[Intel-gfx] [PATCH] igt_core: zero exit_handler_count before forking

Chris Wilson chris at chris-wilson.co.uk
Thu Sep 4 10:48:23 CEST 2014 

On Thu, Sep 04, 2014 at 10:39:31AM +0200, Daniel Vetter wrote:
> On Thu, Sep 04, 2014 at 10:34:13AM +0200, Daniel Vetter wrote:
> > On Wed, Sep 03, 2014 at 02:47:21PM -0300, Paulo Zanoni wrote:
> > > From: Paulo Zanoni <paulo.r.zanoni at intel.com>
> > > 
> > > If we don't reset exit_handler_count before forking, we may have a
> > > case where the forked process is killed before it even does
> > > "exit_handler_count = 0": in that case, it is still finishing forking.
> > > When that happens, we may end up calling our exit handlers. On the
> > > specific bug I'm investigating, we call igt_reset_connnectors(), which
> > > ends up in a deadlock inside malloc_atfork. If we attach gdb to the
> > > forked process and get a backtrace, we have:
> > > 
> > > (gdb) bt
> > > 0  __lll_lock_wait_private () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:95
> > > 1  0x00007f15634d36bf in _L_lock_10524 () from /lib/x86_64-linux-gnu/libc.so.6
> > > 2  0x00007f15634d12ef in malloc_atfork (sz=139729840351352, caller=<optimized out>) at arena.c:181
> > > 3  0x00007f15640466a1 in drmMalloc () from /usr/lib/x86_64-linux-gnu/libdrm.so.2
> > > 4  0x00007f1564049ad7 in drmModeGetResources () from /usr/lib/x86_64-linux-gnu/libdrm.so.2
> > > 5  0x0000000000408f84 in igt_reset_connectors () at igt_kms.c:1656
> > > 6  0x00000000004092dc in call_exit_handlers (sig=15) at igt_core.c:1130
> > > 7  fatal_sig_handler (sig=15) at igt_core.c:1154
> > > 8  <signal handler called>
> > > 9  0x00007f15634cce60 in ptmalloc_unlock_all2 () at arena.c:298
> > > 10 0x00007f156350ca3f in __libc_fork () at ../nptl/sysdeps/unix/sysv/linux/x86_64/../fork.c:188
> > > 11 0x000000000040a029 in __igt_fork_helper (proc=proc at entry=0x610fc4 <signal_helper>) at igt_core.c:910
> > > 12 0x000000000040459d in igt_fork_signal_helper () at igt_aux.c:110
> > > 13 0x0000000000402ab7 in __real_main63 () at bug.c:76
> > > 14 0x000000000040296e in main (argc=<optimized out>, argv=<optimized out>) at bug.c:63

But note that this means that igt_reset_connectors is *not* signal safe
and needs to be rewritten in order for it to work as an exit handler.
Otherwise this bug will just keep on reoccurring.
-Chris

-- 
Chris Wilson, Intel Open Source Technology Centre

More information about the Intel-gfx mailing list