Mir

Segfault when closing apps that link against ubuntu_application_api_mirclient

Bug #1238312 reported by Ricardo Salveti on 2013-10-10

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Mir	Fix Released	Critical	Thomas Voß	Mir 0.0.15
	mir (Ubuntu)	Fix Released	Critical	Thomas Voß

Bug Description

Latest -touch image, mako or maguro:

"""
#include <stdlib.h>
#include <stdio.h>

#include <ubuntu/application/ui/window.h>
#include <ubuntu/application/ui/options.h>
#include <ubuntu/application/ui/display.h>
#include <ubuntu/application/ui/session.h>

void foobar()
{
ua_ui_session_properties_new ();
}

int main(int argc, char **argv)
{
printf("Testing\n");

return 0;
}
"""
phablet@ubuntu-phablet:/tmp/test$ gcc test.c -o test -lubuntu_application_api_mirclient
phablet@ubuntu-phablet:/tmp/test$ ./test
Testing
--> Seg fault

BT:
Program terminated with signal 11, Segmentation fault.
#0 memset () at ../ports/sysdeps/arm/memset.S:30
30 ../ports/sysdeps/arm/memset.S: No such file or directory.
(gdb) bt full
#0 memset () at ../ports/sysdeps/arm/memset.S:30
No locals.
#1 0x408311c6 in std::_Hashtable<MirConnection*, MirConnection*, std::allocator<MirConnection*>, std::__detail::_Identity, std::equal_to<MirConnection*>, std::hash<MirConnection*>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<false, true, true> >::clear() () from /usr/lib/arm-linux-gnueabihf/libmirclient.so.3
No symbol table info available.
#2 0x408311d8 in std::unordered_set<MirConnection*, std::hash<MirConnection*>, std::equal_to<MirConnection*>, std::allocator<MirConnection*> >::~unordered_set() () from /usr/lib/arm-linux-gnueabihf/libmirclient.so.3
No symbol table info available.
#3 0x40686d6c in __run_exit_handlers (status=0, listp=0x4073d4a4 <__exit_funcs>, run_list_atexit=run_list_atexit@entry=true) at exit.c:77
        atfct = <optimized out>
        onfct = <optimized out>
        cxafct = <optimized out>
        f = 0x1abdb48
#4 0x40686dc8 in __GI_exit (status=<optimized out>) at exit.c:99
No locals.
#5 0x40675456 in __libc_start_main (main=0x9551 <main>, argc=3, ubp_av=0xbeddb304, init=<optimized out>, fini=0xa019 <__libc_csu_fini+1>, rtld_fini=0x400f4291 <_dl_fini>, stack_end=0xbeddb304) at libc-start.c:294
        result = <optimized out>
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, 0, 1081331712, 0, 0, 0, 1074823168, 0, -1092767304, 1080513575, 0 <repeats 18 times>, -1092766956, 2, -1, 1080767269, 1080466872, 1075567496, 1075892224, 1077111573, -1092766972, -1092766956, 1081332940, 1075893820,
                8, 1077279239, 1081332940, 1075681677, 1077318148, 1, 1077345536, 1085576176, 1087090688, 0, 77852, 1087091904, 0, 1074823168, 0, 1074739149, 1085576176, 1, 1, 0, 4, 1080466872, 1, 0}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0,
              0x400f7e10 <_dl_runtime_resolve+24>}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
        not_first_call = <optimized out>
#6 0x00009ed2 in _start ()
Cannot access memory at address 0xa7a5

Related branches

lp:~ricmm/mir/lp-1238312

Merged into lp:mir at revision 1124

Daniel van Vugt: Disapprove on 2013-10-11

PS Jenkins bot (community): Approve (continuous-integration) on 2013-10-11

Ricardo Salveti (community): Approve on 2013-10-11

Superseded for merging into lp:~mir-team/mir/trunk

PS Jenkins bot (community): Needs Fixing (continuous-integration) on 2013-10-11

Daniel van Vugt: Needs Resubmitting on 2013-10-11

Ricardo Salveti (community): Approve on 2013-10-11

lp:~thomas-voss/mir/lp-1238312

Merged into lp:mir at revision 1124

PS Jenkins bot (community): Approve (continuous-integration) on 2013-10-11

Ricardo Salveti (community): Approve on 2013-10-11

Daniel van Vugt: Approve on 2013-10-11

Superseded for merging into lp:~mir-team/mir/trunk

Daniel van Vugt: Needs Resubmitting on 2013-10-11

lp:~mir-team/mir/trunk

Merged into lp:mir at revision 1123

PS Jenkins bot (community): Approve (continuous-integration) on 2013-10-10

Mir development team: Pending requested 2013-10-09

lp:ubuntu/saucy-proposed/mir

Revision history for this message

Ricardo Salveti (rsalveti) wrote on 2013-10-10:

This is currently blocking the gst-plugins-bad integration as when unloading the androidmedia element, it crashes.

Changed in mir:
importance:	Undecided → Critical
status:	New → Confirmed

Revision history for this message

Ricardo Mendoza (ricmm) wrote on 2013-10-10:

When using a cross-built Mir, the program exits normally. It seems like its only exhibited when built with a native toolchain.

For testing, cross-built binaries can be found in:
http://people.canonical.com/~ricmm/mir-fixed/

Ricardo Salveti (rsalveti) on 2013-10-10

Changed in mir (Ubuntu):
status:	New → Confirmed
importance:	Undecided → Critical

Revision history for this message

Ricardo Salveti (rsalveti) wrote on 2013-10-10:

Can confirm it works fine for cross-built based binaries.

Cross built it following http://unity.ubuntu.com/mir/building_source_for_android.html, then running cross-compile-chroot.sh from mir's source package.

Daniel van Vugt (vanvugt) on 2013-10-11

Changed in mir:
assignee:	nobody → Ricardo Mendoza (ricmm)
status:	Confirmed → In Progress
milestone:	none → phone-v1-freeze

Revision history for this message

Ricardo Salveti (rsalveti) wrote on 2013-10-11:

So it seems that this is related with the optimization flag used. Worked with the cross-compiled binaries as it was using the 'debug' build by default, not O2.

Tested a rebuild, and worked fine with O0, but failed with O1 and O2.

Revision history for this message

Daniel van Vugt (vanvugt) wrote on 2013-10-11:

It could still be a subtle memory error that's only tripped in optimized builds. Meaning there's potentially still a root cause in our code. Blaming the compiler is almost always wrong.

Daniel van Vugt (vanvugt) on 2013-10-11

Changed in mir:
assignee:	Ricardo Mendoza (ricmm) → Thomas Voß (thomas-voss)

Revision history for this message

PS Jenkins bot (ps-jenkins) wrote on 2013-10-11:

Fix committed into lp:~mir-team/mir/development-branch at revision None, scheduled for release in mir, milestone Unknown

Changed in mir:
status:	In Progress → Fix Committed

Revision history for this message

Daniel van Vugt (vanvugt) wrote on 2013-10-11:

Fix committed to lp:mir at revision 1097

Changed in mir (Ubuntu):
status:	Confirmed → Fix Committed
assignee:	nobody → Thomas Voß (thomas-voss)

Revision history for this message

Launchpad Janitor (janitor) wrote on 2013-10-11:

This bug was fixed in the package mir - 0.0.14+13.10.20131011-0ubuntu1

---------------
mir (0.0.14+13.10.20131011-0ubuntu1) saucy; urgency=low

  [ thomas-voss ]
  * Clean up duplicate instances of the valid connections set. Remove
    the static instances from the header file. (LP: #1238312) Requested
    to be merged directly to lp:mir by didrocks, tvoss. (LP: #1238312)

[ Ubuntu daily release ]
* Automatic snapshot from revision 1097
-- Ubuntu daily release <email address hidden> Fri, 11 Oct 2013 06:59:30 +0000

Changed in mir (Ubuntu):
status:	Fix Committed → Fix Released

Revision history for this message

Daniel van Vugt (vanvugt) wrote on 2013-10-15:

That's confusing. The LP history seems to suggest this fix missed 0.0.14+13.10.20131011-0ubuntu1 and will be in the following release.

Revision history for this message

Timo Jyrinki (timo-jyrinki) wrote on 2013-10-15:

#10

Fix released in https://launchpad.net/ubuntu/+source/mir/0.0.15+13.10.20131014-0ubuntu1 (changelog at https://code.launchpad.net/~mir-team/mir/development-branch/+merge/191055).

Daniel van Vugt (vanvugt) on 2013-10-17

Changed in mir:
milestone:	phone-v1-freeze → 0.0.15

Daniel van Vugt (vanvugt) on 2013-10-17

Changed in mir:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.