[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#25247: 26.0.50; Concurrency crashes
From: |
Eli Zaretskii |
Subject: |
bug#25247: 26.0.50; Concurrency crashes |
Date: |
Thu, 22 Dec 2016 19:28:48 +0200 |
> From: Tino Calancha <tino.calancha@gmail.com>
> Date: Thu, 22 Dec 2016 19:20:21 +0900
>
>
> 1)
> Save a file /tmp/test.el with contains:
>
> (defun mytest ()
> (dotimes (n 10)
> (message "[%d] Sleeping ..." n)
> (sleep-for 0.5))
> (message "End!")
> (sleep-for 1)
> (message nil))
>
> (defun run-test ()
> (dotimes (_ 50)
> (make-thread #'mytest))
> (message "Number of threads %d" (length (all-threads))))
>
> ;; (run-test)
>
> 2)
> emacs -Q -l /tmp/test.el
> ;; Evaluate (run-test) in buffer *scratch*; keep using Emacs, for instance,
> ;; split the window, and visit other buffers, or call (run-test) again:
> C-x 3
> C-x C-b
> C-o <down> RET
> ;; Sometimes Emacs crash or hangs.
Thanks.
It doesn't crash or hang here. Which is not surprising, since the
backtraces seem to indicate some issue with X11/xcb and threads. Ken,
could you take a look, please? Are we violating some X11 protocols by
calling redisplay from different threads?
> Following is the backtrace:
>
> (gdb) bt
When reporting backtraces with threads, please always show the
backtrace of all the threads in the process. Like this:
(gdb) thread apply all bt
> #12 0x000000000058f781 in terminate_due_to_signal (sig=6,
> backtrace_limit=2147483647) at emacs.c:379
> #13 0x00000000006278aa in die (msg=0x76d3a8 "((uintptr_t) start) %
> GC_POINTER_ALIGNMENT == 0", file=0x76cb30 "alloc.c", line=4893) at
> alloc.c:7315
> #14 0x0000000000622c81 in mark_memory (start=0x7fffbda63b17,
> end=0x7fffbda63b17) at alloc.c:4893
> #15 0x0000000000622cdb in mark_stack (bottom=0x7fffbda63b17 "",
> end=0x7fffbda63b17 "") at alloc.c:5058
> #16 0x00000000006e02f1 in mark_one_thread (thread=0x161bd60
> <bss_sbrk_buffer+8396672>) at thread.c:558
Looks like the byte stack is unaligned. In run_thread I see this:
static void *
run_thread (void *state)
{
char stack_pos;
struct thread_state *self = state;
struct thread_state **iter;
self->m_stack_bottom = &stack_pos;
self->stack_top = &stack_pos;
which AFAIU could very well produce unaligned pointers. Does the
patch below prevent this crash?
> (gdb) bt
> #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
> #1 0x00007fffefa9940a in __GI_abort () at abort.c:89
> #2 0x00007fffefa90e47 in __assert_fail_base (fmt=<optimized out>,
> assertion=assertion@entry=0x7ffff493fc00 "!xcb_xlib_threads_sequence_lost",
> file=file@entry=0x7ffff493fa6b "../../src/xcb_io.c", line=line@entry=259,
> function=function@entry=0x7ffff493fea8 "poll_for_event") at assert.c:92
> #3 0x00007fffefa90ef2 in __GI___assert_fail (assertion=0x7ffff493fc00
> "!xcb_xlib_threads_sequence_lost", file=0x7ffff493fa6b "../../src/xcb_io.c",
> line=259, function=0x7ffff493fea8 "poll_for_event") at assert.c:101
> #4 0x00007ffff48cd77a in ?? () from /usr/lib/x86_64-linux-gnu/libX11.so.6
> #5 0x00007ffff48cd82b in ?? () from /usr/lib/x86_64-linux-gnu/libX11.so.6
> #6 0x00007ffff48cdb1d in _XEventsQueued () from
> /usr/lib/x86_64-linux-gnu/libX11.so.6
> #7 0x00007ffff48af58a in XFlush () from /usr/lib/x86_64-linux-gnu/libX11.so.6
> #8 0x0000000000541ff2 in x_flush (f=0x145ac30 <bss_sbrk_buffer+6557264>) at
> xterm.c:257
> #9 0x0000000000543111 in x_flip_and_flush (f=0x145ac30
> <bss_sbrk_buffer+6557264>) at xterm.c:1217
> #10 0x000000000058e269 in flush_frame (f=0x145ac30 <bss_sbrk_buffer+6557264>)
> at frame.h:1481
> #11 0x0000000000467d3a in echo_area_display (update_frame_p=true) at
> xdisp.c:11435
> #12 0x0000000000464e43 in message3_nolog (m=...) at xdisp.c:10413
> #13 0x0000000000464af1 in message3 (m=...) at xdisp.c:10342
> #14 0x000000000063e868 in Fmessage (nargs=2, args=0x7fff3b015360) at
> editfns.c:3767
If you remove the calls to 'message' from the thread function, do
these problems go away?
> #2 0x00000000005bddd9 in emacs_abort () at sysdep.c:2364
> #3 0x00000000005a3903 in unblock_input_to (level=-1) at keyboard.c:7170
> #4 0x00000000005a391a in unblock_input () at keyboard.c:7186
Somehow more than one thread called block_input/unblock_input, sigh...
Here's the patch to try:
diff --git a/src/thread.c b/src/thread.c
index 6966df3..fcb7f69 100644
--- a/src/thread.c
+++ b/src/thread.c
@@ -644,12 +644,16 @@ do_nothing (Lisp_Object whatever)
static void *
run_thread (void *state)
{
- char stack_pos;
+ union
+ {
+ void *p;
+ char c;
+ } stack_pos;
struct thread_state *self = state;
struct thread_state **iter;
- self->m_stack_bottom = &stack_pos;
- self->stack_top = &stack_pos;
+ self->m_stack_bottom = (char *)&stack_pos;
+ self->stack_top = (char *)&stack_pos;
self->thread_id = sys_thread_self ();
acquire_global_lock (self);
- bug#25247: 26.0.50; Concurrency crashes, Tino Calancha, 2016/12/22
- bug#25247: 26.0.50; Concurrency crashes,
Eli Zaretskii <=
- bug#25247: 26.0.50; Concurrency crashes, Tino Calancha, 2016/12/22
- bug#25247: 26.0.50; Concurrency crashes, Eli Zaretskii, 2016/12/23
- bug#25247: 26.0.50; Concurrency crashes, Tino Calancha, 2016/12/23
- bug#25247: 26.0.50; Concurrency crashes, Eli Zaretskii, 2016/12/23
- bug#25247: 26.0.50; Concurrency crashes with XLib, Tino Calancha, 2016/12/29
- bug#25247: 26.0.50; Concurrency crashes with XLib, Eli Zaretskii, 2016/12/29
- bug#25247: 26.0.50; Concurrency crashes with XLib, Tino Calancha, 2016/12/29
- bug#25247: 26.0.50; Concurrency crashes with XLib, Ken Raeburn, 2016/12/30
- bug#25247: 26.0.50; Concurrency crashes with XLib, Eli Zaretskii, 2016/12/30
- bug#25247: 26.0.50; Concurrency crashes with XLib, Eli Zaretskii, 2016/12/30