Created attachment 522315 [details] Full bt log Description of problem: I'm recently noticing, that when kill my Xserver - it ends with black console screen and save Xorg coredump. Here it bt (though might not match exactly since my running Xorg has been replaced with updated version during some upgrade) - it seems to look reasonably well - thus I'm adding it here as the probably source of troubles. Looks like it's doing some copy to already released memory ? My hw - T61, intel graphics #0 0x00007fd2ff4e443d in __memcpy_ssse3 () at ../sysdeps/x86_64/multiarch/memcpy-ssse3.S:246 #1 0x000000000055700a in mieqEnqueue (pDev=0x3a41d90, e=0x1ade0f0) at mieq.c:202 #2 0x0000000000446d53 in queueEventList (device=0x3a41d90, events=0x1ade0f0, nevents=<optimized out>) at getevents.c:933 #3 0x00000000004945d2 in xf86ScaleAxis (Cx=608, to_max=28173120, to_min=592, from_max=<optimized out>, from_min=596) at xf86Xinput.c:1304 #4 0x00007fd2fbbba060 in EvdevPostQueuedEvents (v=0x7ffffa90a7f0, pInfo=0x16, num_v=<optimized out>, first_v=<optimized out>) at evdev.c:769 #5 EvdevProcessSyncEvent (ev=<optimized out>, pInfo=0x16) at evdev.c:811 #6 EvdevProcessEvent (ev=<optimized out>, pInfo=0x16) at evdev.c:843 #7 EvdevReadInput (pInfo=0x16) at evdev.c:891 #8 0x000000000047ef48 in xf86SigioReadInput (fd=<optimized out>, closure=0x3a408b0) at xf86Events.c:298 #9 0x00000000004a4780 in xf86RemoveSIGIOHandler (fd=608) at ../shared/sigio.c:213 #10 <signal handler called> #11 0x00007fd2ff3e55f0 in kill () at ../sysdeps/unix/syscall-template.S:84 #12 0x00000000004291b0 in CloseDeviceList (listHead=0x7e58e8) at devices.c:968 #13 0x0000000000429722 in CloseDownDevices () at devices.c:996 #14 0x0000000000422df4 in main (argc=<optimized out>, argv=0x7ffffa90b078, envp=<optimized out>) at main.c:319 (gdb) up #1 0x000000000055700a in mieqEnqueue (pDev=0x3a41d90, e=0x1ade0f0) at mieq.c:202 202 miEventQueue.events[oldtail].pScreen = pDev ? EnqueueScreen(pDev) : NULL; (gdb) print pDev $1 = (struct _DeviceIntRec *) 0x3a41d90 (gdb) print *pDev $2 = {public = {devicePrivate = 0x3a408b0, processInputProc = 0x5380c0 <ProcessKeyboardEvent+80>, realInputProc = 0x5380c0 <ProcessKeyboardEvent+80>, enqueueInputProc = 0x43b460 <EnqueueEvent>, on = 1}, next = 0x3a47e20, startup = 1, deviceProc = 0x7fd2fbbbac00 <EvdevProc>, inited = 1, enabled = 1, coreEvents = 4, deviceGrab = {grabTime = {months = 0, milliseconds = 2394344}, fromPassiveGrab = 0, implicitGrab = 0, activeGrab = {next = 0x0, resource = 0, device = 0x0, window = 0x0, ownerEvents = 0, keyboardMode = 0, pointerMode = 0, grabtype = GRABTYPE_CORE, type = 0 '\000', modifiersDetail = {exact = 0, pMask = 0x0}, modifierDevice = 0x0, detail = {exact = 0, pMask = 0x0}, confineTo = 0x0, cursor = 0x0, eventMask = 0, deviceMask = 0, xi2mask = {"\000\000" <repeats 42 times>}}, grab = 0x0, activatingKey = 0 '\000', ActivateGrab = 0x442d30 <ActivateKeyboardGrab>, DeactivateGrab = 0x442b00 <DeactivateKeyboardGrab>, sync = {frozen = 0, state = 0, other = 0x0, event = 0x0}}, type = 3, xinput_type = 92, name = 0x3a422e0 "AT Translated Set 2 keyboard", id = 9, key = 0x3a423f0, valuator = 0x0, button = 0x0, focus = 0x3a472d0, proximity = 0x0, kbdfeed = 0x3a42470, ptrfeed = 0x0, intfeed = 0x0, stringfeed = 0x0, bell = 0x0, leds = 0x0, xkb_interest = 0x0, config_info = 0x3a42310 "udev:/sys/devices/platform/i8042/serio0/input/input4/event4", unused_classes = 0x0, saved_master_id = 0, devPrivates = 0x3a42190, unwrapProc = 0x535eb0 <xkbUnwrapProc+80>, spriteInfo = 0x3a42160, master = 0x0, lastSlave = 0x0, last = {valuators = {0 <repeats 36 times>}, remainder = {0 <repeats 36 times>}, numValuators = 0, slave = 0x0}, properties = {properties = 0x3a47390, handlers = 0x3a473e0}, transform = {m = {{0, 0, 0}, {0, 0, 0}, {0, 0, 0}}}, xtest_master_id = 0} Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Created attachment 522318 [details] Xorg log Version of packages: xorg-x11-server-Xorg-1.11.0-1.fc17.x86_64 xorg-x11-drv-intel-2.16.0-2.fc17.x86_64 Though they do not match version of coredumping binary (since package version is after todays upgrade) while my X servers was already few days old - most probably this one: 1.10.99.902-1.20110818.fc17.x86_64.
Still happens with xorg-x11-server-Xorg-1.11.1-1.fc17.x86_64
Looks like the same bug would be present upstream too. CloseInput in xfree86 should disable the SIGIO handler I think.
Should be fixed with xorg-x11-server-1.11.1-2.fc17, please re-open if you still see this issue.
xorg-x11-server-Xorg-1.11.2-1.fc16.x86_64 Well still happens: (gdb) bt #0 __memcpy_ssse3 () at ../sysdeps/x86_64/multiarch/memcpy-ssse3.S:296 #1 0x00000000005575da in mieqEnqueue (pDev=0x3910110, e=0x19ab9b0) at /usr/include/bits/string3.h:52 #2 0x0000000000446d83 in queueEventList (device=0x3910110, events=0x19ab9b0, nevents=<optimized out>) at getevents.c:933 #3 0x0000000000494972 in xf86PostKeyboardEvent (device=0x3910110, key_code=22, is_down=0) at xf86Xinput.c:1268 #4 0x00007fe7e7bda060 in EvdevPostQueuedEvents (v=0x7fff55853370, pInfo=0x390fd60, num_v=<optimized out>, first_v=<optimized out>) at evdev.c:769 #5 EvdevProcessSyncEvent (ev=<optimized out>, pInfo=0x390fd60) at evdev.c:811 #6 EvdevProcessEvent (ev=<optimized out>, pInfo=0x390fd60) at evdev.c:843 #7 EvdevReadInput (pInfo=0x390fd60) at evdev.c:891 #8 0x000000000047f2d8 in xf86SigioReadInput (fd=<optimized out>, closure=0x390fd60) at xf86Events.c:298 #9 0x00000000004a4b1b in xf86SIGIO (sig=<optimized out>) at ../shared/sigio.c:109 #10 <signal handler called> #11 0x00007fe7eb40a560 in __sigprocmask (how=2, set=0x7de300, oset=0x0) at ../sysdeps/unix/sysv/linux/ia64/sigprocmask.c:43 #12 0x0000000000429210 in CloseDeviceList (listHead=0x7e58e8) at devices.c:968 #13 0x0000000000429782 in CloseDownDevices () at devices.c:996 #14 0x0000000000422e54 in main (argc=<optimized out>, argv=0x7fff55853bf8, envp=<optimized out>) at main.c:319 Section "ServerFlags" Option "DontVTSwitch" "false" Option "DontZap" "false" Option "AllowMouseOpenFail" "true" Option "NoTrapSignals" "true" EndSection
Did you test the rawhide server? that's where this fix went in
xorg-x11-server-1.11.2-2.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/xorg-x11-server-1.11.2-2.fc16
I'll test new version - but it seems like Xorg packages have problem with package versions - you should never release package with higher version which is in fact older then some other already release package. Using update-testing repo for f16 with rawhide is pretty mandatory thing, since many developers are only updating/fixing bugs for f16 and completely ignoring/forgeting about releasing same fixes for rawhide thus you must avoid releasing package for f16 with higher package version.
Package xorg-x11-server-1.11.2-2.fc16: * should fix your issue, * was pushed to the Fedora 16 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing xorg-x11-server-1.11.2-2.fc16' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2011-15685 then log in and leave karma (feedback).
xorg-x11-server-1.11.2-3.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/xorg-x11-server-1.11.2-3.fc16
xorg-x11-server-1.11.2-3.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
I've opened new bug 753703 which is most probably related to the fix for this BZ.