Page MenuHomePhabricator
Create Task
Maniphest T5479

efl: segv: emile_image_close -> memory mapped file -> eina_file_clean_close
Closed, ResolvedPublic
Actions

Description

This is another BSDism.

The file is mmaped w/emotion_gstreamer.

When coming to delete this object it seems it will close a fd which was never set.

#0  0x00001b8c19fee195 in eina_file_real_close (file=0x1b8cf9e08000)
    at lib/eina/eina_file.c:301
#1  0x00001b8c19fa0003 in eina_file_clean_close (file=0x1b8cf9e08000)
    at lib/eina/eina_file_common.c:507
#2  0x00001b8c19fa0180 in eina_file_close (file=0x1b8cf9e08000)
    at lib/eina/eina_file_common.c:540
#3  0x00001b8ca564fc73 in emile_image_close (image=0x1b8cc3961e00)
    at lib/emile/emile_image.c:2489
#4  0x00001b8c32ee3449 in evas_image_load_file_close_jpeg (
    loader_data=0x1b8ca21087c0)
    at modules/evas/image_loaders/jpeg/evas_image_load_jpeg.c:67
#5  0x00001b8c32e6aa9f in _evas_common_rgba_image_delete (ie=0x1b8cee7b9800)
    at lib/evas/common/evas_image_main.c:527
#6  0x00001b8c32de3aa2 in _evas_cache_image_entry_delete (
    cache=0x1b8c96e4fe00, ie=0x1b8cee7b9800)
    at lib/evas/cache/evas_cache_image.c:196
#7  0x00001b8c32de7400 in evas_cache_image_flush (cache=0x1b8c96e4fe00)
    at lib/evas/cache/evas_cache_image.c:1560
#8  0x00001b8c32de620e in evas_cache_image_drop (im=0x1b8cee7b9800)
    at lib/evas/cache/evas_cache_image.c:1091
#9  0x00001b8cde7800b0 in evas_gl_common_image_free (im=0x1b8c729efa00)
    at modules/evas/engines/gl_common/evas_gl_image.c:811
#10 0x00001b8cde77df62 in _evas_gl_image_cache_trim (gc=0x1b8cffc47000)
    at modules/evas/engines/gl_common/evas_gl_image.c:68
#11 0x00001b8cde77fedf in evas_gl_common_image_cache_flush (gc=0x1b8cffc47000)
    at modules/evas/engines/gl_common/evas_gl_image.c:763
#12 0x00001b8cde6d2e27 in eng_image_cache_flush (data=0x1b8c32151400)
    at modules/evas/engines/gl_generic/evas_engine.c:1334
#13 0x00001b8c32d31c49 in _evas_canvas_image_cache_flush (
    eo_e=0x80000001772a2338, e=0x1b8cc1769080)
    at lib/evas/canvas/evas_object_image.c:1127
#14 0x00001b8c32d244c7 in evas_canvas_image_cache_flush (
    obj=0x80000001772a2338) at evas_canvas.eo.c:284
#15 0x00001b8c32d266e3 in evas_image_cache_flush (obj=0x80000001772a2338)
    at evas_canvas.eo.c:903
warning: (Internal error: pc 0x1b8cbba6bbfd in read in psymtab, but not in symtab.)

warning: (Internal error: pc 0x1b8cbba6bbfd in read in psymtab, but not in symtab.)

#16 0x00001b8cbba6bbfe in elm_cache_all_flush ()
    at lib/elementary/elm_main.c:1518
#17 0x00001b8cbb978afd in _elm_cache_flush_cb (data=0x0)
    at lib/elementary/elm_config.c:1557
#18 0x00001b8c3db7bee0 in _ecore_poller_cb_timer (data=0x0)
    at lib/ecore/ecore_poller.c:148
#19 0x00001b8c3db7d16f in _ecore_call_task_cb (
    func=0x1b8c3db7bd9e <_ecore_poller_cb_timer>, data=0x0)
    at ecore_private.h:281
#20 0x00001b8c3db7d5ec in _ecore_timer_legacy_tick (data=0x1b8c336380a0,
    event=0x7f7fffff1530) at lib/ecore/ecore_timer.c:184
warning: (Internal error: pc 0x1b8c992dd746 in read in psymtab, but not in symtab.)

warning: (Internal error: pc 0x1b8c992dd746 in read in psymtab, but not in symtab.)

#21 0x00001b8c992dd747 in _event_callback_call (obj_id=warning: (Internal error: pc 0x1b8c992dd746 in read in psymtab, but not in symtab.)

0x80000001372a2330, pd=warning: (Internal error: pc 0x1b8c992dd746 in read in psymtab, but not in symtab.)


0x1b8c9c46f640, desc=warning: (Internal error: pc 0x1b8c992dd746 in read in psymtab, but not in symtab.)

0x1b8c3ddaa800, event_info=warning: (Internal error: pc 0x1b8c992dd746 in read in psymtab, but not in symtab.)

0x0, legacy_compare=warning: (Internal error: pc 0x1b8c992dd746 in read in psymtab, but not in symtab.)

0 '\0')
    at lib/eo/eo_base_class.c:1473
warning: (Internal error: pc 0x1b8c992dda54 in read in psymtab, but not in symtab.)

warning: (Internal error: pc 0x1b8c992dda54 in read in psymtab, but not in symtab.)

#22 0x00001b8c992dda55 in _efl_object_event_callback_call ()
    at lib/eo/eo_base_class.c:1557
warning: (Internal error: pc 0x1b8c992ddb25 in read in psymtab, but not in symtab.)

warning: (Internal error: pc 0x1b8c992ddb25 in read in psymtab, but not in symtab.)

#23 0x00001b8c992ddb26 in efl_event_callback_call ()
    at lib/eo/eo_base_class.c:1560
#24 0x00001b8c3db7e694 in _efl_loop_timer_expired_call (when=3766.652325435)
    at lib/ecore/ecore_timer.c:700
#25 0x00001b8c3db7e50d in _efl_loop_timer_expired_timers_call (
    when=3766.652325435) at lib/ecore/ecore_timer.c:653
#26 0x00001b8c3db5e9f7 in _ecore_main_loop_iterate_internal (once_only=0)
    at lib/ecore/ecore_main.c:2275
#27 0x00001b8c3db5c91a in ecore_main_loop_begin ()
    at lib/ecore/ecore_main.c:1299
warning: (Internal error: pc 0x1b8cbba6b231 in read in psymtab, but not in symtab.)

warning: (Internal error: pc 0x1b8cbba6b231 in read in psymtab, but not in symtab.)

#28 0x00001b8cbba6b232 in elm_run () at lib/elementary/elm_main.c:1281
#29 0x00001b8a12504d10 in elm_main (argc=2, argv=0x7f7fffff2888) at main.c:196
#30 0x00001b8a12504d82 in main (argc=2, argv=0x7f7fffff2888) at main.c:202
#2  0x00001b8c19fa0180 in eina_file_close (file=0x1b8cf9e08000)
    at lib/eina/eina_file_common.c:540
540        eina_file_clean_close(file);
$4 = (Eina_File *) 0x1b8cf9e08000
#1  0x00001b8c19fa0003 in eina_file_clean_close (file=0x1b8cf9e08000)
    at lib/eina/eina_file_common.c:507
507        eina_file_real_close(file);
Cannot access memory at address 0x1b8cf9e08050
The program is running.  Exit anyway? (y or n) $

file->fd is invalid memory when closing in eina_file.

Details

Differential Revisions
D5002: eina_file_virtualize: fix SEGV on unmap of mapped region on some systems.
D4871: evas: evas_object_image_memfile_set - dont' close file. emile_close will fail when shutting down if file is closed.
Commits
D5006 / rEFL9aeaef55c4f6: eina_file: fix unmap of unmapped region when Eina_File has copied data and not…

Related Objects

netstar created this task.May 10 2017, 5:05 AM
netstar added a comment.May 10 2017, 6:17 AM

I did a small patch, maybe its bogus. Though I grepped for use of this function ,does not get used very much...

How best to fix this???

The "patch" is D4871

bu5hm4n added a subscriber: bu5hm4n.May 10 2017, 6:47 AM

Can you try to change emile_image.c lin 1488 to if (image->source.f)

The function should look then something like:

EAPI void
emile_image_close(Emile_Image *image)
{
   if (!image)
     return;

   _emile_image_file_source_unmap(image);
   if (image->source.f)
     eina_file_close(image->source.f);
   image->close(image);
   free(image);
}

I think there was never a image->source.f set, and the pointer in there could just be plain garbage. Or a already closed file?

Can you reproduce this with valgrind?

cedric added a comment.May 10 2017, 10:19 AM

What is the value in file->fd at the moment of the crash ?

cedric added a comment.May 10 2017, 10:19 AM

(Or actually the value of file itself)

netstar added a comment.May 10 2017, 10:22 AM
(gdb) print file
$1 = (Eina_File *) 0x3b624f6000
(gdb) print file->fd
Cannot access memory at address 0x3b624f6050
cedric added a comment.May 10 2017, 10:26 AM

So file is garbage.

cedric added a comment.May 10 2017, 10:29 AM

@bu5hm4n: hum, maybe it would simplify the code if we did transform binbuf to an Eina_File and avoid double path logic everywhere.

netstar added a comment.May 10 2017, 1:31 PM

This bug...if fixed... would be fantastic...that would literally leave one remaining issue AFAIK on OpenBSD and none on FreeBSD and that's edje_cc (another ticket).

bu5hm4n added a comment.May 11 2017, 1:33 AM

@netstar have you tried the fix from above?

netstar added a comment.May 11 2017, 2:48 AM

Hey @bu5hm4n I will do very soon just busy today....!!!

netstar added a comment.May 11 2017, 3:55 AM

Hi, nah that doesn't work

As above...

(gdb) print file
$1 = (Eina_File *) 0x3b624f6000
(gdb) print file->fd
Cannot access memory at address 0x3b624f6050

breaks lots of stuff! including E!!!

bu5hm4n added a comment.May 11 2017, 5:03 AM

What says valgrind ?

netstar added a subscriber: raster.May 12 2017, 3:24 PM

@raster wonder if you got time whether you might look at this in your FreeBSD VM?

netstar added a comment.May 16 2017, 6:51 AM
This comment was removed by netstar.
netstar added a subscriber: barbieri.May 16 2017, 7:51 AM

Okay, @barbieri advised me to write a test program which I have done. Uploading now. Waiting for valgrind results.

test.c1 KBDownload

netstar added a comment.May 16 2017, 9:35 AM

The test does produce the same result as the initial backtrace. Just to refresh this happens on both OpenBSD and FreeBSD and the backtrace is identical.

Have got valgrind running now (FreeBSD)...i'm not 100% sure if it's stuck or just extremely slow (watching the process terminate outside valgrind takes 2-3 seconds with the including deletion of im evas_object_del(im)). Hopefully when I get back there are results!

netstar added a comment.May 16 2017, 9:38 AM

Maybe Linux is more tolerant when I come back can get a result from that.

netstar added a comment.May 16 2017, 12:50 PM

Ran it on Linux - no issues at all.

netstar added a comment.May 16 2017, 12:52 PM

So the situation is that program test case hangs on FreeBSD valgrind (amd64) and OpenBSD valgrind isn't fixed yet,...

cedric added a comment.May 16 2017, 2:04 PM

I received a valgrind trace in my email, but can't see it here anymore. Could you post your valgrind trace again ?

netstar added a comment.EditedMay 16 2017, 3:11 PM

Sure, though it hangs. I left it running for hours, stuck in piperd state.

==91783== Memcheck, a memory error detector
==91783== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==91783== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==91783== Command: ./test ./Zulu.mp4
==91783== Parent PID: 91703
==91783==
==91783== Invalid read of size 8
==91783==    at 0x4015944: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x400F361: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4008C38: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4009A55: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4008F99: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4006300: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x56DB2AE: eina_module_load (eina_module.c:320)
==91783==    by 0x56DBD4C: eina_module_list_load (eina_module.c:572)
==91783==    by 0x6066672: ecore_system_modules_load (ecore.c:188)
==91783==    by 0x6066A18: ecore_init (ecore.c:323)
==91783==    by 0x401249: main (in /usr/home/netstar/test)
==91783==  Address 0xfc56920 is 64 bytes inside a block of size 68 alloc'd
==91783==    at 0x4C2466F: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==91783==    by 0x56DAFF7: eina_module_new (eina_module.c:272)
==91783==    by 0x56DADF2: _dir_arch_list_cb (eina_module.c:171)
==91783==    by 0x570BC17: eina_file_dir_list (eina_file.c:544)
==91783==    by 0x56DBAD9: eina_module_arch_list_get (eina_module.c:502)
==91783==    by 0x606665C: ecore_system_modules_load (ecore.c:181)
==91783==    by 0x6066A18: ecore_init (ecore.c:323)
==91783==    by 0x401249: main (in /usr/home/netstar/test)
==91783==
==91783== Invalid read of size 8
==91783==    at 0x4015944: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4009FD3: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4008F99: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4006300: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x56DB2AE: eina_module_load (eina_module.c:320)
==91783==    by 0x56DBD4C: eina_module_list_load (eina_module.c:572)
==91783==    by 0x6066672: ecore_system_modules_load (ecore.c:188)
==91783==    by 0x6066A18: ecore_init (ecore.c:323)
==91783==    by 0x401249: main (in /usr/home/netstar/test)
==91783==  Address 0xfc56920 is 64 bytes inside a block of size 68 alloc'd
==91783==    at 0x4C2466F: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==91783==    by 0x56DAFF7: eina_module_new (eina_module.c:272)
==91783==    by 0x56DADF2: _dir_arch_list_cb (eina_module.c:171)
==91783==    by 0x570BC17: eina_file_dir_list (eina_file.c:544)
==91783==    by 0x56DBAD9: eina_module_arch_list_get (eina_module.c:502)
==91783==    by 0x606665C: ecore_system_modules_load (ecore.c:181)
==91783==    by 0x6066A18: ecore_init (ecore.c:323)
==91783==    by 0x401249: main (in /usr/home/netstar/test)
==91783==
==91783== Invalid read of size 8
==91783==    at 0x4017467: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4009FF3: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4008F99: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4006300: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x56DB2AE: eina_module_load (eina_module.c:320)
==91783==    by 0x56DBD4C: eina_module_list_load (eina_module.c:572)
==91783==    by 0x6066672: ecore_system_modules_load (ecore.c:188)
==91783==    by 0x6066A18: ecore_init (ecore.c:323)
==91783==    by 0x401249: main (in /usr/home/netstar/test)
==91783==  Address 0xfc56920 is 64 bytes inside a block of size 68 alloc'd
==91783==    at 0x4C2466F: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==91783==    by 0x56DAFF7: eina_module_new (eina_module.c:272)
==91783==    by 0x56DADF2: _dir_arch_list_cb (eina_module.c:171)
==91783==    by 0x570BC17: eina_file_dir_list (eina_file.c:544)
==91783==    by 0x56DBAD9: eina_module_arch_list_get (eina_module.c:502)
==91783==    by 0x606665C: ecore_system_modules_load (ecore.c:181)
==91783==    by 0x6066A18: ecore_init (ecore.c:323)
==91783==    by 0x401249: main (in /usr/home/netstar/test)
==91783==
==91783== Invalid read of size 8
==91783==    at 0x4015944: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4009CD5: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4008F99: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4006300: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x56DB2AE: eina_module_load (eina_module.c:320)
==91783==    by 0x74D7796: _c_init (ecore_con_url_curl.c:285)
==91783==    by 0x74D1A67: ecore_con_url_init (ecore_con_url.c:51)
==91783==    by 0x64EEE77: ecore_file_download_init (ecore_file_download.c:43)
==91783==    by 0x64EDAEE: ecore_file_init (ecore_file.c:102)
==91783==    by 0x401269: main (in /usr/home/netstar/test)
==91783==  Address 0xfcccdb8 is 24 bytes inside a block of size 29 alloc'd
==91783==    at 0x4C2466F: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==91783==    by 0x56DAFF7: eina_module_new (eina_module.c:272)
==91783==    by 0x74D7779: _c_init (ecore_con_url_curl.c:285)
==91783==    by 0x74D1A67: ecore_con_url_init (ecore_con_url.c:51)
==91783==    by 0x64EEE77: ecore_file_download_init (ecore_file_download.c:43)
==91783==    by 0x64EDAEE: ecore_file_init (ecore_file.c:102)
==91783==    by 0x401269: main (in /usr/home/netstar/test)
==91783==
==91783== Invalid read of size 8
==91783==    at 0x4017467: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x400ABA3: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x400AB0C: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4009D0E: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4008F99: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4006300: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x56DB2AE: eina_module_load (eina_module.c:320)
==91783==    by 0x74D7796: _c_init (ecore_con_url_curl.c:285)
==91783==    by 0x74D1A67: ecore_con_url_init (ecore_con_url.c:51)
==91783==    by 0x64EEE77: ecore_file_download_init (ecore_file_download.c:43)
==91783==    by 0x64EDAEE: ecore_file_init (ecore_file.c:102)
==91783==    by 0x401269: main (in /usr/home/netstar/test)
==91783==  Address 0xfcccdb8 is 24 bytes inside a block of size 29 alloc'd
==91783==    at 0x4C2466F: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==91783==    by 0x56DAFF7: eina_module_new (eina_module.c:272)
==91783==    by 0x74D7779: _c_init (ecore_con_url_curl.c:285)
==91783==    by 0x74D1A67: ecore_con_url_init (ecore_con_url.c:51)
==91783==    by 0x64EEE77: ecore_file_download_init (ecore_file_download.c:43)
==91783==    by 0x64EDAEE: ecore_file_init (ecore_file.c:102)
==91783==    by 0x401269: main (in /usr/home/netstar/test)
==91783==
==91783== Invalid read of size 8
==91783==    at 0x4015944: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4009D6A: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4008F99: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4006300: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x56DB2AE: eina_module_load (eina_module.c:320)
==91783==    by 0x74D7796: _c_init (ecore_con_url_curl.c:285)
==91783==    by 0x74D1A67: ecore_con_url_init (ecore_con_url.c:51)
==91783==    by 0x64EEE77: ecore_file_download_init (ecore_file_download.c:43)
==91783==    by 0x64EDAEE: ecore_file_init (ecore_file.c:102)
==91783==    by 0x401269: main (in /usr/home/netstar/test)
==91783==  Address 0xfcccdb8 is 24 bytes inside a block of size 29 alloc'd
==91783==    at 0x4C2466F: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==91783==    by 0x56DAFF7: eina_module_new (eina_module.c:272)
==91783==    by 0x74D7779: _c_init (ecore_con_url_curl.c:285)
==91783==    by 0x74D1A67: ecore_con_url_init (ecore_con_url.c:51)
==91783==    by 0x64EEE77: ecore_file_download_init (ecore_file_download.c:43)
==91783==    by 0x64EDAEE: ecore_file_init (ecore_file.c:102)
==91783==    by 0x401269: main (in /usr/home/netstar/test)
==91783==
==91783== Invalid read of size 8
==91783==    at 0x4017467: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x400ABA3: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x400AB0C: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4009DA3: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4008F99: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4006300: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x56DB2AE: eina_module_load (eina_module.c:320)
==91783==    by 0x74D7796: _c_init (ecore_con_url_curl.c:285)
==91783==    by 0x74D1A67: ecore_con_url_init (ecore_con_url.c:51)
==91783==    by 0x64EEE77: ecore_file_download_init (ecore_file_download.c:43)
==91783==    by 0x64EDAEE: ecore_file_init (ecore_file.c:102)
==91783==    by 0x401269: main (in /usr/home/netstar/test)
==91783==  Address 0xfcccdb8 is 24 bytes inside a block of size 29 alloc'd
==91783==    at 0x4C2466F: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==91783==    by 0x56DAFF7: eina_module_new (eina_module.c:272)
==91783==    by 0x74D7779: _c_init (ecore_con_url_curl.c:285)
==91783==    by 0x74D1A67: ecore_con_url_init (ecore_con_url.c:51)
==91783==    by 0x64EEE77: ecore_file_download_init (ecore_file_download.c:43)
==91783==    by 0x64EDAEE: ecore_file_init (ecore_file.c:102)
==91783==    by 0x401269: main (in /usr/home/netstar/test)
==91783==
==91783== Invalid read of size 8
==91783==    at 0x4015944: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x400D61B: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x400C4B4: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x40047F8: _rtld_error (in /libexec/ld-elf.so.1)
==91783==    by 0x400A277: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4008F99: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x4006300: ??? (in /libexec/ld-elf.so.1)
==91783==    by 0x56DB2AE: eina_module_load (eina_module.c:320)
==91783==    by 0x74D7796: _c_init (ecore_con_url_curl.c:285)
==91783==    by 0x74D1A67: ecore_con_url_init (ecore_con_url.c:51)
==91783==    by 0x64EEE77: ecore_file_download_init (ecore_file_download.c:43)
==91783==    by 0x64EDAEE: ecore_file_init (ecore_file.c:102)
==91783==  Address 0xfcccdb8 is 24 bytes inside a block of size 29 alloc'd
==91783==    at 0x4C2466F: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==91783==    by 0x56DAFF7: eina_module_new (eina_module.c:272)
==91783==    by 0x74D7779: _c_init (ecore_con_url_curl.c:285)
==91783==    by 0x74D1A67: ecore_con_url_init (ecore_con_url.c:51)
==91783==    by 0x64EEE77: ecore_file_download_init (ecore_file_download.c:43)
==91783==    by 0x64EDAEE: ecore_file_init (ecore_file.c:102)
==91783==    by 0x401269: main (in /usr/home/netstar/test)
==91783==
barbieri added a comment.May 16 2017, 6:25 PM

sorry but these are not of use... you need a valgrind suppression to hide dlopen() from eina_module_load() as these are from optimizations. Maybe it's provided with valgrind, otherwise you need to create one.

if it's getting stuck, aside from valgrind it may help to run on strace and see where it's blocked.

netstar added a comment.EditedMay 17 2017, 2:55 AM

Debugging the debug of the test for the bug!!!

Hi, here's truss output (strace alternative)...stuck here:

truss -d valgrind ./test ./Zulu.mp4

216 (0x40d4000)
10.429916491 mmap(0x406683000,16384,PROT_READ|PROT_WRITE|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_ANON,-1,0x0) = 17287360512 (0x406683000)
10.430566957 mmap(0x7fffdfbfc000,2101248,PROT_READ|PROT_WRITE|PROT_EXEC,MAP_FIXED|MAP_STACK,-1,0x0) = 140736947273728 (0x7fffdfbfc000)
10.430640583 mmap(0x406687000,16384,PROT_READ|PROT_WRITE|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_ANON,-1,0x0) = 17287376896 (0x406687000)
10.430778383 mprotect(0x7fffdfbfc000,4096,PROT_NONE) = 0 (0x0)
10.430870231 sigprocmask(SIG_SETMASK,{ SIGHUP|SIGINT|SIGQUIT|SIGILL|SIGTRAP|SIGABRT|SIGEMT|SIGFPE|SIGKILL|SIGBUS|SIGSEGV|SIGSYS|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIGXFSZ|SIGVTALRM|SIGPROF|SIGWINCH|SIGINFO|SIGUSR1|SIGUSR2 },{ SIGHUP|SIGINT|SIGQUIT|SIGABRT|SIGEMT|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIGXFSZ|SIGVTALRM|SIGPROF|SIGWINCH|SIGINFO|SIGUSR1|SIGUSR2 }) = 0 (0x0)
10.430933117 mmap(0x4067fb000,1064960,PROT_READ|PROT_WRITE|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_ANON,-1,0x0) = 17288900608 (0x4067fb000)
10.430992917 mprotect(0x4067fb000,8192,PROT_NONE) = 0 (0x0)
10.431043502 mprotect(0x4068fd000,8192,PROT_NONE) = 0 (0x0)
10.431864896 <new thread 100192>
10.431890565 thr_new(0x402b9dc70,0x68)           = 0 (0x0)
10.431960838 sigprocmask(SIG_SETMASK,{ SIGHUP|SIGINT|SIGQUIT|SIGABRT|SIGEMT|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIGXFSZ|SIGVTALRM|SIGPROF|SIGWINCH|SIGINFO|SIGUSR1|SIGUSR2 },0x0) = 0 (0x0)
10.432014353 thr_self(0x4068fce48)               = 0 (0x0)
10.432050215 thr_self(0x402b9dbe8)               = 0 (0x0)
10.432106576 thr_self(0x402b9dac8)               = 0 (0x0)
10.432157057 read(232785,"H",1)                  = 1 (0x1)
10.432188263 write(232786,"H",1)                 = 1 (0x1)
10.432225919 sched_yield()                       = 0 (0x0)
10.432261248 thr_self(0x402b9db28)               = 0 (0x0)
10.432312572 thr_self(0x4068fcf48)               = 0 (0x0)
10.432346620 getpid()                            = 94079 (0x16f7f)
10.432398331 sigprocmask(SIG_SETMASK,{ SIGHUP|SIGINT|SIGQUIT|SIGABRT|SIGEMT|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIGXFSZ|SIGVTALRM|SIGPROF|SIGWINCH|SIGINFO|SIGUSR1|SIGUSR2 },0x0) = 0 (0x0)
10.433003837 thr_set_name(0x18760,0x7fffdfdfcea0) = 0 (0x0)
netstar added a comment.Jun 6 2017, 1:41 PM

I don't know what happens here, it works fine on Linux with no errors/warnings...

ATM am just disabling those two lines in emile_image_close for my own use w/BSD...

netstar added a comment.Jul 5 2017, 8:09 AM

eina_file_real_close() is the culprit when unmapping memory used by eina_file_virtualize. evas_object_image_memfile_set is implemented using this. There is an optimization which causes issues on BSD systems. in eina_file_real_close()

if (file->global_map != MAP_FAILED)
  munmap(file->global_map, file->length);

corrupts (Eina_File *) file after a successful unmap (checked return value).

The fix in https://phab.enlightenment.org/D5002 moves the memory location where the map is stored for BSD systems. Shouldn't affect other OS.

netstar added a subscriber: jpeg.Jul 5 2017, 8:25 AM
raster added a comment.Jul 6 2017, 9:29 PM

D5002 certainly looks wrong. but it did point out one issue. the data isnt aligned. i just fixed that. indeed D5006 is right and fixes things. thumbs up.