26728 – xcb not re-enterant ... blocking desktop ...

Bug 26728 - xcb not re-enterant ... blocking desktop ...

Summary: xcb not re-enterant ... blocking desktop ...

Status:	RESOLVED NOTOURBUG

Alias:	None

Product:	XCB
Classification:	Unclassified
Component:	Library (show other bugs)
Version:	unspecified
Hardware:	Other All

Importance:	medium critical
Assignee:	xcb mailing list dummy
QA Contact:	Xorg Project Team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2010-02-24 05:43 UTC by Michael Meeks
Modified:	2010-02-24 08:00 UTC (History)
CC List:	3 users (show)

See Also:
i915 platform:
i915 features:

Attachments

Description Michael Meeks 2010-02-24 05:43:31 UTC

Sooo ... I was pleased to actually catch this in the flesh, having seen similar
symptoms on moblin and elsewhere; what happened ?

I ran strace on evolution - and fetched some mail; this (it seems) caused
evolution to either crash, or be suspended at an inconvenient time (via
ptrace).

strace itself was trying to write (perhaps a lot) of data to an xterm, which
itself was trying to re-render via the window manager, whose compositing loop
was stuck - waiting for the X server to finish it's dealings with evolution [
or so I infer ;-]. Even if this is not the flow problem above, the stack trace
seems to suggest that in fact if a signal is caught during an xcb call that it
is not re-enterancy safe [ typically we try to catch signals, and do nice
things - like crash handlers in them ].

here are the obligatory traces. I strongly suspect we need to re-file this
up-stream with xorg :-)


Metacity:

Thread 2 (Thread 0xb128fb70 (LWP 13433)):
#0  0xffffe424 in __kernel_vsyscall ()
#1  0xb6addbeb in read () from /lib/libc.so.6
#2  0xb6d9141d in read (__nbytes=<value optimized out>, __buf=<value optimized
out>, __fd=<value optimized out>) at /usr/include/bits/unistd.h:45
#3  child_watch_helper_thread (__nbytes=<value optimized out>, __buf=<value
optimized out>, __fd=<value optimized out>) at gmain.c:3822
#4  0xb6dba9ef in g_thread_create_proxy (data=0x829ab00) at gthread.c:635
#5  0xb69e1725 in start_thread () from /lib/libpthread.so.0
#6  0xb6aee26e in clone () from /lib/libc.so.6

Thread 1 (Thread 0xb6830740 (LWP 9721)):
#0  0xffffe424 in __kernel_vsyscall ()
#1  0xb6ae6f51 in select () from /lib/libc.so.6
#2  0xb6bb52dd in ?? () from /usr/lib/libxcb.so.1
#3  0xb6bb6cfa in xcb_wait_for_reply () from /usr/lib/libxcb.so.1
#4  0xb6c135d1 in _XReply () from /usr/lib/libX11.so.6
#5  0xb6bf1409 in XGrabPointer () from /usr/lib/libX11.so.6
#6  0x08060b67 in gdk_rectangle_intersect () at gdkrectangle.c:80
#7  0x08060e97 in gdk_rectangle_intersect () at gdkrectangle.c:80
#8  0x080709a4 in gdk_rectangle_intersect () at gdkrectangle.c:80
#9  0x0806d9bf in gdk_rectangle_intersect () at gdkrectangle.c:80
#10 0x08063a20 in gdk_rectangle_intersect () at gdkrectangle.c:80
#11 0x080ab11f in gdk_rectangle_intersect () at gdkrectangle.c:80
#12 0xb7270d36 in gdk_event_apply_filters (filters=<value optimized out>,
event=<value optimized out>, xevent=<value optimized out>) at
gdkevents-x11.c:351
#13 gdk_event_translate (filters=<value optimized out>, event=<value optimized
out>, xevent=<value optimized out>) at gdkevents-x11.c:923
#14 0xb7272abf in _gdk_events_queue (display=0x80eb000 [GdkDisplayX11]) at
gdkevents-x11.c:2306
#15 0xb7272eff in gdk_event_dispatch (source=0x80f2f88, callback=0,
user_data=0x0) at gdkevents-x11.c:2367
#16 0xb6d90448 in g_main_dispatch (context=<value optimized out>) at
gmain.c:1960
#17 IA__g_main_context_dispatch (context=<value optimized out>) at gmain.c:2513
#18 0xb6d93bf3 in g_main_context_iterate (context=0x80d6400, block=1,
dispatch=1, self=0x80cd3e8) at gmain.c:2591
#19 0xb6d940ba in IA__g_main_loop_run (loop=0x80d6a00) at gmain.c:2799
#20 0x08071cac in gdk_rectangle_intersect () at gdkrectangle.c:80
#21 0xb6a30be5 in __libc_start_main () from /lib/libc.so.6
#22 0x08053bc1 in gdk_rectangle_intersect () at gdkrectangle.c:80

strace (not completing in 'write')

#0  0xffffe424 in __kernel_vsyscall ()
#1  0xb761bc43 in __write_nocancel () from /lib/libc.so.6
#2  0xb75c0f5f in _IO_new_file_write () from /lib/libc.so.6
#3  0xb75c0c03 in new_do_write () from /lib/libc.so.6
#4  0xb75c0f06 in _IO_new_do_write () from /lib/libc.so.6
#5  0xb75c1ac0 in _IO_new_file_overflow () from /lib/libc.so.6
#6  0xb75c0d3d in _IO_new_file_xsputn () from /lib/libc.so.6
#7  0xb7595d63 in vfprintf () from /lib/libc.so.6
#8  0xb7640fce in __vfprintf_chk () from /lib/libc.so.6
#9  0x0804993d in geteuid ()
#10 0x08049992 in geteuid ()
#11 0x0804cc25 in geteuid ()
#12 0x0804c24d in geteuid ()
#13 0xb756ebe5 in __libc_start_main () from /lib/libc.so.6
#14 0x08049801 in geteuid ()

xterm (trying to catch up):

(gdb) bt
#0  0xffffe424 in __kernel_vsyscall ()
#1  0xb7348f1d in ___newselect_nocancel () from /lib/libc.so.6
#2  0xb723a2dd in ?? () from /usr/lib/libxcb.so.1
#3  0xb723aa2e in ?? () from /usr/lib/libxcb.so.1
#4  0xb723ab5f in ?? () from /usr/lib/libxcb.so.1
#5  0xb723acaf in xcb_flush () from /usr/lib/libxcb.so.1
#6  0xb7574a77 in _XSend () from /usr/lib/libX11.so.6
#7  0xb7574c00 in _XEventsQueued () from /usr/lib/libX11.so.6
#8  0xb755cb3f in XEventsQueued () from /usr/lib/libX11.so.6
#9  0xb746aab1 in XtAppPending () from /usr/lib/libXt.so.6
#10 0x08072cba in geteuid ()
#11 0x0805b820 in geteuid ()
#12 0x08061138 in geteuid ()
#13 0x0806125a in geteuid ()
#14 0x0806cb9e in geteuid ()
#15 0xb7292be5 in __libc_start_main () from /lib/libc.so.6
#16 0x0804d411 in geteuid ()

Xorg (quiescent ? or waiting for a sync call to complete?)

(gdb) t a a bt

Thread 1 (Thread 0xb72996f0 (LWP 9321)):
#0  0xffffe424 in __kernel_vsyscall ()
#1  0xb7382f1d in ___newselect_nocancel () from /lib/libc.so.6
#2  0x08131a58 in WaitForSomething ()
#3  0x0808ce26 in Dispatch ()
#4  0x08071faa in main ()

Evolution (re-entering xcb_wait_for_reply - via a signal):

(gdb) bt
#0  0xffffe424 in __kernel_vsyscall ()
#1  0xb71663d5 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/libpthread.so.0
#2  0xb61b20b6 in ?? () from /usr/lib/libxcb.so.1
#3  0xb61b24e7 in ?? () from /usr/lib/libxcb.so.1
#4  0xb61b3cfa in xcb_wait_for_reply () from /usr/lib/libxcb.so.1
#5  0xb62105d1 in _XReply () from /usr/lib/libX11.so.6
#6  0xb62039c7 in XSync () from /usr/lib/libX11.so.6
#7  0xb6596268 in IA__gdk_flush () at gdkevents-x11.c:2554
#8  0xb55b7f1d in ?? () from /usr/lib/gtk-2.0/modules/libgnomebreakpad.so
#9  <signal handler called>
#10 0xffffe424 in __kernel_vsyscall ()
#11 0xb5ec5f51 in select () from /lib/libc.so.6
#12 0xb61b22dd in ?? () from /usr/lib/libxcb.so.1
#13 0xb61b3cfa in xcb_wait_for_reply () from /usr/lib/libxcb.so.1
#14 0xb62105d1 in _XReply () from /usr/lib/libX11.so.6
#15 0xb61fd73d in XQueryPointer () from /usr/lib/libX11.so.6
#16 0xb65ab33b in _gdk_windowing_window_at_pointer (display=0x808b000
[GdkDisplayX11], win_x=0xbf99cf1c, win_y=0xbf99cf18, mask=0x0, get_toplevel=0)
at gdkwindow-x11.c:3247
#17 0xb655b55c in gdk_display_real_get_window_at_pointer (display=0x808b000
[GdkDisplayX11], win_x=0xbf99cf48, win_y=0xbf99cf44) at gdkdisplay.c:513
#18 0xb655bd8f in IA__gdk_display_get_window_at_pointer (display=0x808b000
[GdkDisplayX11], win_x=0xbf99cf70, win_y=0xbf99cf6c) at gdkdisplay.c:594
#19 0xb6844f8e in IA__gtk_tooltip_trigger_tooltip_query (display=0x808b000
[GdkDisplayX11]) at gtktooltip.c:438
#20 0xb5fb4a77 in IA__g_slist_foreach (list=0xa952260 = {...}, func=0xb6844f50
<IA__gtk_tooltip_trigger_tooltip_query>, user_data=0x0) at gslist.c:743
#21 0xb6886d12 in tooltip_query_idle (data=0x0) at gtkwidget.c:10678
#22 0xb655904b in gdk_threads_dispatch (data=0x9c1e2010) at gdk.c:506
#23 0xb5f93661 in g_idle_dispatch (source=0x107d4268, callback=0x1,
user_data=0x9c1e2010) at gmain.c:4065
#24 0xb5f95448 in g_main_dispatch (context=<value optimized out>) at
gmain.c:1960
#25 IA__g_main_context_dispatch (context=<value optimized out>) at gmain.c:2513
#26 0xb5f98bf3 in g_main_context_iterate (context=0x8094f50, block=1,
dispatch=1, self=0x806b538) at gmain.c:2591
#27 0xb5f990ba in IA__g_main_loop_run (loop=0x80e2b50) at gmain.c:2799
#28 0xb6d1dfb3 in bonobo_main () at bonobo-main.c:311
#29 0x0805de3c in main (argc=1, argv=0x0) at main.c:732

HTH.

Comment 1 Julien Cristau 2010-02-24 07:04:42 UTC

I would have thought that calling any Xlib function from a signal handler was unsafe...

Comment 2 Alan Coopersmith 2010-02-24 07:30:28 UTC

(In reply to comment #1)
> I would have thought that calling any Xlib function from a signal handler was
> unsafe...

Absolutely - Xlib has never been async-signal safe.   Very few library
functions are (see the list in the POSIX/UNIX specs).

Comment 3 Julien Cristau 2010-02-24 07:36:20 UTC

16:03 < jcristau> hrm.  is XSync() really supposed to be ok to call from a 
                  signal handler?
16:03 < jcristau> (bug 26728)
16:05 < ajax> jcristau: almost certainly not.
16:05 < jcristau> that's what i thought
16:05 < ajax> if you're in the middle of generating some other protocol, you'll 
              fuck up the protocol stream
16:05 < ajax> more generally, deadlocks ahoy.

closing as not our bug.  don't do that.

Comment 4 Stefan Dirsch 2010-02-24 08:00:33 UTC

Thanks for the prompt replies! :-)

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.