Hi all,
we have a running 1.4 installation that serves vnc connections (only). I
am trying to upgrade to a recent code basis as we want to add some
features (alt-f4 etc on the OSD).
I installed client and server versions 1.5.4 on a test machine and it
works only for some of our client boxes (ones in our office,p.ex.) but
guacd dies for other connections (at a remote site behind a firewall)
with a 'double free' error. Guacd seemingly dies when cursor movements
happen on the web client, and I saw it happen consistently when the
mouse enters / leaves the rendered remote display in the browser window.
I ran guacd with the valgrind drd tool
valgrind --tool=drd --trace-fork-join=yes /usr/local/sbin/guacd-1.5.4a -f -L
trace -b 127.0.0.1 -l 4822 -p /tmp/guacd.pid
and captured the state below when guacd died away; I marked the portions
that made me think in bold.
Do you think that this is at libvnclient level or in guacd itself? I
don't know the code that well but am willing to try a few things if you
have a hint or another.
Thanks
Simon
|==158712== drd_thread_finished tid = 396 (which is a detached thread)
==158712== drd_pre_thread_create creator = 4, created = 7 ==158712==
drd_post_thread_create created = 397 ==158712== drd_thread_finished tid
= 397 (which is a detached thread) ==158712== drd_pre_thread_create
creator = 4, created = 7 ==158712== drd_post_thread_create created = 398
guacd[158712]: TRACE: Server completed frame 190857531ms (0 logical
frames) ==158712== drd_thread_finished tid = 398 (which is a detached
thread) guacd[158712]: TRACE: User confirmation of frame 190854974ms
received at 190857789ms (processing_lag=2798ms, estimated_rtt=17ms)
==158712== drd_pre_thread_create creator = 4, created = 7 ==158712==
drd_post_thread_create created = 399 ==158712== drd_thread_finished tid
= 399 (which is a detached thread) guacd[158712]: TRACE: User
confirmation of frame 190855950ms received at 190858143ms
(processing_lag=2176ms, estimated_rtt=17ms) ==158712==
drd_pre_thread_create creator = 4, created = 7 ==158712==
drd_post_thread_create created = 400 ==158712== drd_thread_finished tid
= 400 (which is a detached thread) drd: *drd_malloc_wrappers.c:113
(handle_free): Assertion 'success' failed*. host stacktrace: ==158712==
at 0x58025E6A: show_sched_status_wrk (m_libcassert.c:406) ==158712== by
0x58025F87: report_and_quit (m_libcassert.c:477) ==158712== by
0x58026117: vgPlain_assert_fail (m_libcassert.c:543) ==158712== by
0x5801A519: handle_free (drd_malloc_wrappers.c:113) ==158712== by
0x5801A519: handle_free (drd_malloc_wrappers.c:107) ==158712== by
0x5801A519: drd_free (drd_malloc_wrappers.c:165) ==158712== by
0x5807E59C: do_client_request (scheduler.c:1953) ==158712== by
0x5807E59C: vgPlain_scheduler (scheduler.c:1516) ==158712== by
0x580D3690: thread_wrapper (syswrap-linux.c:101) ==158712== by
0x580D3690: run_a_thread_NORETURN (syswrap-linux.c:154) ==158712== by
0x580D397A: vgModuleLocal_start_thread_NORETURN (syswrap-linux.c:328)
==158712== by 0x5808EFBD: ??? (in
/usr/lib/x86_64-linux-gnu/valgrind/drd-amd64-linux) ==158712== by
0xDEADBEEFDEADBEEE: ??? ==158712== by 0xDEADBEEFDEADBEEE: ??? ==158712==
by 0xDEADBEEFDEADBEEE: ??? sched status: running_tid=5 Thread 1: status
= VgTs_WaitSys syscall 230 (lwpid 158715) ==158712== at 0x4A1B1A1:
clock_nanosleep@@GLIBC_2.17 (clock_nanosleep.c:48) ==158712== by
0x4A20982: nanosleep (nanosleep.c:27) ==158712== by 0x48A7551:
__guac_socket_keep_alive_thread (socket.c:74) ==158712== by 0x483F166:
vgDrd_thread_wrapper (drd_pthread_intercepts.c:449) ==158712== by
0x487CEA6: start_thread (pthread_create.c:477) ==158712== by 0x4A54A2E:
clone (clone.S:95) client stack range: [0x7D00000 0x84FEFFF] client SP:
0x84FEC20 valgrind stack range: [0x100268E000 0x100278DFFF] top usage:
18472 of 1048576 Thread 2: status = VgTs_WaitSys syscall 47 (lwpid
158712) ==158712== at 0x4887DAD: __libc_recvmsg (recvmsg.c:28)
==158712== by 0x4887DAD: recvmsg (recvmsg.c:25) ==158712== by 0x10C74D:
guacd_recv_fd (move-fd.c:86) ==158712== by 0x10CA51: guacd_exec_proc
(proc.c:366) ==158712== by 0x10CE9B: guacd_create_proc (proc.c:472)
==158712== by 0x10BF28: guacd_route_connection (connection.c:304)
==158712== by 0x10BF28: guacd_connection_thread (connection.c:399)
==158712== by 0x483F166: vgDrd_thread_wrapper
(drd_pthread_intercepts.c:449) ==158712== by 0x487CEA6: start_thread
(pthread_create.c:477) ==158712== by 0x4A54A2E: clone (clone.S:95)
client stack range: [0x65D2000 0x6DD0FFF] client SP: 0x6DD09B0 valgrind
stack range: [0x100331A000 0x1003419FFF] top usage: 18264 of 1048576
Thread 3: status = VgTs_WaitSys syscall 202 (lwpid 158716) ==158712== at
0x487E4A7: __pthread_clockjoin_ex (pthread_join_common.c:145) ==158712==
by 0x48400CF: pthread_join_intercept (drd_pthread_intercepts.c:713)
==158712== by 0x48400CF: pthread_join (drd_pthread_intercepts.c:723)
==158712== by 0x48AA195: guac_user_start (user-handshake.c:223)
==158712== by 0x48AA195: guac_user_handle_connection
(user-handshake.c:361) ==158712== by 0x10CC97: guacd_user_thread
(proc.c:99) ==158712== by 0x483F166: vgDrd_thread_wrapper
(drd_pthread_intercepts.c:449) ==158712== by 0x487CEA6: start_thread
(pthread_create.c:477) ==158712== by 0x4A54A2E: clone (clone.S:95)
client stack range: [0x8501000 0x8CFFFFF] client SP: 0x8CFF9C0 valgrind
stack range: [0x10049A8000 0x1004AA7FFF] top usage: 9464 of 1048576
Thread 4: status = VgTs_WaitSys syscall 128 (lwpid 158717) ==158712== at
0x495421D: timer_helper_thread (timer_routines.c:89) ==158712== by
0x483F166: vgDrd_thread_wrapper (drd_pthread_intercepts.c:449)
==158712== by 0x487CEA6: start_thread (pthread_create.c:477) client
stack range: [0x485B000 0x485FFFF] client SP: 0x485FD50 valgrind stack
range: [0x1004AAC000 0x1004BABFFF] top usage: 8984 of 1048576 Thread 5:
status = VgTs_Runnable (lwpid 158718) ==158712== at 0x483CBCB: free
(vg_replace_malloc.c:538) ==158712== by 0x6DF05F8: *HandleCursorShape*
(in /usr/local/lib/libvncclient.so.0.9.14) ==158712== by 0x6DF6FED:
HandleRFBServerMessage (in /usr/local/lib/libvncclient.so.0.9.14)
==158712== by 0x6DDC187: guac_vnc_client_thread (vnc.c:473) ==158712==
by 0x483F166: vgDrd_thread_wrapper (drd_pthread_intercepts.c:449)
==158712== by 0x487CEA6: start_thread (pthread_create.c:477) ==158712==
by 0x4A54A2E: clone (clone.S:95) client stack range: [0x8D02000
0x9500FFF] client SP: 0x95009B0 valgrind stack range: [0x1004D2D000
0x1004E2CFFF] top usage: 18264 of 1048576 Thread 6: status =
VgTs_WaitSys syscall 1 (lwpid 158719) ==158712== at 0x4886FEF:
__libc_write (write.c:26) ==158712== by 0x4886FEF: write (write.c:24)
==158712== by 0x6E0CF24: WriteToRFBServer (in
/usr/local/lib/libvncclient.so.0.9.14) ==158712== by 0x6DF5E54:
*SendPointerEvent* (in /usr/local/lib/libvncclient.so.0.9.14) ==158712==
by 0x6DDAFC2: *guac_vnc_user_mouse_handler* (input.c:45) ==158712== by
0x48A9D8F: guac_user_input_thread (user-handshake.c:166) ==158712== by
0x483F166: vgDrd_thread_wrapper (drd_pthread_intercepts.c:449)
==158712== by 0x487CEA6: start_thread (pthread_create.c:477) ==158712==
by 0x4A54A2E: clone (clone.S:95) client stack range: [0x9503000
0x9D01FFF] client SP: 0x9D01AE0 valgrind stack range: [0x1008170000
0x100826FFFF] top usage: 7576 of 1048576 |
--
VoXel Interaction Design |www.voxel.at
DI Dr.techn. Simon Vogl |si...@voxel.at
Tomaschekweg 46 | +43 650 2323 555
A-4040 Linz - Austria |
Office address: Industriezeile 35, 4020 Linz (2nd floor)
