[FreeNX-kNX] Two crashes when suspending/resuming sessions
Mario Becroft
mb at gem.win.co.nz
Tue Jan 6 13:24:47 UTC 2009
When using the Centos 5.2 rpm packages, the nomachine rpm packages, and
a completely self-built version of the nx libraries and binaries, in all
cases I get occasional crashes when suspending or resuming sessions.
I have core dumps of two of them, and I include my analysis of these two
crashes here.
Maybe these crashes mean something to someone?
It is hard to pin down under what conditions the crashes occur. This
sounds vague, but when I login to a session from only one host, I never
have a problem. These crashes tend to occur when resuming a session from
various different hosts. I am quite certain about this. For example, I
have a session that I have suspended and resumed about 100 times with no
problems from only one host. If I then start suspending and resuming the
same session from 3 different hosts, it crashes within 10 tries.
I am at a loss on how to further diagnose these problems. Any help would
be much appreciated.
I am running this on Centos 5.2 on x86_64. The information below is all
from the self-built version of nx 3.3.0. (I was not able to get useful
output from gdb on the CentOS or nomachine rpm versions.)
*** Crash 1 ***
Crashed either when disconnecting from a session or when trying to resume it.
(gdb) bt
#0 0x0000000000491494 in nxagentDisconnectWindow (p0=0x3d4b3f0, x1=0,
p2=0x7fff20dfbe0c) at Window.c:2550
#1 0x0000000000494ce8 in nxagentTraverseWindow (pWin=0xe1ce60,
pF=0x4913d0 <nxagentDisconnectWindow>, p=0x7fff20dfbe0c) at Window.c:2709
#2 0x0000000000494ccc in nxagentTraverseWindow (pWin=0x18ed340,
pF=0x4913d0 <nxagentDisconnectWindow>, p=0x7fff20dfbe0c) at Window.c:2718
#3 0x0000000000494c7c in nxagentTraverseWindow (pWin=0x3d2ab60,
pF=0x4913d0 <nxagentDisconnectWindow>, p=0x7fff20dfbe0c) at Window.c:2713
#4 0x0000000000494c7c in nxagentTraverseWindow (pWin=0x3191b60,
pF=0x4913d0 <nxagentDisconnectWindow>, p=0x7fff20dfbe0c) at Window.c:2713
#5 0x00000000004951d5 in nxagentDisconnectAllWindows () at Window.c:2718
#6 0x000000000049ff25 in nxagentDisconnectSession () at Reconnect.c:353
#7 0x00000000004a067f in nxagentHandleConnectionStates () at Reconnect.c:189
#8 0x0000000000483055 in nxagentWakeupHandler (data=0x3d4b3f0, count=0,
mask=0xaf2140) at Handlers.c:565
#9 0x000000000044b47e in WakeupHandler (result=0, pReadmask=0xaf2140)
at dixutils.c:472
#10 0x0000000000456f95 in WaitForSomething (pClientsReady=0x7fff20dfc140)
at WaitFor.c:389
#11 0x0000000000427071 in Dispatch () at X/NXdispatch.c:610
#12 0x000000000045043c in main (argc=13, argv=0x7fff20dfc7a8,
envp=<value optimized out>) at main.c:450
(gdb) p nxagentWindowPrivateIndex
$16 = 0
(gdb) p *(WindowPtr)p0
$12 = {drawable = {type = 0 '\0', class = 1 '\001', depth = 24 '\030',
bitsPerPixel = 32 ' ', id = 41984818, x = -1, y = -1, width = 1,
height = 1, pScreen = 0x15de550, serialNumber = 852220},
parent = 0xe1ce60, nextSib = 0x0, prevSib = 0x0, firstChild = 0x0,
lastChild = 0x0, clipList = {extents = {x1 = 0, y1 = 0, x2 = 0, y2 = 0},
data = 0xad0410}, borderClip = {extents = {x1 = 0, y1 = 0, x2 = 0,
y2 = 0}, data = 0xad0410}, valdata = 0x0, winSize = {extents = {x1 = 0,
y1 = 0, x2 = 0, y2 = 0}, data = 0xad0410}, borderSize = {extents = {
x1 = 0, y1 = 0, x2 = 0, y2 = 0}, data = 0xad0410}, origin = {x = 0,
y = 0}, borderWidth = 0, deliverableEvents = 32895, eventMask = 4423804,
background = {pixmap = 0x0, pixel = 0}, border = {pixmap = 0x0, pixel = 0},
backStorage = 0x0, optional = 0x1cf71f0, backgroundState = 0,
borderIsPixel = 1, cursorIsNone = 1, backingStore = 0, saveUnder = 0,
DIXsaveUnder = 0, bitGravity = 1, winGravity = 1, overrideRedirect = 0,
visibility = 3, mapped = 0, realized = 0, viewable = 0, dontPropagate = 0,
forcedBS = 0, redirectDraw = 0, devPrivates = 0x3d4b4c8}
(gdb) p *(nxagentPrivWindowPtr)(*(WindowPtr)p0)->devPrivates.ptr
$19 = {window = 0, x = 0, y = 0, width = 1, height = 1, borderWidth = 0,
siblingAbove = 0, backingStore = 0, boundingShape = 0x0, clipShape = 0x0,
pPicture = 0x0, isMapped = 0, isRedirected = 0, visibilityState = 0,
corruptedRegion = 0x7f45187515d0, hasTransparentChildren = 0,
containGlyphs = 0, deferredBackgroundExpose = 0, corruptedId = 0,
synchronizationBitmap = 0x0, corruptedTimestamp = 0, splitResource = 0x0}
# it is crashing on the following line:
# if (nxagentDrawableStatus((DrawablePtr) pWin) == NotSynchronized)
# nxagentDrawableStatus is a macro that eventually looks at corruptedRegion.
# corruptedRegion looks bogus
*** Crash 2 ***
(gdb) bt
#0 0x00007fb1995ff865 in _int_malloc () from /lib64/libc.so.6
#1 0x00007fb199600efd in malloc () from /lib64/libc.so.6
#2 0x000000000047a557 in nxagentSplitString (string=<value optimized out>,
fields=<value optimized out>, nfields=15, sep=0x806e13 "-") at Font.c:1731
#3 0x000000000047b9b2 in nxagentLoadBestQueryFont (dpy=0xbb03d0,
fontName=0x18aa188 "-Adobe-Helvetica-Bold-R-Normal--10-100-75-75-P-60-ISO88$
#4 0x000000000047c079 in nxagentReconnectFailedFonts (
p0=<value optimized out>) at Font.c:1202
#5 0x00000000004a0164 in nxagentReconnectSession () at Reconnect.c:448
#6 0x00000000004a04f0 in nxagentHandleConnectionChanges () at Reconnect.c:782
#7 0x00000000004a067f in nxagentHandleConnectionStates () at Reconnect.c:189
#8 0x0000000000483055 in nxagentWakeupHandler (data=0x7fb1998dc9a0, count=-1,
mask=0xaf2140) at Handlers.c:565
#9 0x000000000044b47e in WakeupHandler (result=-1, pReadmask=0xaf2140)
at dixutils.c:472
#10 0x0000000000456f95 in WaitForSomething (pClientsReady=0x7fffa3c51f90)
at WaitFor.c:389
#11 0x0000000000427071 in Dispatch () at X/NXdispatch.c:610
#12 0x000000000045043c in main (argc=13, argv=0x7fffa3c525f8,
envp=<value optimized out>) at main.c:450
(gdb) p current
$3 = 0x18aa1c2 "1"
# Alas, fieldlen and next are optimised out, so we cannot see what was
# actually being malloc()ed. It looks like the call to malloc() is probably
# sensible though. So it must be memory corruption :-(
--
Mario Becroft <mb at gem.win.co.nz>
More information about the FreeNX-kNX
mailing list