    at /build/buildd/firefox-21.0+build2/widget/gtk2/nsLookAndFeel.cpp:870
#39 0x00007fb4c6a8be24 in GetInstance ()
    at /build/buildd/firefox-21.0+build2/widget/xpwidgets/nsXPLookAndFeel.cpp:237
#40 nsXPLookAndFeel::GetInstance ()
    at /build/buildd/firefox-21.0+build2/widget/xpwidgets/nsXPLookAndFeel.cpp:229
#41 0x00007fb4c6a8c5e8 in mozilla::LookAndFeel::GetInt (
    aID=mozilla::LookAndFeel::eIntID_UseAccessibilityTheme, aResult=0x7fff170de504)
    at /build/buildd/firefox-21.0+build2/widget/xpwidgets/nsXPLookAndFeel.cpp:703
#42 0x00007fb4c6d036f2 in GetInt (aDefault=0, aID=mozilla::LookAndFeel::eIntID_UseAccessibilityTheme)
    at ../../dist/include/mozilla/LookAndFeel.h:480
#43 nsChromeRegistryChrome::CheckForOSAccessibility (this=0x7fb4c9d17460)
    at /build/buildd/firefox-21.0+build2/chrome/src/nsChromeRegistryChrome.cpp:177
#44 0x00007fb4c60ee064 in ScopedXPCOMStartup::SetWindowCreator (this=<optimised out>,
    native=<optimised out>) at /build/buildd/firefox-21.0+build2/toolkit/xre/nsAppRunner.cpp:1256
#45 0x00007fb4c60f08fd in XREMain::XRE_mainRun (this=this@entry=0x7fff170de6e0)
    at /build/buildd/firefox-21.0+build2/toolkit/xre/nsAppRunner.cpp:3673
#46 0x00007fb4c60f31f0 in XREMain::XRE_main (this=this@entry=0x7fff170de6e0, argc=argc@entry=2,
    argv=argv@entry=0x7fff170dfba8, aAppData=aAppData@entry=0x7fff170de8b0)
    at /build/buildd/firefox-21.0+build2/toolkit/xre/nsAppRunner.cpp:3938
#47 0x00007fb4c60f3442 in XRE_main (argc=2, argv=0x7fff170dfba8, aAppData=0x7fff170de8b0,
    aFlags=<optimised out>) at /build/buildd/firefox-21.0+build2/toolkit/xre/nsAppRunner.cpp:4141
#48 0x00007fb4cb06c075 in do_main (argc=argc@entry=2, argv=argv@entry=0x7fff170dfba8, xreDirectory=
---Type <return> to continue, or q <return> to quit---
    0x7fb4c9d2a540) at /build/buildd/firefox-21.0+build2/browser/app/nsBrowserApp.cpp:224
#49 0x00007fb4cb06b833 in main (argc=2, argv=0x7fff170dfba8)
    at /build/buildd/firefox-21.0+build2/browser/app/nsBrowserApp.cpp:521

From first glance, it looks like this has happened:

- Someone in the past has called g_bus_get on the main thread.
- GDBusConnection's initable_init() starts running on a separate thread.
- Someone then calls g_bus_get_sync on the main thread using the same bus, which causes GDBusConnection's initable_init() to run on the main thread.
- initable_init() waits on the main thread because the second thread has the lock (connection->init_lock). At this time, it also holds a lock in g_type_class_ref() (class_init_rec_mutex), much higher up the stack (frame #25)
- The second thread waits inside g_type_class_ref() because the main thread has this lock, which is waiting on the second thread to release another lock.

....Deadlock!

The issue seems to be that ibus_im_context_class_init() is calling g_object_new(), which is not allowed!

affects: glib2.0 (Ubuntu) → ibus (Ubuntu)
Changed in ibus (Ubuntu):
importance: Undecided → High
status: New → Triaged
Chris Coulson (chrisccoulson) wrote :

Note, from IRC:

<chrisccoulson> desrt, is it a bug to call g_object_new from within a class_init function?
<desrt> yesish
<chrisccoulson> desrt, heh, i thought as much (see bug 1179554) ;)
<ubot2> Launchpad bug 1179554 in ibus (Ubuntu) "Firefox hang on start because ibus calls g_object_new inside a class_init function" [High,Triaged] https://launchpad.net/bugs/1179554
<desrt> it's not strictly a bug
 but you should only be doing a very limited number of things in class_init
 properties, signals, vfunc overrides

affects: ibus (Ubuntu) → glib2.0 (Ubuntu)
Chris Coulson (chrisccoulson) wrote :

<desrt> ooo
 this looks like the fun gobject deadlock
<chrisccoulson> desrt, oh, should i reassign it to glib?
<desrt> it's already known
 assuming it's the same one (which it appears to be)
<chrisccoulson> desrt, got a bug number?
<desrt> https://bugzilla.gnome.org/show_bug.cgi?id=674885
<ubot2> Gnome bug 674885 in gobject "type initialisation deadlock in GObject" [Normal,New]

Changed in glib:
importance: Unknown → Medium
status: Unknown → Confirmed
dino99 (9d9) wrote :

Experience that firefox 36 start failing on vivid i386 booted with systemd-syv on a gnome-shell session.

from a terminal, i get:
oem@u32:~$ firefox

(process:7753): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed

Hopes to see Firefox fixed asap.

tags: added: vivid
Changed in glib:
status: Confirmed → In Progress
Changed in glib:
status: In Progress → Expired
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.