Mir

Neverball and Neverputt randomly crash on startup in google::protobuf::MessageLite::InternalSerializeWithCachedSizesToArray from mir_connect_sync

Bug #1667542 reported by Daniel van Vugt on 2017-02-24

This bug report is a duplicate of: Bug #1667352: SDL apps either "Failed to connect to the mir server: ..." or segfault in protobuf via mir_connect_sync. Edit Remove

This bug affects 2 people

	Status	Importance	Assigned to	Milestone
Mir	In Progress	High	Brandon Schaefer	Mir 0.27.0
0.26	Triaged	High	Brandon Schaefer	Mir 0.26.2
libsdl2 (Ubuntu)	Confirmed	Critical	Unassigned

Bug Description

neverball randomly crashes on startup:

(gdb) bt
#0 __memmove_avx_unaligned_erms ()
    at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:416
#1 0x00007fffed8664c7 in google::protobuf::io::CodedOutputStream::WriteRaw(void const*, int) () from /usr/lib/x86_64-linux-gnu/libprotobuf-lite.so.10
#2 0x00007fffed8625c5 in google::protobuf::MessageLite::InternalSerializeWithCachedSizesToArray(bool, unsigned char*) const ()
   from /usr/lib/x86_64-linux-gnu/libprotobuf-lite.so.10
#3 0x00007fffee650508 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirclient.so.9
#4 0x00007fffee6511ca in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirclient.so.9
#5 0x00007fffee63c827 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libmirclient.so.9
#6 0x00007fffee608635 in mir_connect ()
   from /usr/lib/x86_64-linux-gnu/libmirclient.so.9
#7 0x00007fffee60946b in mir_connect_sync ()
   from /usr/lib/x86_64-linux-gnu/libmirclient.so.9
#8 0x00007ffff756a090 in ?? () from /usr/lib/x86_64-linux-gnu/libSDL2-2.0.so.0
#9 0x00007ffff7553ee6 in ?? () from /usr/lib/x86_64-linux-gnu/libSDL2-2.0.so.0
#10 0x00007ffff74ba4e7 in ?? () from /usr/lib/x86_64-linux-gnu/libSDL2-2.0.so.0
#11 0x000055555555e5fb in main ()

Tags:

Related branches

lp:~brandontschaefer/mir/mirclient-reload

Rejected for merging into lp:mir

Daniel van Vugt: Approve on 2017-03-16

Mir CI Bot: Needs Fixing (continuous-integration) on 2017-03-14

Kevin DuBois (community): Approve on 2017-03-13

Revision history for this message

Daniel van Vugt (vanvugt) wrote on 2017-02-24:

Full debug info:

(gdb) bt
#0 __memmove_avx_unaligned_erms ()
    at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:416
#1 0x00007fffed8664c7 in memcpy (__len=1434303056, __src=0x0,
    __dest=<optimised out>) at /usr/include/x86_64-linux-gnu/bits/string3.h:53
#2 google::protobuf::io::CodedOutputStream::WriteRaw (this=0x7fffffffd570,
    data=0x0, size=1434303056) at google/protobuf/io/coded_stream.cc:730
#3 0x00007fffed8625c5 in google::protobuf::MessageLite::InternalSerializeWithCachedSizesToArray (this=0x5555557f7530, deterministic=<optimised out>,
    target=0x7fff92824010 "\n\rMIR_VideoInit")
    at google/protobuf/message_lite.cc:229
#4 0x00007fffee650508 in invocation_for (this=this@entry=0x5555557f7670,
    method_name=..., request=request@entry=0x5555557f7530,
    num_side_channel_fds=0) at ./src/client/rpc/mir_basic_rpc_channel.cpp:155
#5 0x00007fffee6511ca in mir::client::rpc::MirProtobufRpcChannel::call_method(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, google::protobuf::MessageLite const*, google::protobuf::MessageLite*, google::protobuf::Closure*) (this=this@entry=0x5555557f7670, method_name=...,
    parameters=parameters@entry=0x5555557f7530,
    response=response@entry=0x5555557f7b00,
    complete=complete@entry=0x5555557f7ce0)
    at ./src/client/rpc/mir_protobuf_rpc_channel.cpp:230
#6 0x00007fffee63c827 in mir::client::rpc::DisplayServer::connect(mir::protobuf::ConnectParameters const*, mir::protobuf::Connection*, google::protobuf::Closure*) (this=<optimised out>, request=0x5555557f7530, response=0x5555557f7b00,
    done=0x5555557f7ce0) at ./src/client/rpc/mir_display_server.cpp:36
#7 0x00007fffee608635 in connect (context=0x7fffffffe290,
    callback=0x7fffee6060b0 <(anonymous namespace)::assign_result(void*, void**) [clone .lto_priv.461] [clone .lto_priv.463]>,
    app_name=0x7ffff7586c60 <__PRETTY_FUNCTION__.12305> "MIR_VideoInit",
    this=0x5555557f6b30) at ./src/client/mir_connection.cpp:658
#8 mir_connect (socket_file=<optimised out>,
    name=0x7ffff7586c60 <__PRETTY_FUNCTION__.12305> "MIR_VideoInit",
    callback=callback@entry=0x7fffee6060b0 <(anonymous namespace)::assign_result(void*, void**) [clone .lto_priv.461] [clone .lto_priv.463]>,
    context=context@entry=0x7fffffffe290)
    at ./src/client/mir_connection_api.cpp:74
#9 0x00007fffee60946b in mir_connect_sync (server=<optimised out>,
    app_name=<optimised out>) at ./src/client/mir_connection_api.cpp:100
#10 0x00007ffff756a090 in MIR_VideoInit (_this=0x5555557f66b0)
    at ./src/video/mir/SDL_mirvideo.c:300
#11 0x00007ffff7553ee6 in SDL_VideoInit_REAL (driver_name=<optimised out>,
    driver_name@entry=0x0) at ./src/video/SDL_video.c:517
#12 0x00007ffff74ba4e7 in SDL_InitSubSystem_REAL (flags=16944)
    at ./src/SDL.c:173
#13 0x000055555555e5fb in main ()

Full debug info:

(gdb) bt
#0  __memmove_avx_unaligned_erms ()
    at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:416
#1  0x00007fffed8664c7 in memcpy (__len=1434303056, __src=0x0, 
    __dest=<optimised out>) at /usr/include/x86_64-linux-gnu/bits/string3.h:53
#2  google::protobuf::io::CodedOutputStream::WriteRaw (this=0x7fffffffd570, 
    data=0x0, size=1434303056) at google/protobuf/io/coded_stream.cc:730
#3  0x00007fffed8625c5 in google::protobuf::MessageLite::InternalSerializeWithCachedSizesToArray (this=0x5555557f7530, deterministic=<optimised out>, 
    target=0x7fff92824010 "\n\rMIR_VideoInit")
    at google/protobuf/message_lite.cc:229
#4  0x00007fffee650508 in invocation_for (this=this@entry=0x5555557f7670, 
    method_name=..., request=request@entry=0x5555557f7530, 
    num_side_channel_fds=0) at ./src/client/rpc/mir_basic_rpc_channel.cpp:155
#5  0x00007fffee6511ca in mir::client::rpc::MirProtobufRpcChannel::call_method(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, google::protobuf::MessageLite const*, google::protobuf::MessageLite*, google::protobuf::Closure*) (this=this@entry=0x5555557f7670, method_name=..., 
    parameters=parameters@entry=0x5555557f7530, 
    response=response@entry=0x5555557f7b00, 
    complete=complete@entry=0x5555557f7ce0)
    at ./src/client/rpc/mir_protobuf_rpc_channel.cpp:230
#6  0x00007fffee63c827 in mir::client::rpc::DisplayServer::connect(mir::protobuf::ConnectParameters const*, mir::protobuf::Connection*, google::protobuf::Closure*) (this=<optimised out>, request=0x5555557f7530, response=0x5555557f7b00, 
    done=0x5555557f7ce0) at ./src/client/rpc/mir_display_server.cpp:36
#7  0x00007fffee608635 in connect (context=0x7fffffffe290, 
    callback=0x7fffee6060b0 <(anonymous namespace)::assign_result(void*, void**) [clone .lto_priv.461] [clone .lto_priv.463]>, 
    app_name=0x7ffff7586c60 <__PRETTY_FUNCTION__.12305> "MIR_VideoInit", 
    this=0x5555557f6b30) at ./src/client/mir_connection.cpp:658
#8  mir_connect (socket_file=<optimised out>, 
    name=0x7ffff7586c60 <__PRETTY_FUNCTION__.12305> "MIR_VideoInit", 
    callback=callback@entry=0x7fffee6060b0 <(anonymous namespace)::assign_result(void*, void**) [clone .lto_priv.461] [clone .lto_priv.463]>, 
    context=context@entry=0x7fffffffe290)
    at ./src/client/mir_connection_api.cpp:74
#9  0x00007fffee60946b in mir_connect_sync (server=<optimised out>, 
    app_name=<optimised out>) at ./src/client/mir_connection_api.cpp:100
#10 0x00007ffff756a090 in MIR_VideoInit (_this=0x5555557f66b0)
    at ./src/video/mir/SDL_mirvideo.c:300
#11 0x00007ffff7553ee6 in SDL_VideoInit_REAL (driver_name=<optimised out>, 
    driver_name@entry=0x0) at ./src/video/SDL_video.c:517
#12 0x00007ffff74ba4e7 in SDL_InitSubSystem_REAL (flags=16944)
    at ./src/SDL.c:173
#13 0x000055555555e5fb in main ()

summary:	neverball randomly crashes on startup in google::protobuf::MessageLite::InternalSerializeWithCachedSizesToArray + from mir_connect_sync
Changed in libsdl2 (Ubuntu):
importance:	Undecided → Critical

Revision history for this message

Daniel van Vugt (vanvugt) wrote on 2017-02-24: Re: neverball randomly crashes on startup in google::protobuf::MessageLite::InternalSerializeWithCachedSizesToArray from mir_connect_sync

Valgrind says:

==21733== Invalid read of size 4
==21733== at 0xECAC7B2: mir::protobuf::ConnectParameters::ByteSize() const (in /usr/lib/x86_64-linux-gnu/libmirprotobuf.so.3)
==21733== by 0xE80B3AB: mir::client::rpc::MirBasicRpcChannel::invocation_for(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, google::protobuf::MessageLite const*, unsigned long) (mir_basic_rpc_channel.cpp:153)
==21733== by 0xE80C1C9: mir::client::rpc::MirProtobufRpcChannel::call_method(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, google::protobuf::MessageLite const*, google::protobuf::MessageLite*, google::protobuf::Closure*) (mir_protobuf_rpc_channel.cpp:230)
==21733== by 0xE7F7826: mir::client::rpc::DisplayServer::connect(mir::protobuf::ConnectParameters const*, mir::protobuf::Connection*, google::protobuf::Closure*) (mir_display_server.cpp:36)
==21733== by 0xE7C3634: connect (mir_connection.cpp:658)
==21733== by 0xE7C3634: mir_connect (mir_connection_api.cpp:74)
==21733== by 0xE7C446A: mir_connect_sync (mir_connection_api.cpp:100)
==21733== by 0x552008F: MIR_VideoInit (SDL_mirvideo.c:300)
==21733== by 0x5509EE5: SDL_VideoInit_REAL (SDL_video.c:517)
==21733== by 0x54704E6: SDL_InitSubSystem_REAL (SDL.c:173)
==21733== by 0x1125FA: main (in /usr/games/neverball)
==21733== Address 0xe3f1e78 is 8 bytes inside a block of size 32 free'd
==21733== at 0x4C2E25B: operator delete(void*) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==21733== by 0xF5B03CA: google::protobuf::ShutdownProtobufLibrary() (common.cc:443)
==21733== by 0xECA8128: ??? (in /usr/lib/x86_64-linux-gnu/libmirprotobuf.so.3)
==21733== by 0x4016488: _dl_close_worker.part.0 (dl-close.c:286)
==21733== by 0x4017289: _dl_close_worker (dl-close.c:125)
==21733== by 0x4017289: _dl_close (dl-close.c:822)
==21733== by 0x4010673: _dl_catch_error (dl-error.c:187)
==21733== by 0x778D570: _dlerror_run (dlerror.c:163)
==21733== by 0x778CFDE: dlclose (dlclose.c:46)
==21733== by 0x551E178: SDL_MIR_UnloadSymbols.part.0 (SDL_mirdyn.c:112)
==21733== by 0x551FC21: MIR_Available (SDL_mirvideo.c:103)
==21733== by 0x550A08F: SDL_VideoInit_REAL (SDL_video.c:489)
==21733== by 0x54704E6: SDL_InitSubSystem_REAL (SDL.c:173)

Valgrind says:

==21733== Invalid read of size 4
==21733==    at 0xECAC7B2: mir::protobuf::ConnectParameters::ByteSize() const (in /usr/lib/x86_64-linux-gnu/libmirprotobuf.so.3)
==21733==    by 0xE80B3AB: mir::client::rpc::MirBasicRpcChannel::invocation_for(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, google::protobuf::MessageLite const*, unsigned long) (mir_basic_rpc_channel.cpp:153)
==21733==    by 0xE80C1C9: mir::client::rpc::MirProtobufRpcChannel::call_method(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, google::protobuf::MessageLite const*, google::protobuf::MessageLite*, google::protobuf::Closure*) (mir_protobuf_rpc_channel.cpp:230)
==21733==    by 0xE7F7826: mir::client::rpc::DisplayServer::connect(mir::protobuf::ConnectParameters const*, mir::protobuf::Connection*, google::protobuf::Closure*) (mir_display_server.cpp:36)
==21733==    by 0xE7C3634: connect (mir_connection.cpp:658)
==21733==    by 0xE7C3634: mir_connect (mir_connection_api.cpp:74)
==21733==    by 0xE7C446A: mir_connect_sync (mir_connection_api.cpp:100)
==21733==    by 0x552008F: MIR_VideoInit (SDL_mirvideo.c:300)
==21733==    by 0x5509EE5: SDL_VideoInit_REAL (SDL_video.c:517)
==21733==    by 0x54704E6: SDL_InitSubSystem_REAL (SDL.c:173)
==21733==    by 0x1125FA: main (in /usr/games/neverball)
==21733==  Address 0xe3f1e78 is 8 bytes inside a block of size 32 free'd
==21733==    at 0x4C2E25B: operator delete(void*) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==21733==    by 0xF5B03CA: google::protobuf::ShutdownProtobufLibrary() (common.cc:443)
==21733==    by 0xECA8128: ??? (in /usr/lib/x86_64-linux-gnu/libmirprotobuf.so.3)
==21733==    by 0x4016488: _dl_close_worker.part.0 (dl-close.c:286)
==21733==    by 0x4017289: _dl_close_worker (dl-close.c:125)
==21733==    by 0x4017289: _dl_close (dl-close.c:822)
==21733==    by 0x4010673: _dl_catch_error (dl-error.c:187)
==21733==    by 0x778D570: _dlerror_run (dlerror.c:163)
==21733==    by 0x778CFDE: dlclose (dlclose.c:46)
==21733==    by 0x551E178: SDL_MIR_UnloadSymbols.part.0 (SDL_mirdyn.c:112)
==21733==    by 0x551FC21: MIR_Available (SDL_mirvideo.c:103)
==21733==    by 0x550A08F: SDL_VideoInit_REAL (SDL_video.c:489)
==21733==    by 0x54704E6: SDL_InitSubSystem_REAL (SDL.c:173)

tags:	added: mir
Changed in mir:
status:	New → Incomplete

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-02-24:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in libsdl2 (Ubuntu):
status:	New → Confirmed

Daniel van Vugt (vanvugt) on 2017-02-24

summary:

- neverball randomly crashes on startup in
+ Neverball and Neverputt randomly crash on startup in
google::protobuf::MessageLite::InternalSerializeWithCachedSizesToArray
from mir_connect_sync

Daniel van Vugt (vanvugt) on 2017-03-08

Changed in mir:
milestone:	none → 1.0.0
assignee:	nobody → Brandon Schaefer (brandontschaefer)
importance:	Undecided → High
status:	Incomplete → In Progress

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1667352 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.