Bug 737031

Summary: [Crestline] Coredump when doing exit
Product: [Fedora] Fedora Reporter: Zdenek Kabelac <zkabelac>
Component: xorg-x11-serverAssignee: Peter Hutterer <peter.hutterer>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: rawhideCC: xgl-maint, yaneti
Target Milestone: ---Keywords: Reopened, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: [cat:crash]
Fixed In Version: xorg-x11-server-1.11.2-3.fc16 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-11-14 00:53:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Full bt log
none
Xorg log none

Description Zdenek Kabelac 2011-09-09 12:08:48 UTC 
Created attachment 522315 [details]
Full bt log

Description of problem:

I'm recently noticing, that when kill my Xserver - it ends with black console screen and save Xorg coredump.

Here it bt (though might not match exactly since my running Xorg has been replaced with updated version during some upgrade) - it seems to look reasonably well - thus I'm adding it here as the probably source of troubles.

Looks like it's doing some copy to already released memory ?

My hw - T61, intel graphics


#0  0x00007fd2ff4e443d in __memcpy_ssse3 () at ../sysdeps/x86_64/multiarch/memcpy-ssse3.S:246
#1  0x000000000055700a in mieqEnqueue (pDev=0x3a41d90, e=0x1ade0f0) at mieq.c:202
#2  0x0000000000446d53 in queueEventList (device=0x3a41d90, events=0x1ade0f0, nevents=<optimized out>) at getevents.c:933
#3  0x00000000004945d2 in xf86ScaleAxis (Cx=608, to_max=28173120, to_min=592, from_max=<optimized out>, from_min=596) at xf86Xinput.c:1304
#4  0x00007fd2fbbba060 in EvdevPostQueuedEvents (v=0x7ffffa90a7f0, pInfo=0x16, num_v=<optimized out>, first_v=<optimized out>)
    at evdev.c:769
#5  EvdevProcessSyncEvent (ev=<optimized out>, pInfo=0x16) at evdev.c:811
#6  EvdevProcessEvent (ev=<optimized out>, pInfo=0x16) at evdev.c:843
#7  EvdevReadInput (pInfo=0x16) at evdev.c:891
#8  0x000000000047ef48 in xf86SigioReadInput (fd=<optimized out>, closure=0x3a408b0) at xf86Events.c:298
#9  0x00000000004a4780 in xf86RemoveSIGIOHandler (fd=608) at ../shared/sigio.c:213
#10 <signal handler called>
#11 0x00007fd2ff3e55f0 in kill () at ../sysdeps/unix/syscall-template.S:84
#12 0x00000000004291b0 in CloseDeviceList (listHead=0x7e58e8) at devices.c:968
#13 0x0000000000429722 in CloseDownDevices () at devices.c:996
#14 0x0000000000422df4 in main (argc=<optimized out>, argv=0x7ffffa90b078, envp=<optimized out>) at main.c:319


(gdb) up
#1  0x000000000055700a in mieqEnqueue (pDev=0x3a41d90, e=0x1ade0f0) at mieq.c:202
202	    miEventQueue.events[oldtail].pScreen = pDev ? EnqueueScreen(pDev) : NULL;
(gdb) print pDev
$1 = (struct _DeviceIntRec *) 0x3a41d90
(gdb) print *pDev
$2 = {public = {devicePrivate = 0x3a408b0, processInputProc = 0x5380c0 <ProcessKeyboardEvent+80>, 
    realInputProc = 0x5380c0 <ProcessKeyboardEvent+80>, enqueueInputProc = 0x43b460 <EnqueueEvent>, on = 1}, next = 0x3a47e20, 
  startup = 1, deviceProc = 0x7fd2fbbbac00 <EvdevProc>, inited = 1, enabled = 1, coreEvents = 4, deviceGrab = {grabTime = {months = 0, 
      milliseconds = 2394344}, fromPassiveGrab = 0, implicitGrab = 0, activeGrab = {next = 0x0, resource = 0, device = 0x0, window = 0x0, 
      ownerEvents = 0, keyboardMode = 0, pointerMode = 0, grabtype = GRABTYPE_CORE, type = 0 '\000', modifiersDetail = {exact = 0, 
        pMask = 0x0}, modifierDevice = 0x0, detail = {exact = 0, pMask = 0x0}, confineTo = 0x0, cursor = 0x0, eventMask = 0, 
      deviceMask = 0, xi2mask = {"\000\000" <repeats 42 times>}}, grab = 0x0, activatingKey = 0 '\000', 
    ActivateGrab = 0x442d30 <ActivateKeyboardGrab>, DeactivateGrab = 0x442b00 <DeactivateKeyboardGrab>, sync = {frozen = 0, state = 0, 
      other = 0x0, event = 0x0}}, type = 3, xinput_type = 92, name = 0x3a422e0 "AT Translated Set 2 keyboard", id = 9, key = 0x3a423f0, 
  valuator = 0x0, button = 0x0, focus = 0x3a472d0, proximity = 0x0, kbdfeed = 0x3a42470, ptrfeed = 0x0, intfeed = 0x0, stringfeed = 0x0, 
  bell = 0x0, leds = 0x0, xkb_interest = 0x0, config_info = 0x3a42310 "udev:/sys/devices/platform/i8042/serio0/input/input4/event4", 
  unused_classes = 0x0, saved_master_id = 0, devPrivates = 0x3a42190, unwrapProc = 0x535eb0 <xkbUnwrapProc+80>, spriteInfo = 0x3a42160, 
  master = 0x0, lastSlave = 0x0, last = {valuators = {0 <repeats 36 times>}, remainder = {0 <repeats 36 times>}, numValuators = 0, 
    slave = 0x0}, properties = {properties = 0x3a47390, handlers = 0x3a473e0}, transform = {m = {{0, 0, 0}, {0, 0, 0}, {0, 0, 0}}}, 
  xtest_master_id = 0}


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Zdenek Kabelac 2011-09-09 12:15:01 UTC 
Created attachment 522318 [details]
Xorg log

Version of packages:

xorg-x11-server-Xorg-1.11.0-1.fc17.x86_64
xorg-x11-drv-intel-2.16.0-2.fc17.x86_64

Though they do not match version of coredumping binary (since package version is after todays  upgrade) while my X servers was already few days old - most probably this one: 1.10.99.902-1.20110818.fc17.x86_64.
Comment 2 Zdenek Kabelac 2011-10-02 13:22:55 UTC 
Still happens with

xorg-x11-server-Xorg-1.11.1-1.fc17.x86_64
Comment 3 Adam Jackson 2011-10-20 21:11:46 UTC 
Looks like the same bug would be present upstream too.  CloseInput in xfree86 should disable the SIGIO handler I think.
Comment 4 Peter Hutterer 2011-10-24 03:00:37 UTC 
Should be fixed with xorg-x11-server-1.11.1-2.fc17, please re-open if you still see this issue.
Comment 5 Zdenek Kabelac 2011-11-07 23:31:51 UTC 
xorg-x11-server-Xorg-1.11.2-1.fc16.x86_64

Well still happens:

(gdb) bt
#0  __memcpy_ssse3 () at ../sysdeps/x86_64/multiarch/memcpy-ssse3.S:296
#1  0x00000000005575da in mieqEnqueue (pDev=0x3910110, e=0x19ab9b0) at /usr/include/bits/string3.h:52
#2  0x0000000000446d83 in queueEventList (device=0x3910110, events=0x19ab9b0, nevents=<optimized out>) at getevents.c:933
#3  0x0000000000494972 in xf86PostKeyboardEvent (device=0x3910110, key_code=22, is_down=0) at xf86Xinput.c:1268
#4  0x00007fe7e7bda060 in EvdevPostQueuedEvents (v=0x7fff55853370, pInfo=0x390fd60, num_v=<optimized out>, first_v=<optimized out>)
    at evdev.c:769
#5  EvdevProcessSyncEvent (ev=<optimized out>, pInfo=0x390fd60) at evdev.c:811
#6  EvdevProcessEvent (ev=<optimized out>, pInfo=0x390fd60) at evdev.c:843
#7  EvdevReadInput (pInfo=0x390fd60) at evdev.c:891
#8  0x000000000047f2d8 in xf86SigioReadInput (fd=<optimized out>, closure=0x390fd60) at xf86Events.c:298
#9  0x00000000004a4b1b in xf86SIGIO (sig=<optimized out>) at ../shared/sigio.c:109
#10 <signal handler called>
#11 0x00007fe7eb40a560 in __sigprocmask (how=2, set=0x7de300, oset=0x0) at ../sysdeps/unix/sysv/linux/ia64/sigprocmask.c:43
#12 0x0000000000429210 in CloseDeviceList (listHead=0x7e58e8) at devices.c:968
#13 0x0000000000429782 in CloseDownDevices () at devices.c:996
#14 0x0000000000422e54 in main (argc=<optimized out>, argv=0x7fff55853bf8, envp=<optimized out>) at main.c:319



Section "ServerFlags"
        Option "DontVTSwitch" "false"
        Option "DontZap" "false"
        Option "AllowMouseOpenFail" "true"
        Option "NoTrapSignals" "true"
EndSection
Comment 6 Peter Hutterer 2011-11-09 02:06:17 UTC 
Did you test the rawhide server? that's where this fix went in
Comment 7 Fedora Update System 2011-11-09 02:32:48 UTC 
xorg-x11-server-1.11.2-2.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/xorg-x11-server-1.11.2-2.fc16
Comment 8 Zdenek Kabelac 2011-11-09 13:16:11 UTC 
I'll test new version - but it seems like  Xorg packages have problem with package versions - you should never release package with higher version which is in fact older then some other already release package.

Using  update-testing repo for f16 with rawhide is pretty mandatory thing, since many developers are only updating/fixing bugs for f16 and completely ignoring/forgeting about releasing same fixes for rawhide thus you must avoid releasing package for f16 with higher package version.
Comment 9 Fedora Update System 2011-11-10 17:46:27 UTC 
Package xorg-x11-server-1.11.2-2.fc16:
* should fix your issue,
* was pushed to the Fedora 16 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing xorg-x11-server-1.11.2-2.fc16'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2011-15685
then log in and leave karma (feedback).
Comment 10 Fedora Update System 2011-11-10 19:46:25 UTC 
xorg-x11-server-1.11.2-3.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/xorg-x11-server-1.11.2-3.fc16
Comment 11 Fedora Update System 2011-11-14 00:53:02 UTC 
xorg-x11-server-1.11.2-3.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 12 Zdenek Kabelac 2011-11-14 08:36:33 UTC 
I've opened new bug 753703 which is most probably related to the fix for this BZ.