serenity icon indicating copy to clipboard operation
serenity copied to clipboard
verified publisher icon SerenityOS

FileSystemAccessServer crashes fairly frequently opening images (from /res) in PixelPaint

Open MacDue opened this issue 3 years ago • 2 comments

Looks somewhat threading related, this has been happening for me fairly regularly for me when opening test images from /res in PixelPaint. Opening the image still works fine, though it's slightly annoying getting the Crash Reporter popup :yakkie:

Crash log + Backtrace:

64.647 FileSystemAccessServer(53:53): Started thread "", tid = 54
66.082 FileSystemAccessServer(53:53): FilePicker(0x0000000039a21810): Quit event loop with result 0
66.082 FileSystemAccessServer(53:53): FilePicker(0x0000000039a21810): Event loop returned with result 0
66.629 [FileSystemAccessServer(53:54)]: CRASH: CPU #0 General protection fault in ring 3
66.629 [#0 FileSystemAccessServer(53:54)]: Exception code: 0000 (isr: 0000)
66.629 [#0 FileSystemAccessServer(53:54)]:     pc=0x0023:0x00000019320e9127 rflags=0x0000000000010206
66.629 [#0 FileSystemAccessServer(53:54)]:  stack=0x0000000000dd7d30
66.629 [#0 FileSystemAccessServer(53:54)]:    rax=0x0000000000000000 rbx=0xedededededededed rcx=0x00000019326d0558 rdx=0x0000000000000001
66.629 [#0 FileSystemAccessServer(53:54)]:    rbp=0x0000000000dd7d50 rsp=0x0000002013f4ff50 rsi=0x0000000cf7ec8f40 rdi=0xedededededededed
66.629 [#0 FileSystemAccessServer(53:54)]:     r8=0x00000019559a12f0  r9=0x0000000000000010 r10=0x0000000000000002 r11=0x00000019326d0840
66.629 [#0 FileSystemAccessServer(53:54)]:    r12=0x0000000000dd7de8 r13=0x0000000000000000 r14=0x0000000cf7ec8f40 r15=0xedededededededed
66.629 [#0 FileSystemAccessServer(53:54)]:    cr0=0x0000000080010013 cr2=0x0000000000112380 cr3=0x0000000018360000 cr4=0x0000000000340ee0
66.629 [#0 FileSystemAccessServer(53:54)]: 0x00000019320e9127  (?)

66.629 [#0 FileSystemAccessServer(53:54)]: Kernel + 0x0000000000c4bab0  Kernel::Process::crash(int, unsigned long, bool) +0x280
66.629 [#0 FileSystemAccessServer(53:54)]: Kernel + 0x000000000112fdbc  Kernel::handle_crash(Kernel::RegisterState const&, char const*, int, bool) +0x66c
66.629 [#0 FileSystemAccessServer(53:54)]: Kernel + 0x000000000113b716  general_protection_fault_asm_entry +0x36
66.639 [#0 Finalizer Task(5:5)]: Generating coredump for pid: 53
66.645 CrashDaemon(11:11): New coredump file: /tmp/coredump/FileSystemAccessServer_53_1665430907
66.902 CrashReporter(56:56): Started thread "", tid = 57
67.707 CrashReporter(56:57): Generating backtrace took 792 ms
67.707 CrashReporter(56:57): --- Backtrace for thread #0 (TID 53) ---
67.707 CrashReporter(56:57): 0x00000004388a5017: [/usr/lib/libsystem.so] syscall1 +0x7 (syscall.cpp:20 => syscall.cpp:19)
67.707 CrashReporter(56:57): 0x000000193210ad6f: [/usr/lib/libc.so] pselect.localalias +0x26f (select.cpp:57)
67.707 CrashReporter(56:57): 0x000000193210af9e: [/usr/lib/libc.so] select +0x6e (select.cpp:30)
67.707 CrashReporter(56:57): 0x000000096f0ae136: [/usr/lib/libcore.so.serenity] Core::EventLoop::wait_for_event(Core::EventLoop::WaitMode) [clone .localalias] +0x216 (EventLoop.cpp:730)
67.712 CrashReporter(56:57): 0x000000096f0ae92b: [/usr/lib/libcore.so.serenity] Core::EventLoop::pump(Core::EventLoop::WaitMode) +0x2b (EventLoop.cpp:455)
67.712 CrashReporter(56:57): 0x000000096f0af451: [/usr/lib/libcore.so.serenity] Core::EventLoop::exec() +0x141 (EventLoop.cpp:441)
67.712 CrashReporter(56:57): 0x0000000a206fb66b: [/bin/FileSystemAccessServer] serenity_main(Main::Arguments) +0xcb (main.cpp:21)
67.712 CrashReporter(56:57): 0x0000000a206f3698: [/bin/FileSystemAccessServer] main +0x128 (Main.cpp:39)
67.716 CrashReporter(56:57): 0x0000000a206f3838: [/bin/FileSystemAccessServer] _entry +0x48 (crt0.cpp:43)
69.543 CrashReporter(56:57): Generating backtrace took 1807 ms
69.543 CrashReporter(56:57): --- Backtrace for thread #1 (TID 54) ---
69.543 CrashReporter(56:57): 0x00000019320e9127: [/usr/lib/libc.so] pthread_mutex_lock +0x17 (Atomic.h:54 => pthread_integration.cpp:137)
69.543 CrashReporter(56:57): 0x000000096f0abaa4: [/usr/lib/libcore.so.serenity] Core::EventLoop::post_event(Core::Object&, AK::NonnullOwnPtr<Core::Event>&&, Core::EventLoop::ShouldWake) [clone .localalias] +0x44 (Mutex.h:75 => Mutex.h:67 => Mutex.h:60 => EventLoop.cpp:506)
69.548 CrashReporter(56:57): 0x0000000994b70b17: [/usr/lib/libgui.so.serenity] Core::EventLoop::deferred_invoke(AK::Function<void ()>) +0x1a7 (EventLoop.h:97)
69.548 CrashReporter(56:57): 0x0000000994b71af0: [/usr/lib/libgui.so.serenity] Threading::BackgroundAction<AK::ErrorOr<AK::NonnullRefPtr<Gfx::Bitmap>, AK::Error> >::BackgroundAction(AK::Function<AK::ErrorOr<AK::NonnullRefPtr<Gfx::Bitmap>, AK::Error> (Threading::BackgroundAction<AK::ErrorOr<AK::NonnullRefPtr<Gfx::Bitmap>, AK::Error> >&)>, AK::Function<void (AK::ErrorOr<AK::NonnullRefPtr<Gfx::Bitmap>, AK::Error>)>)::{lambda()#1}::operator()() const +0x230 (BackgroundAction.h:63)
69.551 CrashReporter(56:57): 0x00000019548e7ada: [/usr/lib/libthreading.so.serenity] background_thread_func() +0x58a (Function.h:91)
69.551 CrashReporter(56:57): 0x00000019548e83fc: [/usr/lib/libthreading.so.serenity] Threading::Thread::start()::{lambda(void*)#1}::_FUN(void*) +0x4c (Function.h:91)
69.551 CrashReporter(56:57): 0x00000019320e7f1b: [/usr/lib/libc.so] pthread_create_helper +0x2b (pthread.cpp:75)

MacDue avatar Oct 10 '22 19:10 MacDue

I've seen this as well a lot.

kleinesfilmroellchen avatar Oct 14 '22 11:10 kleinesfilmroellchen

This is caused by the background thread not handling any type of cancellation. The file picker is closed and the mutex the background thread is waiting on is freed. It happens in /res because emojis load their thumbnails on that thread.

I submitted a PR to make it synchronous for the time being but the real fix is to improve the background job.

dimenus avatar Oct 15 '22 21:10 dimenus

Fixed by #16715 and duplicate of #14945

LucasChollet avatar Mar 19 '23 04:03 LucasChollet