Bug#298342: xserver-xfree86: Crashing (SEGV) when using XRecord clients extensively.
Package: xserver-xfree86
Version: 4.3.0.dfsg.1-8
Severity: normal
I have an application which uses the XRender extension quite
extensively and X crashes after a while. The application is
enabling/disablib recording contexts at will (directed by UI).
The full stack trace is this:
(gdb) bt full
#0 0xb7e367ab in raise () from /lib/tls/libc.so.6
No symbol table info available.
#1 0xb7e37f12 in abort () from /lib/tls/libc.so.6
No symbol table info available.
#2 0x0847454c in ddxGiveUp () at xf86Init.c:1173
i = 1
#3 0x0847462b in AbortDDX () at xf86Init.c:1224
i = 1
#4 0x08516e5f in AbortServer () at utils.c:436
No locals.
#5 0x085187eb in FatalError (f=0x8a36fa0 "Caught signal %d. Server aborting\n") at utils.c:1421
args = 0xbfffef78 "\v"
beenhere = 1
#6 0x0848f646 in xf86SigHandler (signo=11) at xf86Events.c:1230
No locals.
#7 <signal handler called>
No symbol table info available.
#8 RecordAReply (pcbl=0x8b583e0, nulldata=0x0, calldata=0xbffff310) at record.c:713
pContext = 0x8c64098
pRCAP = 0x3
eci = 140702809
majorop = -1073745176
pri = (ReplyInfoRec *) 0xbffff310
client = 0x8e6ffa8
stuff = (xReq *) 0xaf71d008
#9 0x084e7c7d in _CallCallbacks (pcbl=0x8b583e0, call_data=0xbffff310) at dixutils.c:824
cbl = 0x8c66b50
cbr = 0x8c74098
pcbr = 0x0
#10 0x084e8038 in CallCallbacks (pcbl=0x8b583e0, call_data=0xbffff310) at dixutils.c:982
No locals.
#11 0x085159a5 in WriteToClient (who=0x8e6ffa8, count=64, buf=0x8c63bb0 "\001") at io.c:1018
replylen = 8
bytesleft = 0
n = 0 '\0'
replyinfo = {client = 0x8e6ffa8, replyData = 0x8c63bb0, dataLenBytes = 64, bytesRemaining = 0, startOfReply = 1}
oc = 0x8c71a28
oco = 0x8e6d878
padBytes = 0
#12 0x086d516a in RecordFlushReplyBuffer (pContext=0x8c63b98, data1=0x0, len1=0, data2=0x0, len2=0) at record.c:252
No locals.
#13 0x086d6347 in RecordFlushAllContexts (pcbl=0x8b583e8, nulldata=0x0, calldata=0x0) at record.c:953
eci = 0
pContext = 0x8c63b98
#14 0x084e7c7d in _CallCallbacks (pcbl=0x8b583e8, call_data=0x0) at dixutils.c:824
cbl = 0x8e735d8
cbr = 0x8fd0f38
pcbr = 0x862e2df
#15 0x084e8038 in CallCallbacks (pcbl=0x8b583e8, call_data=0x0) at dixutils.c:982
No locals.
#16 0x0851567c in FlushAllOutput () at io.c:824
index = 138994531
base = -1073744888
mask = 146196552
oc = 0x113
client = 0x8b6edb0
newoutput = 1
#17 0x085157da in FlushIfCriticalOutputPending () at io.c:896
No locals.
#18 0x084de2a4 in Dispatch () at dispatch.c:418
clientReady = (int *) 0xbffff424
result = 0
client = 0x8c0c6c8
nready = 0
icheck = (HWEventQueuePtr *) 0x8b55bc8
start_tick = 339660
#19 0x084f58c4 in main (argc=4, argv=0xbffff914, envp=0xbffff928) at main.c:469
i = 1
j = 2
k = 2
error = 0
xauthfile = 0x0
alwaysCheckForInput = {0, 1}
(gdb)
I have a coredump available for inspection against XFree86 4.3.0.dfsg.1-8 (debug versioN) for inspection.
-- Package-specific info:
Contents of /var/lib/xfree86/X.roster:
xserver-xfree86
xserver-xfree86-dbg
/etc/X11/X target unchanged from checksum in /var/lib/xfree86/X.md5sum.
X server symlink status:
lrwxrwxrwx 1 root root 26 Mar 4 14:13 /etc/X11/X -> /usr/bin/X11/XFree86-debug
-rwxr-xr-x 1 root root 138772955 Sep 28 15:06 /usr/bin/X11/XFree86-debug
Contents of /var/lib/xfree86/XF86Config-4.roster:
xserver-xfree86
xserver-xfree86-dbg
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages xserver-xfree86 depends on:
ii debconf [debconf-2.0] 1.4.30.11 Debian configuration management sy
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libgcc1 1:3.4.3-6 GCC support library
ii xserver-common 4.3.0.dfsg.1-10 files and utilities common to all
ii zlib1g 1:1.2.2-3 compression library - runtime
-- debconf information:
xserver-xfree86/config/monitor/screen-size: 17 inches (430 mm)
xserver-xfree86/config/device/use_fbdev:
* xserver-xfree86/config/monitor/selection-method: Advanced
xserver-xfree86/config/doublequote_in_string_error:
* xserver-xfree86/config/device/bus_id:
* xserver-xfree86/config/device/video_ram: 32
* xserver-xfree86/config/monitor/lcd: false
xserver-xfree86/config/inputdevice/keyboard/internal:
* xserver-xfree86/config/device/driver: nv
* xserver-xfree86/config/monitor/vert-refresh: 43-72
* xserver-xfree86/config/display/default_depth: 16
* xserver-xfree86/config/display/modes: 1280x1024, 1280x960, 1152x864, 1024x768, 800x600, 640x480
* xserver-xfree86/config/modules: GLcore, bitmap, dbe, ddc, dri, extmod, freetype, glx, int10, record, speedo, type1, vbe, xtt
xserver-xfree86/config/monitor/range_input_error:
* xserver-xfree86/autodetect_video_card: false
* xserver-xfree86/config/inputdevice/keyboard/variant:
* xserver-xfree86/config/inputdevice/mouse/port: /dev/input/mice
* xserver-xfree86/config/write_files_section: true
xserver-xfree86/autodetect_monitor: true
* xserver-xfree86/config/device/identifier: GeForce4 MX 440 AGP 8x
* shared/default-x-server: xserver-xfree86-dbg
* xserver-xfree86/config/inputdevice/mouse/emulate3buttons: true
* xserver-xfree86/config/inputdevice/keyboard/layout: us
* xserver-xfree86/config/monitor/horiz-sync: 28-33
* xserver-xfree86/config/monitor/identifier: P1110
shared/no_known_x-server:
xserver-xfree86/autodetect_mouse: true
* xserver-xfree86/config/monitor/mode-list: 640x480 @ 60Hz
* xserver-xfree86/config/inputdevice/keyboard/rules: xfree86
xserver-xfree86/multiple_possible_x-drivers:
* xserver-xfree86/config/inputdevice/keyboard/model: pc105
* xserver-xfree86/config/write_dri_section: true
* xserver-xfree86/config/inputdevice/mouse/zaxismapping: true
xserver-xfree86/config/device/bus_id_error:
* xserver-xfree86/config/inputdevice/keyboard/options:
xserver-xfree86/config/nonnumeric_string_error:
* xserver-xfree86/config/inputdevice/mouse/protocol: ImPS/2
shared/multiple_possible_x-servers:
xserver-xfree86/config/null_string_error:
Reply to: