I was using GNOME on X on Fedora 25, when Xorg crashed with: Core was generated by `/usr/libexec/Xorg vt2 -displayfd 3 -auth /run/user/1000/gdm/Xauthority -noliste'. Program terminated with signal SIGSEGV, Segmentation fault. #0 sna_set_cursor_position (scrn=<optimized out>, x=1680, y=818) at sna_display.c:6163 6163 int xhot = sna->cursor.ref->bits->xhot; [Current thread is 1 (Thread 0x7fb4edc62700 (LWP 1450))] (gdb) thread apply all bt Thread 3 (Thread 0x7fb4f8db1ec0 (LWP 1432)): #0 0x00007fb4f693338d in __lll_lock_wait () at ../sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:135 #1 0x00007fb4f692ceca in __GI___pthread_mutex_lock (mutex=mutex@entry=0x82fe80 <input_mutex>) at ../nptl/pthread_mutex_lock.c:115 #2 0x000000000059c3e0 in input_lock () at inputthread.c:106 #3 0x00000000004bbfa6 in xf86SetCursor (pScreen=pScreen@entry=0x17e6aa0, pCurs=0x215eaa0, x=x@entry=1672, y=y@entry=805) at xf86HWCurs.c:224 #4 0x00000000004ba815 in xf86CursorSetCursor (pDev=0x1b2d210, pScreen=0x17e6aa0, pCurs=0x215eaa0, x=1672, y=805) at xf86Cursor.c:348 #5 0x00000000005860cb in miPointerUpdateSprite (pDev=0x1b2d210) at mipointer.c:468 #6 0x000000000058631a in miPointerDisplayCursor (pDev=0x1b2d210, pScreen=0x17e6aa0, pCursor=0x215eaa0) at mipointer.c:206 #7 0x00000000004c9131 in CursorDisplayCursor (pDev=0x1b2d210, pScreen=0x17e6aa0, pCursor=0x215eaa0) at cursor.c:150 #8 0x00000000005181d0 in AnimCurDisplayCursor (pDev=0x1b2d210, pScreen=0x17e6aa0, pCursor=0x215eaa0) at animcur.c:220 #9 0x000000000043fe48 in ChangeToCursor (pDev=0x1b2d210, cursor=0x215eaa0) at events.c:936 #10 0x0000000000441287 in WindowHasNewCursor (pWin=pWin@entry=0x17bd930) at events.c:3360 #11 0x0000000000468fc0 in ChangeWindowAttributes (pWin=0x17bd930, vmask=<optimized out>, vlist=vlist@entry=0x1dd3ba8, client=client@entry=0x1d64d40) at window.c:1561 #12 0x0000000000430d6d in ProcChangeWindowAttributes (client=0x1d64d40) at dispatch.c:716 #13 0x0000000000437055 in Dispatch () at dispatch.c:469 #14 0x000000000043afd8 in dix_main (argc=14, argv=0x7ffec33d09e8, envp=<optimized out>) at main.c:287 #15 0x00007fb4f657d401 in __libc_start_main (main= 0x424cc0 <main>, argc=14, argv=0x7ffec33d09e8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffec33d09d8) at ../csu/libc-start.c:289 #16 0x0000000000424cfa in _start () Thread 2 (Thread 0x7fb4f15c5700 (LWP 1441)): #0 0x00007fb4f6930460 in pthread_cond_wait@@GLIBC_2.3.2 () at ../sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:185 #1 0x00007fb4f1eb2a39 in __run__ (arg=0x17e6740) at sna_threads.c:70 #2 0x00007fb4f692a6ca in start_thread (arg=0x7fb4f15c5700) at pthread_create.c:333 #3 0x00007fb4f6664f6f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:105 Thread 1 (Thread 0x7fb4edc62700 (LWP 1450)): #0 0x00007fb4f1e6f813 in sna_set_cursor_position (scrn=<optimized out>, x=1680, y=818) at sna_display.c:6163 #1 0x00000000004bbac2 in xf86MoveCursor (pScreen=0x17e6aa0, x=1680, y=818) at xf86HWCurs.c:302 #2 0x0000000000585a33 in miPointerMoveNoEvent (pDev=pDev@entry=0x1dbe8e0, pScreen=pScreen@entry=0x17e6aa0, x=1684, y=822) at mipointer.c:567 #3 0x0000000000586834 in miPointerSetPosition (pDev=pDev@entry=0x1dbe8e0, mode=0, screenx=screenx@entry=0x7fb4edc605e0, screeny=screeny@entry=0x7fb4edc605e8, nevents=nevents@entry=0x7fb4edc605dc, events=events@entry=0x7fb4f8d25c20) at mipointer.c:669 #4 0x000000000044d64e in positionSprite (dev=dev@entry=0x1dbe8e0, mode=<optimized out>, mask=mask@entry=0x7fb4edc60630, devx=devx@entry=0x7fb4edc605f0, devy=devy@entry=0x7fb4edc605f8, screenx=screenx@entry=0x7fb4edc605e0, screeny=0x7fb4edc605e8, nevents=0x7fb4edc605dc, events=0x7fb4f8d25c20) at getevents.c:984 #5 0x000000000044de53 in positionSprite (events=0x7fb4f8d25c20, nevents=0x7fb4edc605dc, screeny=0x7fb4edc605e8, screenx=0x7fb4edc605e0, devy=0x7fb4edc605f8, devx=0x7fb4edc605f0, mask=0x7fb4edc60630, mode=0, dev=0x1dbe8e0) at getevents.c:1454 #6 0x000000000044de53 in fill_pointer_events (events=0x7fb4f8d25c20, events@entry=0x7fb4f8d25010, pDev=pDev@entry=0x1dbe8e0, type=<optimized out>, buttons=buttons@entry=0, ms=ms@entry=5794152, flags=flags@entry=10, mask_in=0x7fb4edc60930) at getevents.c:1454 #7 0x000000000044f6df in GetPointerEvents (events=0x7fb4f8d25010, pDev=pDev@entry=0x1dbe8e0, type=<optimized out>, type@entry=6, buttons=buttons@entry=0, flags=10, flags@entry=31189216, mask_in=mask_in@entry=0x1dae9c0) at getevents.c:1711 #8 0x000000000044fc90 in QueuePointerEvents (device=device@entry=0x1dbe8e0, type=type@entry=6, buttons=buttons@entry=0, flags=flags@entry=31189216, mask=mask@entry=0x1dae9c0) at getevents.c:1310 #9 0x0000000000487f61 in xf86PostMotionEventM (device=device@entry=0x1dbe8e0, is_absolute=is_absolute@entry=0, mask=mask@entry=0x1dae9c0) at xf86Xinput.c:1278 #10 0x00007fb4ef85fcb5 in xf86libinput_handle_motion (pInfo=<optimized out>, pInfo=<optimized out>, event= 0x7fb4e8008ad0) at xf86libinput.c:1257 #11 0x00007fb4ef85fcb5 in xf86libinput_handle_event (event=event@entry=0x7fb4e8008ad0) at xf86libinput.c:1913 #12 0x00007fb4ef860880 in xf86libinput_read_input (pInfo=<optimized out>) at xf86libinput.c:1998 #13 0x000000000059c69c in InputReady (fd=21, xevents=1, data=0x1d2ff80) at inputthread.c:173 #14 0x000000000059ed01 in ospoll_wait (ospoll=0x1b53c20, timeout=timeout@entry=-1) at ospoll.c:412 #15 0x000000000059c4f6 in InputThreadDoWork (arg=<optimized out>) at inputthread.c:360 #16 0x00007fb4f692a6ca in start_thread (arg=0x7fb4edc62700) at pthread_create.c:333 #17 0x00007fb4f6664f6f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:105 (gdb) print sna $1 = (struct sna *) 0x7fb4f8cd8000 (gdb) print sna->cursor $2 = {cursors = 0x1dcb170, info = 0x17e4c70, ref = 0x215eaa0, serial = 5596, fg = 4278190080, bg = 4294967295, size = 64, disable = false, active = true, last_x = 1680, last_y = 818, max_size = 256, use_gtt = true, num_stash = 0, stash = 0x1ee4700, scratch = 0x7fb4f0b7f010} (gdb) print sna->cursor.ref $3 = (CursorPtr) 0x215eaa0 (gdb) print sna->cursor.ref->bits $4 = (CursorBitsPtr) 0x215ead8 (gdb) print sna->cursor.ref->bits->xhot $5 = 12 (gdb) print xhot $6 = <optimized out> (gdb) This is a ThinkPad x220 with Intel Sandybridge running on a dock with a rotated external monitor. Versions: [rishi@kolache ~]$ rpm -qa | grep xorg xorg-x11-server-utils-7.7-20.fc25.x86_64 xorg-x11-drv-wacom-0.33.99.1-1.fc25.x86_64 xorg-x11-xkb-utils-7.7-17.fc24.x86_64 xorg-x11-server-common-1.19.0-1.fc25.x86_64 xorg-x11-drv-libinput-debuginfo-0.22.0-2.fc25.x86_64 xorg-x11-drv-openchrome-0.5.0-2.fc25.x86_64 xorg-x11-drv-qxl-0.1.4-10.20160929gite13d28ee.fc25.x86_64 xorg-x11-server-Xorg-1.19.0-1.fc25.x86_64 xorg-x11-xauth-1.0.9-5.fc24.x86_64 xorg-x11-drv-fbdev-0.4.3-25.fc25.x86_64 xorg-x11-xinit-1.3.4-12.fc25.x86_64 xorg-x11-drv-vmware-13.0.2-12.20150211git8f0cf7c.fc25.x86_64 xorg-x11-utils-7.5-21.fc24.x86_64 xorg-x11-drv-intel-2.99.917-26.20160929.fc25.x86_64 xorg-x11-drv-nouveau-1.0.13-1.fc25.x86_64 xorg-x11-server-debuginfo-1.19.0-1.fc25.x86_64 xorg-x11-drv-evdev-2.10.4-1.fc25.x86_64 xorg-x11-font-utils-7.5-32.fc25.x86_64 xorg-x11-drv-intel-debuginfo-2.99.917-26.20160929.fc25.x86_64 xorg-x11-drv-vesa-2.3.2-25.fc25.x86_64 xorg-x11-drv-libinput-0.22.0-2.fc25.x86_64 xorg-x11-drv-ati-7.7.1-1.20160928git3fc839ff.fc25.x86_64 xorg-x11-proto-devel-7.7-20.fc25.noarch xorg-x11-server-Xwayland-1.19.0-1.fc25.x86_64 [rishi@kolache ~]$ rpm -q libdrm libinput libdrm-2.4.73-1.fc25.x86_64 libinput-1.5.1-1.fc25.x86_64 [rishi@kolache ~]$ uname -a Linux kolache 4.8.8-300.fc25.x86_64 #1 SMP Tue Nov 15 18:10:06 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux [rishi@kolache ~]$
Looks liek a dupe of existing bug 1384486 *** This bug has been marked as a duplicate of bug 1384486 ***