Bug 458219
| Summary: | xvfb segmentation fault in FreeColormap | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Zing <zing> | ||||||||
| Component: | xorg-x11-server | Assignee: | Adam Jackson <ajax> | ||||||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||||
| Severity: | medium | Docs Contact: | |||||||||
| Priority: | medium | ||||||||||
| Version: | 9 | CC: | astrand, atkac, mcepl, rjones, xgl-maint | ||||||||
| Target Milestone: | --- | ||||||||||
| Target Release: | --- | ||||||||||
| Hardware: | All | ||||||||||
| OS: | Linux | ||||||||||
| Whiteboard: | |||||||||||
| Fixed In Version: | F11 | Doc Type: | Bug Fix | ||||||||
| Doc Text: | Story Points: | --- | |||||||||
| Clone Of: | Environment: | ||||||||||
| Last Closed: | 2009-06-16 19:19:03 UTC | Type: | --- | ||||||||
| Regression: | --- | Mount Type: | --- | ||||||||
| Documentation: | --- | CRM: | |||||||||
| Verified Versions: | Category: | --- | |||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||
| Embargoed: | |||||||||||
| Attachments: |
|
||||||||||
|
Description
Zing
2008-08-07 02:08:02 UTC
This seems to have something to do with pixel depth. At a depth of 24, Xvfb has been running continously stable for the past couple of hours. At a depth of 8 (the default), it'll crash within a few minutes with the usage above. Thanks for the bug report. We have reviewed the information you have provided above, and there is some additional information we require that will be helpful in our diagnosis of this issue. Please attach your X server config file (/etc/X11/xorg.conf) and X server log file (/var/log/Xorg.*.log) to the bug report as individual uncompressed file attachments using the bugzilla file attachment link below. Could you please also try to run without any /etc/X11/xorg.conf whatsoever and let X11 autodetect your display and video card? Attach to this bug /var/log/Xorg.0.log from this attempt as well, please. We will review this issue again once you've had a chance to attach this information. Thanks in advance. Created attachment 316984 [details]
my xorg.conf file
It doesn't matter if this xorg.conf is used or it's deleted... Xvfb still segfaults eventually.
Created attachment 316986 [details]
first xorg.log
Created attachment 316987 [details]
the old xorg.log file
It seems this bug is GLX extension related. I tried run "Xvfb :1 -ac -depth 8", terminate it with "CTRL + C" and Xvfb gets sigsegv (same backtrace as written in description). valgrind shows this (stripped output, of course): ==24379== Invalid read of size 2 ==24379== at 0x5DB257: FreeColormap (colormap.c:448) ==24379== by 0x60E119: FreeClientResources (resource.c:807) ==24379== by 0x60E20B: FreeAllResources (resource.c:824) ==24379== by 0x609346: main (main.c:453) ==24379== Address 0x4d05058 is 64 bytes inside a block of size 560 free'd ==24379== at 0x4A074D1: realloc (vg_replace_malloc.c:429) ==24379== by 0x65C4C6: Xrealloc (utils.c:1426) ==24379== by 0x4B6A63: AddScreenVisuals (glxscreens.c:364) ==24379== by 0x4B7155: addFullSet (glxscreens.c:530) ==24379== by 0x4B7368: __glXScreenInit (glxscreens.c:591) ==24379== by 0x4B615D: __glXDRIscreenProbe (glxdriswrast.c:522) ==24379== by 0x4B4E57: GlxExtensionInit (glxext.c:297) ==24379== by 0x45881E: InitExtensions (miinitext.c:667) ==24379== by 0x60901D: main (main.c:367) When I run "Xvfb :1 -ac -depth 8 -extension GLX" all works as expected, no sigsegv. I'm using rawhide x86_64 but X codebase is nearly same as in F9 I can reproduce this segfault using just: Xvfb :50 DISPLAY=:50 xdpyinfo Core was generated by `Xvfb :50'. Program terminated with signal 11, Segmentation fault. [New process 27781] #0 0x00000000004f986f in FreeColormap (value=0x174b420, mid=64) at colormap.c:454 454 if (--pent->co.shco.red->refcnt == 0) Missing separate debuginfos, use: debuginfo-install mesa.x86_64 (gdb) bt #0 0x00000000004f986f in FreeColormap (value=0x174b420, mid=64) at colormap.c:454 #1 0x000000000051c19b in FreeClientResources (client=0x1730ee0) at resource.c:807 #2 0x000000000051c284 in FreeAllResources () at resource.c:824 #3 0x0000000000518a9b in main (argc=2, argv=0x7fffb7f0f2e8, envp=<value optimized out>) at main.c:453 (I have executed "debuginfo-install mesa.x86_64".) This upstream report looks relevant: http://bugs.freedesktop.org/show_bug.cgi?id=19470 This message is a reminder that Fedora 9 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 9. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '9'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 9's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 9 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping I can't reproduce this on Fedora 11. Seems to work fine for me as well on Fedora 11. Reporter, can you confirm, that this has been fixed in F11, please? looks good to me on F11. |