bug-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#25247: 26.0.50; Concurrency crashes


From: Eli Zaretskii
Subject: bug#25247: 26.0.50; Concurrency crashes
Date: Thu, 22 Dec 2016 19:28:48 +0200

> From: Tino Calancha <address@hidden>
> Date: Thu, 22 Dec 2016 19:20:21 +0900
> 
> 
> 1)
> Save a file /tmp/test.el with contains:
> 
> (defun mytest ()
>   (dotimes (n 10)
>     (message "[%d] Sleeping ..." n)
>     (sleep-for 0.5))
>   (message "End!")
>   (sleep-for 1)
>   (message nil))
> 
> (defun run-test ()
>   (dotimes (_ 50)
>     (make-thread #'mytest))
>   (message "Number of threads %d" (length (all-threads))))
> 
> ;; (run-test)
> 
> 2)
> emacs -Q -l /tmp/test.el
> ;; Evaluate (run-test) in buffer *scratch*; keep using Emacs, for instance,
> ;; split the window, and visit other buffers, or call (run-test) again:
> C-x 3
> C-x C-b
> C-o <down> RET
> ;; Sometimes Emacs crash or hangs.

Thanks.

It doesn't crash or hang here.  Which is not surprising, since the
backtraces seem to indicate some issue with X11/xcb and threads.  Ken,
could you take a look, please?  Are we violating some X11 protocols by
calling redisplay from different threads?

> Following is the backtrace:
> 
> (gdb) bt

When reporting backtraces with threads, please always show the
backtrace of all the threads in the process.  Like this:

  (gdb) thread apply all bt

> #12 0x000000000058f781 in terminate_due_to_signal (sig=6, 
> backtrace_limit=2147483647) at emacs.c:379
> #13 0x00000000006278aa in die (msg=0x76d3a8 "((uintptr_t) start) % 
> GC_POINTER_ALIGNMENT == 0", file=0x76cb30 "alloc.c", line=4893) at 
> alloc.c:7315
> #14 0x0000000000622c81 in mark_memory (start=0x7fffbda63b17, 
> end=0x7fffbda63b17) at alloc.c:4893
> #15 0x0000000000622cdb in mark_stack (bottom=0x7fffbda63b17 "", 
> end=0x7fffbda63b17 "") at alloc.c:5058
> #16 0x00000000006e02f1 in mark_one_thread (thread=0x161bd60 
> <bss_sbrk_buffer+8396672>) at thread.c:558

Looks like the byte stack is unaligned.  In run_thread I see this:

  static void *
  run_thread (void *state)
  {
    char stack_pos;
    struct thread_state *self = state;
    struct thread_state **iter;

    self->m_stack_bottom = &stack_pos;
    self->stack_top = &stack_pos;

which AFAIU could very well produce unaligned pointers.  Does the
patch below prevent this crash?

> (gdb) bt
> #0  __GI_raise (address@hidden) at ../sysdeps/unix/sysv/linux/raise.c:58
> #1  0x00007fffefa9940a in __GI_abort () at abort.c:89
> #2  0x00007fffefa90e47 in __assert_fail_base (fmt=<optimized out>, 
> address@hidden "!xcb_xlib_threads_sequence_lost", address@hidden 
> "../../src/xcb_io.c", address@hidden, address@hidden "poll_for_event") at 
> assert.c:92
> #3  0x00007fffefa90ef2 in __GI___assert_fail (assertion=0x7ffff493fc00 
> "!xcb_xlib_threads_sequence_lost", file=0x7ffff493fa6b "../../src/xcb_io.c", 
> line=259, function=0x7ffff493fea8 "poll_for_event") at assert.c:101
> #4  0x00007ffff48cd77a in ?? () from /usr/lib/x86_64-linux-gnu/libX11.so.6
> #5  0x00007ffff48cd82b in ?? () from /usr/lib/x86_64-linux-gnu/libX11.so.6
> #6  0x00007ffff48cdb1d in _XEventsQueued () from 
> /usr/lib/x86_64-linux-gnu/libX11.so.6
> #7  0x00007ffff48af58a in XFlush () from /usr/lib/x86_64-linux-gnu/libX11.so.6
> #8  0x0000000000541ff2 in x_flush (f=0x145ac30 <bss_sbrk_buffer+6557264>) at 
> xterm.c:257
> #9  0x0000000000543111 in x_flip_and_flush (f=0x145ac30 
> <bss_sbrk_buffer+6557264>) at xterm.c:1217
> #10 0x000000000058e269 in flush_frame (f=0x145ac30 <bss_sbrk_buffer+6557264>) 
> at frame.h:1481
> #11 0x0000000000467d3a in echo_area_display (update_frame_p=true) at 
> xdisp.c:11435
> #12 0x0000000000464e43 in message3_nolog (m=...) at xdisp.c:10413
> #13 0x0000000000464af1 in message3 (m=...) at xdisp.c:10342
> #14 0x000000000063e868 in Fmessage (nargs=2, args=0x7fff3b015360) at 
> editfns.c:3767

If you remove the calls to 'message' from the thread function, do
these problems go away?

> #2  0x00000000005bddd9 in emacs_abort () at sysdep.c:2364
> #3  0x00000000005a3903 in unblock_input_to (level=-1) at keyboard.c:7170
> #4  0x00000000005a391a in unblock_input () at keyboard.c:7186

Somehow more than one thread called block_input/unblock_input, sigh...


Here's the patch to try:

diff --git a/src/thread.c b/src/thread.c
index 6966df3..fcb7f69 100644
--- a/src/thread.c
+++ b/src/thread.c
@@ -644,12 +644,16 @@ do_nothing (Lisp_Object whatever)
 static void *
 run_thread (void *state)
 {
-  char stack_pos;
+  union
+  {
+    void *p;
+    char c;
+  } stack_pos;
   struct thread_state *self = state;
   struct thread_state **iter;
 
-  self->m_stack_bottom = &stack_pos;
-  self->stack_top = &stack_pos;
+  self->m_stack_bottom = (char *)&stack_pos;
+  self->stack_top = (char *)&stack_pos;
   self->thread_id = sys_thread_self ();
 
   acquire_global_lock (self);





reply via email to

[Prev in Thread] Current Thread [Next in Thread]