Bug 46234

Summary: dbus_connection_send_with_reply_and_block timeout and crash in mutli-thread use
Product: dbus Reporter: tuqiang2009
Component: coreAssignee: Havoc Pennington <hp>
Status: RESOLVED WORKSFORME QA Contact: John (J5) Palmieri <johnp>
Severity: normal    
Priority: medium CC: msniko14
Version: 1.5   
Hardware: All   
OS: All   
Whiteboard: threads
i915 platform: i915 features:
Attachments: It contain from start and the crash. Thanks

Description tuqiang2009 2012-02-17 08:08:04 UTC 
open a connection, setup the connection with a mainloop using the code from test/test-utils.c. 2 threads use that connection and call dbus_connection_send_with_reply_and_block with a 5S timeout. When each thread make dbus call at high speed (> 800/S), in 1 minute, you can see one thread timeout occasionally , and very soon it will crash. This is 100% reproducible on 1.4.14.
attach the DBUS_VERBOSE log, I can see frequently it halt at [dbus-connection.c(1095):_dbus_connection_acquire_io_path] waiting for IO path to be acquirable.

could not find timeout 0x808a128 function 0x804d808 data 0x808bb50 to remove
*** glibc detected *** /home/qtu/ccsp_msg_bus/ptmsg: malloc(): memory corruption (fast): 0x0808c187 ***
======= Backtrace: =========
/lib/libc.so.6[0xb7e3a4]
/lib/libc.so.6[0xb81356]
/lib/libc.so.6(__libc_calloc+0xef)[0xb8248f]
/home/qtu/ccsp_msg_bus/ptmsg(dbus_malloc0+0x2b)[0x8064d3b]
/home/qtu/ccsp_msg_bus/ptmsg[0x805ca0e]
/home/qtu/ccsp_msg_bus/ptmsg[0x805c380]
/home/qtu/ccsp_msg_bus/ptmsg(dbus_connection_send_with_reply+0xab)[0x805570b]
/home/qtu/ccsp_msg_bus/ptmsg(dbus_connection_send_with_reply_and_block+0xb8)[0x8055a68]
/home/qtu/ccsp_msg_bus/ptmsg[0x804fffb]
/home/qtu/ccsp_msg_bus/ptmsg[0x804d158]
/home/qtu/ccsp_msg_bus/ptmsg[0x804d67c]
/lib/libc.so.6(__libc_start_main+0xe5)[0xb256e5]
/home/qtu/ccsp_msg_bus/ptmsg[0x804cde1]
======= Memory map: ========
00110000-00126000 r-xp 00000000 fd:00 1158061    /lib/libpthread-2.9.so
00126000-00127000 r--p 00015000 fd:00 1158061    /lib/libpthread-2.9.so
00127000-00128000 rw-p 00016000 fd:00 1158061    /lib/libpthread-2.9.so
00128000-0012a000 rw-p 00128000 00:00 0
0072e000-0072f000 r-xp 0072e000 00:00 0          [vdso]
00aea000-00b0a000 r-xp 00000000 fd:00 12597      /lib/ld-2.9.so
00b0b000-00b0c000 r--p 00020000 fd:00 12597      /lib/ld-2.9.so
00b0c000-00b0d000 rw-p 00021000 fd:00 12597      /lib/ld-2.9.so
00b0f000-00c7d000 r-xp 00000000 fd:00 1158060    /lib/libc-2.9.so
00c7d000-00c7f000 r--p 0016e000 fd:00 1158060    /lib/libc-2.9.so
00c7f000-00c80000 rw-p 00170000 fd:00 1158060    /lib/libc-2.9.so
00c80000-00c83000 rw-p 00c80000 00:00 0
00cb1000-00cee000 r-xp 00000000 08:11 34166      /home/qtu/work/ControlPlane/build/pc/bbhm/libdbus-1.so.3.5.7
00cee000-00cef000 rw-p 0003d000 08:11 34166      /home/qtu/work/ControlPlane/build/pc/bbhm/libdbus-1.so.3.5.7
00ded000-00df5000 r-xp 00000000 fd:00 1158062    /lib/librt-2.9.so
00df5000-00df6000 r--p 00007000 fd:00 1158062    /lib/librt-2.9.so
00df6000-00df7000 rw-p 00008000 fd:00 1158062    /lib/librt-2.9.so
07460000-0746d000 r-xp 00000000 fd:00 1155126    /lib/libgcc_s-4.3.2-20081105.so.1
0746d000-0746e000 rw-p 0000c000 fd:00 1155126    /lib/libgcc_s-4.3.2-20081105.so.1
08048000-08089000 r-xp 00000000 fd:00 141526     /home/qtu/ccsp_msg_bus/ptmsg
08089000-0808a000 rw-p 00040000 fd:00 141526     /home/qtu/ccsp_msg_bus/ptmsg
0808a000-080ab000 rw-p 0808a000 00:00 0          [heap]
b5600000-b5621000 rw-p b5600000 00:00 0
b5621000-b5700000 ---p b5621000 00:00 0
b57e9000-b57ea000 ---p b57e9000 00:00 0
b57ea000-b61ea000 rw-p b57ea000 00:00 0
b61ea000-b61eb000 ---p b61ea000 00:00 0
b61eb000-b6beb000 rw-p b61eb000 00:00 0
b6beb000-b6bec000 ---p b6beb000 00:00 0
b6bec000-b75ec000 rw-p b6bec000 00:00 0
b75ec000-b75ed000 ---p b75ec000 00:00 0
b75ed000-b7fef000 rw-p b75ed000 00:00 0
b7ffe000-b8000000 rw-p b7ffe000 00:00 0
bffeb000-c0000000 rw-p bffeb000 00:00 0          [stack]

Program received signal SIGABRT, Aborted.
0x0072e416 in __kernel_vsyscall ()
Missing separate debuginfos, use: debuginfo-install libgcc-4.3.2-7.i386
(gdb)  bt
#0  0x0072e416 in __kernel_vsyscall ()
#1  0x00b3a460 in raise () from /lib/libc.so.6
#2  0x00b3be28 in abort () from /lib/libc.so.6
#3  0x00b77fed in __libc_message () from /lib/libc.so.6
#4  0x00b7e3a4 in malloc_printerr () from /lib/libc.so.6
#5  0x00b81356 in _int_malloc () from /lib/libc.so.6
#6  0x00b8248f in calloc () from /lib/libc.so.6
#7  0x08064d3b in dbus_malloc0 (bytes=6) at dbus-memory.c:536
#8  0x0805ca0e in _dbus_timeout_new (interval=5000, handler=0x8055b60 <reply_handler_timeout>, data=0x808cda8, free_data_function=0) at dbus-timeout.c:70
#9  0x0805c380 in _dbus_pending_call_new_unlocked (connection=0x808bd00, timeout_milliseconds=5000, timeout_handler=0x8055b60 <reply_handler_timeout>)
    at dbus-pending-call.c:119
#10 0x0805570b in dbus_connection_send_with_reply (connection=0x808bd00, message=0x808da20, pending_return=0xbffff578, timeout_milliseconds=5000)
    at dbus-connection.c:3379
#11 0x08055a68 in dbus_connection_send_with_reply_and_block (connection=0x808bd00, message=0x808da20, timeout_milliseconds=5000, error=0xbffff5a8)
    at dbus-connection.c:3502
#12 0x0804fffb in CCSP_Message_Bus_Send_Msg_Block (bus_handle=0x808a428, message=0x808da20, timeout_mseconds=5000, result=0xbffff60c) at ccsp_message_bus.c:1416
Comment 1 tuqiang2009 2012-02-17 08:09:52 UTC 
Created attachment 57214 [details]
It contain from start and the crash. Thanks
Comment 2 Simon McVittie 2012-02-20 03:04:54 UTC 
This might be Bug #43744.
Comment 3 Simon McVittie 2012-03-12 11:24:53 UTC 
Did you call dbus_threads_init() or dbus_threads_init_default() before any other use of libdbus?

Does this persist in dbus >= 1.5.10?
Comment 4 Simon McVittie 2014-09-23 14:42:01 UTC 
Requested info not provided in 2.5 years, closing WORKSFORME

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.