segfault: cb_media_downloader_load_threaded – g_mutex_lock

[EdwardBetts]

Backtrace from gdb. Version 1.5.1

#0  0x00007f8371cff475 in g_mutex_lock (mutex=mutex@entry=0x2750) at ././glib/gthread-posix.c:1336
#1  0x00007f8371cb7501 in g_source_attach (source=0x7f8330005f90, context=0x2750) at ././glib/gmain.c:1215
#2  0x00007f8374617998 in soup_add_timeout () at /usr/lib/x86_64-linux-gnu/libsoup-2.4.so.1
#3  0x00007f83746009f0 in  () at /usr/lib/x86_64-linux-gnu/libsoup-2.4.so.1
#4  0x00007f83746017c3 in  () at /usr/lib/x86_64-linux-gnu/libsoup-2.4.so.1
#5  0x00007f8374625aaf in  () at /usr/lib/x86_64-linux-gnu/libsoup-2.4.so.1
#6  0x00007f83746260ae in  () at /usr/lib/x86_64-linux-gnu/libsoup-2.4.so.1
#7  0x0000555838ea7517 in cb_media_downloader_load_threaded (media=0x55583d136b00 [CbMedia], downloader=0x55583cf35030 [CbMediaDownloader]) at CbMediaDownloader.c:321
#8  0x0000555838ea7517 in load_in_thread (task=0x55583d111900 [GTask], source_object=0x55583cf35030, task_data=0x55583d136b00, cancellable=<optimized out>) at CbMediaDownloader.c:353
#9  0x00007f837226152d in g_task_thread_pool_thread (thread_data=0x55583d111900, pool_data=<optimized out>) at ././gio/gtask.c:1328
#10 0x00007f8371ce1eee in g_thread_pool_thread_proxy (data=<optimized out>) at ././glib/gthreadpool.c:307
#11 0x00007f8371ce14f5 in g_thread_proxy (data=0x55583cf4f2d0) at ././glib/gthread.c:784
#12 0x00007f8370efa494 in start_thread (arg=0x7f834e213700) at pthread_create.c:333
#13 0x00007f83719b8a8f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97

[Vistaus]

In what situation do you experience this?

[EdwardBetts]

A minute or two after starting corebird. I might've been scrolling at the time, not sure.

[Vistaus]

Can't reproduce it. What OS do you use?

[EdwardBetts]

Debian. I can't reproduce it either.

[baedert]

The libsoup debug symbols are missing unfortunately but from the cases where soup_add_timeout is called inside libsoup it seems like this happens when the connection dies at some point during a soup_session_send_message call.

[EdwardBetts]

Here is the backtrace with libsoup debug symbols installed.

#0  0x00007f8371cff475 in g_mutex_lock (mutex=mutex@entry=0x2750) at ././glib/gthread-posix.c:1336
#1  0x00007f8371cb7501 in g_source_attach (source=source@entry=0x7f8330005f90, context=context@entry=0x2750) at ././glib/gmain.c:1215
#2  0x00007f8374617998 in soup_add_timeout (async_context=0x2750, interval=<optimized out>, function=function@entry=0x7f8374601940 <idle_timeout>, data=data@entry=0x55583ce50060)
    at soup-misc.c:182
#3  0x00007f83746009f0 in start_idle_timer (conn=conn@entry=0x55583ce50060 [SoupConnection]) at soup-connection.c:226
#4  0x00007f83746017c3 in soup_connection_connect_sync (conn=0x55583ce50060 [SoupConnection], cancellable=0x55583d110c50 [GCancellable], error=error@entry=0x7f834e212ab0)
    at soup-connection.c:474
#5  0x00007f8374625aaf in get_connection (should_cleanup=<optimized out>, item=0x7f83480041a0) at soup-session.c:1944
#6  0x00007f8374625aaf in soup_session_process_queue_item (session=<optimized out>, item=0x7f83480041a0, should_cleanup=<optimized out>, loop=<optimized out>) at soup-session.c:1965
#7  0x00007f83746260ae in soup_session_real_send_message (session=0x55583aede7c0 [SoupSession], msg=0x7f83300060c0 [SoupMessage]) at soup-session.c:2219
#8  0x0000555838ea7517 in cb_media_downloader_load_threaded (media=0x55583d136b00 [CbMedia], downloader=0x55583cf35030 [CbMediaDownloader]) at CbMediaDownloader.c:321
#9  0x0000555838ea7517 in load_in_thread (task=0x55583d111900 [GTask], source_object=0x55583cf35030, task_data=0x55583d136b00, cancellable=<optimized out>) at CbMediaDownloader.c:353
#10 0x00007f837226152d in g_task_thread_pool_thread (thread_data=0x55583d111900, pool_data=<optimized out>) at ././gio/gtask.c:1328
#11 0x00007f8371ce1eee in g_thread_pool_thread_proxy (data=<optimized out>) at ././glib/gthreadpool.c:307
#12 0x00007f8371ce14f5 in g_thread_proxy (data=0x55583cf4f2d0) at ././glib/gthread.c:784
#13 0x00007f8370efa494 in start_thread (arg=0x7f834e213700) at pthread_create.c:333
#14 0x00007f83719b8a8f in next_line (fd=<optimized out>, buffer=0x7f834e213700 "", cp=0x0, re=0x0, buffer_end=<optimized out>) at ../sysdeps/unix/sysv/linux/getsysstats.c:94
#15 0x0000000000000000 in  ()

[baedert]

Are you sure that's showing the right thread? What does taabt in gdb print?

[EdwardBetts]

(gdb) taabt
Undefined command: "taabt".  Try "help".
(gdb) 

[EdwardBetts]

Does this help?

Stack trace of thread 20219:
#0  0x00007f8371cff475 g_mutex_lock (libglib-2.0.so.0)
#1  0x00007f8371cb7501 g_source_attach (libglib-2.0.so.0)
#2  0x00007f8374617998 soup_add_timeout (libsoup-2.4.so.1)
#3  0x00007f83746009f0 n/a (libsoup-2.4.so.1)
#4  0x00007f83746017c3 n/a (libsoup-2.4.so.1)
#5  0x00007f8374625aaf n/a (libsoup-2.4.so.1)
#6  0x00007f83746260ae n/a (libsoup-2.4.so.1)
#7  0x0000555838ea7517 cb_media_downloader_load_threaded (corebird)
#8  0x00007f837226152d g_task_thread_pool_thread (libgio-2.0.so.0)
#9  0x00007f8371ce1eee g_thread_pool_thread_proxy (libglib-2.0.so.0)
#10 0x00007f8371ce14f5 g_thread_proxy (libglib-2.0.so.0)
#11 0x00007f8370efa494 start_thread (libpthread.so.0)
#12 0x00007f83719b8a8f __clone (libc.so.6)

Stack trace of thread 20220:
#0  0x00007f83719b41e9 syscall (libc.so.6)
#1  0x00007f8371cff6fa g_cond_wait_until (libglib-2.0.so.0)
#2  0x00007f8371c8df49 g_async_queue_pop_intern_unlocked (libglib-2.0.so.0)
#3  0x00007f8371ce1ec6 g_thread_pool_wait_for_new_task (libglib-2.0.so.0)
#4  0x00007f8371ce14f5 g_thread_proxy (libglib-2.0.so.0)
#5  0x00007f8370efa494 start_thread (libpthread.so.0)
#6  0x00007f83719b8a8f __clone (libc.so.6)

Stack trace of thread 19926:
#0  0x00007f83719af63d poll (libc.so.6)
#1  0x00007f8371cb9c16 g_main_context_poll (libglib-2.0.so.0)
#2  0x00007f8371cb9fa2 g_main_loop_run (libglib-2.0.so.0)
#3  0x00007f83722a2286 gdbus_shared_thread_func (libgio-2.0.so.0)
#4  0x00007f8371ce14f5 g_thread_proxy (libglib-2.0.so.0)
#5  0x00007f8370efa494 start_thread (libpthread.so.0)
#6  0x00007f83719b8a8f __clone (libc.so.6)

Stack trace of thread 20221:
#0  0x00007f83719b41e9 syscall (libc.so.6)
#1  0x00007f8371cff6fa g_cond_wait_until (libglib-2.0.so.0)
#2  0x00007f8371c8df49 g_async_queue_pop_intern_unlocked (libglib-2.0.so.0)
#3  0x00007f8371ce1ec6 g_thread_pool_wait_for_new_task (libglib-2.0.so.0)
#4  0x00007f8371ce14f5 g_thread_proxy (libglib-2.0.so.0)
#5  0x00007f8370efa494 start_thread (libpthread.so.0)
#6  0x00007f83719b8a8f __clone (libc.so.6)

Stack trace of thread 19924:
#0  0x00007f83719af63d poll (libc.so.6)
#1  0x00007f8371cb9c16 g_main_context_poll (libglib-2.0.so.0)
#2  0x00007f8371cb9d2c g_main_context_iteration (libglib-2.0.so.0)
#3  0x00007f8365ff346d n/a (libdconfsettings.so)
#4  0x00007f8371ce14f5 g_thread_proxy (libglib-2.0.so.0)
#5  0x00007f8370efa494 start_thread (libpthread.so.0)
#6  0x00007f83719b8a8f __clone (libc.so.6)

Stack trace of thread 19925:
#0  0x00007f83719af63d poll (libc.so.6)
#1  0x00007f8371cb9c16 g_main_context_poll (libglib-2.0.so.0)
#2  0x00007f8371cb9d2c g_main_context_iteration (libglib-2.0.so.0)
#3  0x00007f8371cb9d71 glib_worker_main (libglib-2.0.so.0)
#4  0x00007f8371ce14f5 g_thread_proxy (libglib-2.0.so.0)
#5  0x00007f8370efa494 start_thread (libpthread.so.0)
#6  0x00007f83719b8a8f __clone (libc.so.6)

Stack trace of thread 19922:
#0  0x00007f83719af63d poll (libc.so.6)
#1  0x00007f8371cb9c16 g_main_context_poll (libglib-2.0.so.0)
#2  0x00007f8371cb9d2c g_main_context_iteration (libglib-2.0.so.0)
#3  0x00007f837227629d g_application_run (libgio-2.0.so.0)
#4  0x0000555838e31233 _vala_main (corebird)
#5  0x00007f83718f02b1 __libc_start_main (libc.so.6)
#6  0x0000555838e310ca _start (corebird)

[baedert]

I think the problem is similar to https://bugzilla.gnome.org/show_bug.cgi?id=785110 so I've switched the media downloader to use one SoupSession per task, let's see if it still occurs.

[Vistaus]

@EdwardBetts Now that baedert has commited a possible fix last week, does this issue still occur?

[EdwardBetts]

@Vistaus Sorry, I can't reproduce this bug. Let's say it is fixed, but we can reopen if needs be.