Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Paintbrush Fillbucket Function is Crashing Whole System #612

Closed
echza opened this issue Sep 28, 2019 · 8 comments

Comments

@echza
Copy link

commented Sep 28, 2019

It is not doing everytime but when it does whole system crashes.

signal 17 was ignored by Terminal(12)
PaintBrush(17): perror(): Broken pipe
USERSPACE(17) ASSERTION FAILED: false
/home/echza/Masaüstü/serenity/Libraries/LibCore/CoreIPCClient.h:151 in bool IPC::Client::Connection<ServerMessage, ClientMessage>::post_message_to_server(const ClientMessage&, const AK::ByteBuffer&&) [with ServerMessage = WSAPI_ServerMessage; ClientMessage = WSAPI_ClientMessage]
signal: PaintBrush(17) sent 6 to PaintBrush(17)
terminate_due_to_signal PaintBrush(17) <- 6
Finalizing Thread 0 in PaintBrush(17)
0x0002f133  Scheduler::switch_now() +51
0x0002f5d7  Scheduler::yield() +69
0x00022e65  Thread::block_helper() +27
0x0004efe6  Thread::BlockResult Thread::block<Thread::SemiPermanentBlocker, Thread::SemiPermanentBlocker::Reason>(Thread::SemiPermanentBlocker::Reason&&) +118
0x0001badb  Process::sys$kill(int, int) +189
0x00024bb7  syscall_trap_entry +545
0x0002494c  syscall_trap_handler +38
0x0809baf6  raise +22
0x080482bd  abort +13
0x0809ba7e  kill +0
0x08051d17  _ZN3IPC6Client10ConnectionI19WSAPI_ServerMessage19WSAPI_ClientMessageE22post_message_to_serverERKS3_OKN2AK10ByteBufferE +145
0x0805c86f  _ZZN7GWindow6updateERK4RectENKUlRT_E_clI7CObjectEEDaS4_.isra.210 +475
0x0807f150  _ZN10CEventLoop4pumpENS_8WaitModeE +418
0x0807f30f  _ZN10CEventLoop4execEv +43
0x08052917  _ZN12GApplication4execEv +29
0x08048716  main +993
0x08048a79  _start +94

Finalizing Process PaintBrush(17)
signal: PaintBrush(17) sent 17 to Launcher(13)
@bugaevc

This comment has been minimized.

Copy link
Member

commented Sep 29, 2019

The stack trace looks like just the PaintBrush app doesn't respond to WindowServer fast enough and gets terminated. Does it really crash the whole system? Can you attach the logs of the rest of the system crashing?

@danboid

This comment has been minimized.

Copy link
Contributor

commented Sep 29, 2019

I've not been able to trigger a crash using the bucket fill.

@echza

This comment has been minimized.

Copy link
Author

commented Sep 29, 2019

The stack trace looks like just the PaintBrush app doesn't respond to WindowServer fast enough and gets terminated. Does it really crash the whole system? Can you attach the logs of the rest of the system crashing?

I don't know how to get logs extensively

I've not been able to trigger a crash using the bucket fill.

Click paint bucket really fast and consequently

@danboid

This comment has been minimized.

Copy link
Contributor

commented Sep 29, 2019

I'm still struggling to get this crash, even clicking bucket fill as fast as I can for over a minute. Will try it on bare metal tomorrow.

@xeons

This comment has been minimized.

Copy link
Contributor

commented Oct 1, 2019

I managed to trigger the bug. Seems to happen if you manage to trigger a fill operation before the previous fill operation has completed. It does seem to bring the entire system down.

@bugaevc

This comment has been minimized.

Copy link
Member

commented Oct 1, 2019

It does seem to bring the entire system down.

Can you please get us the log of what it looks like? Is there an OOM in the kernel or something?

@xeons

This comment has been minimized.

Copy link
Contributor

commented Oct 1, 2019

You have to be quick, just keep changing colors and filling.

WindowServer(9): [WM] WSWindow{0x0179c806} title set to "PaintBrush"
WindowServer(9): WindowServer: Sharing icon buffer 37 with PID 11
Connection::post_message: Client buffer overflowed.
Connection{0x0113020e} (id=6, pid=19) misbehaved, disconnecting.
WindowServer(9) Couldn't find user region for V0xededee55
NP(error) fault at invalid address V0xededee55
WindowServer(9:0) Unrecoverable page fault, read from address 0xededee55
Note: Address 0xededee55 looks like it may be recently free()'d memory
CRASH: Page Fault Process: WindowServer(9)
exception code: 0004
  pc=001b:0804e804 ds=0023 es=0023 fs=0023 gs=07d3
 stk=0023:0111a790
kstk=0010:c0a0b000, base=c09fb000
eax=edededed ebx=0112c016 ecx=00000000 edx=01109008
ebp=0111a7f8 esp=0111a790 esi=0111a7bc edi=018e8016
code: 80 78 68 00 75 06 80 78
0x0804e804  _ZN15WSWindowManager19process_mouse_eventER12WSMouseEventRP8WSWindow +294
0x00020c99  Process::crash(int, unsigned int) +153
0x0001a4cb  exception_13_handler +0
0x0001a5ca  exception_14_handler +239
0x00019909  exception_14_entry +38
0x0804ef69  _ZN15WSWindowManager5eventER6CEvent +47
0x0805e1e0  _ZN7CObject14dispatch_eventER6CEventPS_ +86
0x0805ff56  _ZN10CEventLoop4pumpENS_8WaitModeE +468
0x080600e3  _ZN10CEventLoop4execEv +43
0x080484d8  main +419
0x08048769  _start +94
Process WindowServer(9) regions:
BEGIN       END         SIZE        ACCESS  NAME
01001000 -- 01105fff    00105000    R       /bin/WindowServer
08048000 -- 080b8fff    00071000    R X     elf-map-rx
080b9000 -- 080bbfff    00003000    RW      elf-alloc-rw
01107000 -- 01107fff    00001000    RW      (null)
01109000 -- 01109fff    00001000    RW      Thread-specific
0110b000 -- 0111afff    00010000    RW      Stack (Main thread)
0111c000 -- 0111cfff    00001000    RW      malloc: BigAllocationBlock
0111e000 -- 0111efff    00001000    RW      malloc: ChunkedBlock(16)
01120000 -- 01120fff    00001000    RW      malloc: ChunkedBlock(32)
01122000 -- 01122fff    00001000    RW      malloc: ChunkedBlock(128)
01124000 -- 01124fff    00001000    RW      malloc: ChunkedBlock(64)
01126000 -- 01126fff    00001000    RW      malloc: ChunkedBlock(8)
01128000 -- 01128fff    00001000    RW      malloc: ChunkedBlock(2036)
0112a000 -- 0112afff    00001000    RW      malloc: ChunkedBlock(2036)
0112c000 -- 0112cfff    00001000    RW      malloc: ChunkedBlock(1016)
0112e000 -- 0112efff    00001000    RW      malloc: ChunkedBlock(508)
01130000 -- 01130fff    00001000    RW      malloc: ChunkedBlock(252)
01132000 -- 01731fff    00600000    RW      BXVGA Framebuffer
01733000 -- 01735fff    00003000    R       /res/fonts/Katica10.font
01737000 -- 01746fff    00010000    RW      Stack (Thread 1)
01748000 -- 01748fff    00001000    RW      Thread-specific
0174e000 -- 0174efff    00001000    RW      GraphicsBitmap [15x21] - Decoded PNG: /res/cursors/arrow.png
01750000 -- 01750fff    00001000    RW      GraphicsBitmap [23x13] - Decoded PNG: /res/cursors/resize-horizontal.png
01752000 -- 01752fff    00001000    RW      GraphicsBitmap [13x23] - Decoded PNG: /res/cursors/resize-vertical.png
01754000 -- 01754fff    00001000    RW      GraphicsBitmap [21x21] - Decoded PNG: /res/cursors/resize-diagonal-tlbr.png
01756000 -- 01756fff    00001000    RW      malloc: ChunkedBlock(64)
0175c000 -- 0175cfff    00001000    RW      GraphicsBitmap [21x21] - Decoded PNG: /res/cursors/resize-diagonal-bltr.png
0175e000 -- 0175efff    00001000    RW      GraphicsBitmap [7x21] - Decoded PNG: /res/cursors/i-beam.png
01764000 -- 01764fff    00001000    RW      GraphicsBitmap [21x21] - Decoded PNG: /res/cursors/disallowed.png
01766000 -- 01766fff    00001000    RW      GraphicsBitmap [25x25] - Decoded PNG: /res/cursors/move.png
0176c000 -- 0176cfff    00001000    RW      GraphicsBitmap [16x16] - Decoded PNG: /res/icons/16x16/app-terminal.png
0176e000 -- 0176efff    00001000    RW      GraphicsBitmap [16x16] - Decoded PNG: /res/icons/16x16/filetype-folder.png
01770000 -- 01770fff    00001000    RW      GraphicsBitmap [16x16] - Decoded PNG: /res/icons/16x16/app-system-monitor.png
01776000 -- 01776fff    00001000    RW      GraphicsBitmap [16x16] - Decoded PNG: /res/icons/16x16/ladybug.png
01778000 -- 01778fff    00001000    RW      GraphicsBitmap [16x16] - Decoded PNG: /res/icons/16x16/window.png
0177d000 -- 0177dfff    00001000    RW      malloc: BigAllocationBlock
0177a000 -- 0177afff    00001000    RW      malloc: ChunkedBlock(32)
0177f000 -- 0177ffff    00001000    RW      malloc: ChunkedBlock(32)
01781000 -- 01781fff    00001000    RW      malloc: ChunkedBlock(32)
01783000 -- 01783fff    00001000    RW      malloc: ChunkedBlock(32)
01785000 -- 01796fff    00012000    RW      GraphicsBitmap [1024x18]
01798000 -- 0179afff    00003000    R       /res/fonts/KaticaBold10.font
0179c000 -- 0179cfff    00001000    RW      malloc: ChunkedBlock(1016)
0179e000 -- 017b9fff    0001c000    RW      SharedBuffer
017bb000 -- 017d6fff    0001c000    RW      SharedBuffer
017d8000 -- 017d8fff    00001000    R       SharedBuffer
017da000 -- 017f5fff    0001c000    RW      SharedBuffer
017f7000 -- 017f7fff    00001000    R       SharedBuffer
017f9000 -- 018bdfff    000c5000    RW      SharedBuffer
018bf000 -- 018bffff    00001000    RW      malloc: ChunkedBlock(252)
018c5000 -- 018c5fff    00001000    RW      malloc: ChunkedBlock(32)
018c7000 -- 018c7fff    00001000    RW      malloc: ChunkedBlock(128)
018c9000 -- 018e4fff    0001c000    RW      SharedBuffer
018c3000 -- 018c3fff    00001000    RW      malloc: ChunkedBlock(1016)
018e8000 -- 018e8fff    00001000    RW      malloc: ChunkedBlock(64)
01a17000 -- 01a17fff    00001000    RW      malloc: ChunkedBlock(32)
018f7000 -- 018f7fff    00001000    RW      malloc: ChunkedBlock(1016)
Finalizing Thread 1 in WindowServer(9)
~Thread{0x00320c88}
Finalizing Thread 0 in WindowServer(9)
Finalizing Process WindowServer(9)
signal 17 was ignored by SystemServer(4)
EOF on IPC fd
0x00020b82  Process::sys$exit(int) +18
0x00024cfc  syscall_trap_entry +818
0x00024980  syscall_trap_handler +38
EOF on IPC fd
dump_backtrace() called from within itself, what the hell is going on!
Finalizing Thread 0 in Terminal(12)
Finalizing Process Terminal(12)
/dev/pts/0: Send signal 1 to everyone in pgrp 16
/dev/pts/0: Send signal 1 to 16
signal: kernel sent 1 to Shell(16)
signal 17 was ignored by SystemServer(4)
0x08083794  exit +65
0x08053270  _ZN3IPC6Client10ConnectionI19WSAPI_ServerMessage19WSAPI_ClientMessageE26drain_messages_from_serverEv +170
0x08054e70  _ZNK2AK8FunctionIFvvEE15CallableWrapperIZN3IPC6Client10ConnectionI19WSAPI_ServerMessage19WSAPI_ClientMessageEC4ERKNS_10StringViewEEUlvE_E4callEv +20
0x08064b90  _ZN7CObject14dispatch_eventER6CEventPS_ +86
0x080665f0  _ZN10CEventLoop4pumpENS_8WaitModeE +468
0x0806677d  _ZN10CEventLoop4execEv +43
0x0804c687  _ZN12GApplication4execEv +29
0x08048953  main +1566
0x08048c19  _start +94
Finalizing Thread 0 in Launcher(13)
Finalizing Process Launcher(13)
signal 17 was ignored by SystemServer(4)
EOF on IPC fd
0x00020b82  Process::sys$exit(int) +18
0x00024cfc  syscall_trap_entry +818
0x00024980  syscall_trap_handler +38
0x08082032  exit +65
0x0804b972  _ZN3IPC6Client10ConnectionI19WSAPI_ServerMessage19WSAPI_ClientMessageE26drain_messages_from_serverEv +170
0x0804bc32  _ZNK2AK8FunctionIFvvEE15CallableWrapperIZN3IPC6Client10ConnectionI19WSAPI_ServerMessage19WSAPI_ClientMessageEC4ERKNS_10StringViewEEUlvE_E4callEv +20
0x080654d0  _ZN7CObject14dispatch_eventER6CEventPS_ +86
0x08066f30  _ZN10CEventLoop4pumpENS_8WaitModeE +468
0x080670bd  _ZN10CEventLoop4execEv +43
0x08050af5  _ZN12GApplication4execEv +29
0x0804837a  main +69
0x08048639  _start +94
VFS::create: '.history' in 3:28450
Finalizing Thread 0 in Taskbar(11)
Finalizing Process Taskbar(11)
signal 17 was ignored by SystemServer(4)
0x00020b82  Process::sys$exit(int) +18
0x00024cfc  syscall_trap_e> 
```ntry +818
0x00024980  syscall_trap_handler +38
0x0806b65c  exit +65
0x0804a081  _ZN10LineEditor8get_lineERKN2AK6StringE +273
0x080487a7  main +993
0x080489c9  _start +94
Finalizing Thread 0 in Shell(16)
Finalizing Process Shell(16)
signal 17 was ignored by Terminal(12)
PaintBrush(19): perror(): Broken pipe
USERSPACE(19) ASSERTION FAILED: false
/home/brandon/Projects/serenity/Libraries/LibCore/CoreIPCClient.h:151 in bool IPC::Client::Connection<ServerMessage, ClientMessage>::post_message_to_server(const ClientMessage&, const AK::ByteBuffer&&) [with ServerMessage = WSAPI_ServerMessage; ClientMessage = WSAPI_ClientMessage]
signal: PaintBrush(19) sent 6 to PaintBrush(19)
terminate_due_to_signal PaintBrush(19) <- 6
Finalizing Thread 0 in PaintBrush(19)
0x0002f2c3  Scheduler::switch_now() +51
0x0002f767  Scheduler::yield() +69
0x00022e99  Thread::block_helper() +27
0x0004f276  Thread::BlockResult Thread::block<Thread::SemiPermanentBlocker, Thread::SemiPermanentBlocker::Reason>(Thread::SemiPermanentBlocker::Reason&&) +118
0x0001badb  Process::sys$kill(int, int) +189
0x00024beb  syscall_trap_entry +545
0x00024980  syscall_trap_handler +38
0x0809ca40  raise +22
0x080482bd  abort +13
0x0809c9c8  kill +0
0x08051bff  _ZN3IPC6Client10ConnectionI19WSAPI_ServerMessage19WSAPI_ClientMessageE22post_message_to_serverERKS3_OKN2AK10ByteBufferE +145
0x0805d0c9  _ZZN7GWindow6updateERK4RectENKUlRT_E_clI7CObjectEEDaS4_.isra.210 +475
0x0807fe86  _ZN10CEventLoop4pumpENS_8WaitModeE +418
0x08080045  _ZN10CEventLoop4execEv +43
0x0805282d  _ZN12GApplication4execEv +29
0x08048745  main +1040
0x08048aa9  _start +94

Finalizing Process PaintBrush(19)
signal: PaintBrush(19) sent 17 to Launcher(13)
Ext2FS: Flushed 6 blocks to disk
@awesomekling

This comment has been minimized.

Copy link
Member

commented Oct 14, 2019

Should be fixed by 7dbc13a

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.