Created attachment 463801 [details] abrt report from Xorg crash Description of problem: If you attempt to use the X font server (xorg-x11-xfs) on Fedora 14 with the Fedora 14 X server, the X server will crash on many or any operation that seems to involve inventorying fonts. The minimal set of packages over a stock install necessary to do this seems to be xfs itself and the 100dpi bitmapped fonts, but it's possible that other font types will also do this. (I have not attempted to do an exhaustive inventory.) Reverting back to the Fedora 13 X server (and dependent drivers) on a Fedora 14 system avoids the crash. This crash happens with all versions of the Fedora 14 X server that I have seen, both the one on the distribution image, the initial update in the updates repository, and the latest update. This may be the same bug as #651197 and #648608. I am refiling because I have somewhat different abrt traces and a minimal reproduction, but please feel free to mark this bug as a duplicate of one of the others as appropriate. Version-Release number of selected component (if applicable): xorg-x11-xfs-1.0.5-8.fc14.x86_64 xorg-x11-fonts-100dpi-7.2-11.fc14.noarch xorg-x11-server-Xorg-1.9.1-3.fc14.x86_64 How reproducible: Completely Steps to Reproduce: 1. install a stock 64-bit Fedora 14 system (may repro on i686; haven't tried) 2. install xorg-x11-utils (for xlsfonts), xorg-x11-xfs and xorg-x11-fonts-100dpi 3. start xfs with '/etc/rc.d/init.d/xfs start' 4. log in and add the xfs server to your font path: xset fp+ unix/:7100 5. run xlsfonts; the server will immediately crash Actual results: Server crash. Expected results: List of fonts. Additional info: The stock xfs configuration serves the same fonts that the X server is already using, since both point to catalogue:/etc/X11/fontpath.d. This has let me see that just having X with the bitmapped fonts or just having X talk to xfs for fonts are not enough to create the crash. The crash can also be reproduced with Xvfb: Xvfb :1 -noreset & DISPLAY=:1 xset fp+ unix/:7100 DISPLAY=:1 xlsfonts Testing with Xvfb this way commonly shows a glibc error: *** glibc detected *** Xvfb: double free or corruption (!prev): 0x0000000001d82210 *** (the address varies) I am attaching an abrt trace (from an Xorg crash, not Xvfb).
After noticing that firefox startup and kde menus crashed my X server every time, I can confirm this still happens with current FC14 Xorg: $ rpm -q xorg-x11-xfs xorg-x11-fonts-100dpi xorg-x11-server-Xorg xorg-x11-xfs-1.0.5-8.fc14.x86_64 xorg-x11-fonts-100dpi-7.2-12.fc14.noarch xorg-x11-server-Xorg-1.9.3-4.fc14.x86_64 [ 2888.421] (II) config/udev: Adding input device HDA NVidia HP Out at Ext Front Jack (/dev/input/event7) [ 2888.421] (II) No input driver/identifier specified (ignoring) [ 2971.531] Backtrace: [ 2971.532] 0: /usr/bin/Xorg (xorg_backtrace+0x28) [0x4a0488] [ 2971.532] 1: /usr/bin/Xorg (0x400000+0x60d79) [0x460d79] [ 2971.532] 2: /lib64/libc.so.6 (0x7fccea130000+0x33140) [0x7fccea163140] [ 2971.532] 3: /usr/bin/Xorg (doListFontsWithInfo+0x1c1) [0x42e011] [ 2971.532] 4: /usr/bin/Xorg (ProcessWorkQueue+0x21) [0x4318d1] [ 2971.532] 5: /usr/bin/Xorg (WaitForSomething+0x5b) [0x459edb] [ 2971.532] 6: /usr/bin/Xorg (0x400000+0x2d252) [0x42d252] [ 2971.532] 7: /usr/bin/Xorg (0x400000+0x2152e) [0x42152e] [ 2971.532] 8: /lib64/libc.so.6 (__libc_start_main+0xfd) [0x7fccea14ee5d] [ 2971.532] 9: /usr/bin/Xorg (0x400000+0x210d9) [0x4210d9] [ 2971.532] Segmentation fault at address 0xd41a34b0 [ 2971.532] Fatal server error: [ 2971.532] Caught signal 11 (Segmentation fault). Server aborting Also on an 32-bit machine, the original Xvfp test... $ rpm -q xorg-x11-xfs xorg-x11-fonts-100dpi xorg-x11-server-Xorg xorg-x11-xfs-1.0.5-8.fc14.i686 xorg-x11-fonts-100dpi-7.2-12.fc14.noarch xorg-x11-server-Xorg-1.9.3-4.fc14.i686 $ Xvfb :1 -noreset & [1] 27322 $ DISPLAY=:1 xset fp+ unix/:7100 $ DISPLAY=:1 xlsfonts Backtrace: 0: Xvfb (xorg_backtrace+0x3c) [0x81badcc] 1: Xvfb (0x8047000+0x177226) [0x81be226] 2: (vdso) (__kernel_rt_sigreturn+0x0) [0x1e440c] 3: Xvfb (0x8047000+0x1207bb) [0x81677bb] 4: Xvfb (ProcessWorkQueue+0x31) [0x816adc1] 5: Xvfb (WaitForSomething+0x57) [0x81b84c7] 6: Xvfb (0x8047000+0x11f31e) [0x816631e] 7: Xvfb (0x8047000+0x10d715) [0x8154715] 8: /lib/libc.so.6 (__libc_start_main+0xe6) [0x4cfe36] 9: Xvfb (0x8047000+0x15051) [0x805c051] Segmentation fault at address 0x8 Fatal server error: Caught signal 11 (Segmentation fault). Server aborting XIO: fatal IO error 11 (Resource temporarily unavailable) on X server ":1.0" after 7 requests (7 known processed) with 0 events remaining. $ [1]+ Exit 1 Xvfb :1 -noreset After removing the fontserver from the fontpath, the crashes stopped.
I have just tested, and this still happens on the just released X server update to 1.9.5 (xorg-x11-server-Xorg-1.9.5-1.fc14).
This message is a notice that Fedora 15 is now at end of life. Fedora has stopped maintaining and issuing updates for Fedora 15. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At this time, all open bugs with a Fedora 'version' of '15' have been closed as WONTFIX. (Please note: Our normal process is to give advanced warning of this occurring, but we forgot to do that. A thousand apologies.) Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, feel free to reopen this bug and simply change the 'version' to a later Fedora version. Bug Reporter: Thank you for reporting this issue and we are sorry that we were unable to fix it before Fedora 15 reached end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged to click on "Clone This Bug" (top right of this page) and open it against that version of Fedora. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping