Ubuntu
xorg-server package

Xorg crashed with SIGSEGV in DeliverRawEvent()

Bug #1009629 reported by matanya
80
This bug affects 11 people
Affects Status Importance Assigned to Milestone
xorg-server (Debian)
Fix Released
Unknown
xorg-server (Ubuntu)
Fix Released
High
Unassigned
Precise
Fix Released
High
Maarten Lankhorst
Ubuntu ubuntu-12.04.1

Bug Description

[Impact]
Crashes the X.org server for some people several times a day.

[Test Case]
1. Start Xephyr
2. killall Xephyr
Broken Behavior: Aborts with SIGSEGV and a backtrace
Fixed Behavior: Exits cleanly

[Regression Potential]
Reverting the patch from 10.2 will regress LP #968845,
but adding patches from the X-server git tree seems to
fix the issue. Any xserver bug reports will have to be
watched closely, especially if they mention suspend/resume.
The x server git tree will have to be watched as well,
in case any fixes/crashes related to the code are fixed there.

[Original Report]
ProblemType: Crash
Architecture: amd64
Date: Wed Jun 6 20:44:00 2012
DistroRelease: Ubuntu 12.04
ExecutablePath: /usr/bin/Xorg
ExecutableTimestamp: 1336434722
ProcCmdline: /usr/bin/X :0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch -background none
ProcCwd: /etc/X11
ProcStatus:
 Name: Xorg
 State: S (sleeping)
 Tgid: 1170
 Pid: 1170
 PPid: 1120
 TracerPid: 0
 Uid: 0 0 0 0
 Gid: 0 0 0 0
 FDSize: 64
 Groups:
 VmPeak: 183764 kB
 VmSize: 120636 kB
 VmLck: 0 kB
 VmPin: 0 kB
 VmHWM: 23192 kB
 VmRSS: 20272 kB
 VmData: 17504 kB
 VmStk: 136 kB
 VmExe: 1984 kB
 VmLib: 12148 kB
 VmPTE: 304 kB
 VmSwap: 0 kB
 Threads: 1
 SigQ: 1/45863
 SigPnd: 0000000000000000
 ShdPnd: 0000000010000000
 SigBlk: 000000001a392000
 SigIgn: 0000000000001000
 SigCgt: 00000001d18062cf
 CapInh: 0000000000000000
 CapPrm: ffffffffffffffff
 CapEff: ffffffffffffffff
 CapBnd: ffffffffffffffff
 Cpus_allowed: ffff
 Cpus_allowed_list: 0-15
 Mems_allowed: 00000000,00000001
 Mems_allowed_list: 0
 voluntary_ctxt_switches: 209370
 nonvoluntary_ctxt_switches: 6190
Signal: 11
Uname: Linux 3.2.0-24-generic x86_64
ApportVersion: 2.0.1-0ubuntu8
Dependencies:
 adduser 3.113ubuntu2
 base-passwd 3.5.24
 busybox-initramfs 1:1.18.5-1ubuntu4
 coreutils 8.13-3ubuntu3
 cpio 2.11-7ubuntu3
 debconf 1.5.42ubuntu1
 debianutils 4.2.1ubuntu2
 dpkg 1.16.1.2ubuntu7
 findutils 4.4.2-4ubuntu1
 gcc-4.6-base 4.6.3-1ubuntu5
 ifupdown 0.7~beta2ubuntu8
 initramfs-tools 0.99ubuntu13
 initramfs-tools-bin 0.99ubuntu13
 initscripts 2.88dsf-13.10ubuntu11
 insserv 1.14.0-2.1ubuntu2
 iproute 20111117-1ubuntu2
 keyboard-configuration 1.70ubuntu5
 klibc-utils 1.5.25-1ubuntu2
 libacl1 2.2.51-5ubuntu1
 libattr1 1:2.4.46-5ubuntu1
 libblkid1 2.20.1-1ubuntu3
 libbz2-1.0 1.0.6-1
 libc-bin 2.15-0ubuntu10
 libc6 2.15-0ubuntu10
 libdb5.1 5.1.25-11build1
 libdbus-1-3 1.4.18-1ubuntu1
 libdrm-intel1 2.4.32-1ubuntu1
 libdrm-nouveau1a 2.4.32-1ubuntu1
 libdrm-radeon1 2.4.32-1ubuntu1
 libdrm2 2.4.32-1ubuntu1
 libelf1 0.152-1ubuntu3
 libffi6 3.0.11~rc1-5
 libfontenc1 1:1.1.0-1
 libfreetype6 2.4.8-1ubuntu2
 libgcc1 1:4.6.3-1ubuntu5
 libgcrypt11 1.5.0-3ubuntu0.1
 libglib2.0-0 2.32.1-0ubuntu2
 libgpg-error0 1.10-2ubuntu1
 libice6 2:1.0.7-2build1
 libklibc 1.5.25-1ubuntu2
 liblocale-gettext-perl 1.05-7build1
 liblzma5 5.1.1alpha+20110809-3
 libmount1 2.20.1-1ubuntu3
 libncurses5 5.9-4
 libncursesw5 5.9-4
 libnih-dbus1 1.0.3-4ubuntu9
 libnih1 1.0.3-4ubuntu9
 libpam-modules 1.1.3-7ubuntu2
 libpam-modules-bin 1.1.3-7ubuntu2
 libpam0g 1.1.3-7ubuntu2
 libpciaccess0 0.12.902-1
 libpcre3 8.12-4
 libpixman-1-0 0.24.4-1
 libplymouth2 0.8.2-2ubuntu30
 libpng12-0 1.2.46-3ubuntu4
 libselinux1 2.1.0-4.1ubuntu1
 libslang2 2.2.4-3ubuntu1
 libsm6 2:1.2.0-2build1
 libtinfo5 5.9-4
 libudev0 175-0ubuntu9
 libuuid1 2.20.1-1ubuntu3
 libx11-6 2:1.4.99.1-0ubuntu2
 libx11-data 2:1.4.99.1-0ubuntu2
 libxau6 1:1.0.6-4
 libxaw7 2:1.0.9-3ubuntu1
 libxcb1 1.8.1-1
 libxdmcp6 1:1.1.0-4
 libxext6 2:1.3.0-3build1
 libxfont1 1:1.4.4-1
 libxkbfile1 1:1.0.7-1
 libxmu6 2:1.1.0-3
 libxpm4 1:3.5.9-4
 libxt6 1:1.1.1-2build1
 lsb-base 4.0-0ubuntu20
 makedev 2.3.1-89ubuntu2
 module-init-tools 3.16-1ubuntu2
 mount 2.20.1-1ubuntu3
 mountall 2.36
 multiarch-support 2.15-0ubuntu10
 ncurses-bin 5.9-4
 passwd 1:4.1.4.2+svn3283-3ubuntu5
 perl-base 5.14.2-6ubuntu2
 plymouth 0.8.2-2ubuntu30
 procps 1:3.2.8-11ubuntu6
 sed 4.2.1-9
 sensible-utils 0.0.6ubuntu2
 sysv-rc 2.88dsf-13.10ubuntu11
 sysvinit-utils 2.88dsf-13.10ubuntu11
 tar 1.26-4ubuntu1
 tzdata 2012b-1
 udev 175-0ubuntu9
 upstart 1.5-0ubuntu7
 util-linux 2.20.1-1ubuntu3
 x11-common 1:7.6+12ubuntu1
 x11-xkb-utils 7.6+4
 xkb-data 2.5-1ubuntu1
 xserver-common 2:1.11.4-0ubuntu10.2
 xz-utils 5.1.1alpha+20110809-3
 zlib1g 1:1.2.3.4.dfsg-3ubuntu4
Disassembly:
 => 0x7f34318f6558: mov 0xc0(%rsi),%rax
    0x7f34318f655f: xor %ebx,%ebx
    0x7f34318f6561: test %rax,%rax
    0x7f34318f6564: je 0x7f34318f656a
    0x7f34318f6566: mov 0x58(%rax),%rbx
    0x7f34318f656a: mov %r8,0x8(%rsp)
    0x7f34318f656f: callq 0x7f34318f6470
    0x7f34318f6574: mov %eax,%edx
    0x7f34318f6576: xor %eax,%eax
    0x7f34318f6578: mov 0x8(%rsp),%r8
    0x7f34318f657d: test %edx,%edx
    0x7f34318f657f: je 0x7f34318f64f4
    0x7f34318f6585: mov 0x1f8(%rbx),%rax
    0x7f34318f658c: mov %rax,(%r8)
    0x7f34318f658f: add $0x10,%rsp
    0x7f34318f6593: mov $0x1,%eax
DistroCodename: precise
DistroVariant: ubuntu
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012)
Package: xserver-xorg-core 2:1.11.4-0ubuntu10.2
PackageArchitecture: amd64
ProcVersionSignature: Ubuntu 3.2.0-24.39-generic 3.2.16
Registers:
 rax 0x7f3431ca30a8 139862150361256
 rbx 0x0 0
 rcx 0x40 64
 rdx 0x7f3432576570 139862159615344
 rsi 0x0 0
 rdi 0x7f343260fc80 139862160243840
 rbp 0x7f343285ed90 0x7f343285ed90
 rsp 0x7fffaaa274f0 0x7fffaaa274f0
 r8 0x7fffaaa27608 140736056161800
 r9 0x0 0
 r10 0x3 3
 r11 0x1 1
 r12 0x0 0
 r13 0x7fffaaa27540 140736056161600
 r14 0x7f3431cacc40 139862150401088
 r15 0x0 0
 rip 0x7f34318f6558 0x7f34318f6558
 eflags 0x13202 [ IF #12 #13 RF ]
 cs 0x33 51
 ss 0x2b 43
 ds 0x0 0
 es 0x0 0
 fs 0x0 0
 gs 0x0 0
SegvAnalysis:
 Segfault happened at: 0x7f34318f6558: mov 0xc0(%rsi),%rax
 PC (0x7f34318f6558) ok
 source "0xc0(%rsi)" (0x000000c0) not located in a known VMA region (needed readable region)!
 destination "%rax" ok
SegvReason: reading NULL VMA
SourcePackage: xorg-server
StacktraceAddressSignature: /usr/bin/Xorg:11:x86_64:/usr/bin/Xorg+55558:/usr/bin/Xorg+5d5ed:/usr/bin/Xorg+11efe9:/usr/bin/Xorg+169391:/usr/bin/Xorg+4620d:/usr/bin/Xorg+47908:/usr/bin/Xorg+47d48:/usr/bin/Xorg+9fdc1:/usr/bin/Xorg+43d5c:/usr/bin/Xorg+44301:/usr/bin/Xorg+193707:/usr/bin/Xorg+194303:/usr/bin/Xorg+55558:/usr/bin/Xorg+5d5ed:/usr/bin/Xorg+11efe9
StacktraceTop:
 ?? ()
 DeliverRawEvent ()
 ?? ()
 ?? ()
 mieqProcessDeviceEvent ()
Tags: precise ubuntu ubuntu
UpgradeStatus: Upgraded to precise on 2012-05-01 (35 days ago)

See original description
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in xorg (Ubuntu):
status: New → Confirmed
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Confirmed. I'm getting this crash several times a day in precise. But apport keeps failing to ever upload the crash reports.

Stacktrace:
 #0 0x00007f3eb2961558 in ?? ()
 No symbol table info available.
 #1 0x00007f3eb29695ed in DeliverRawEvent ()
 No symbol table info available.
 #2 0x00007f3eb2a2afe9 in ?? ()
 No symbol table info available.
 #3 0x00007f3eb2a75391 in mieqProcessDeviceEvent ()
 No symbol table info available.
 #4 0x00007f3eb295220d in ?? ()
 No symbol table info available.
 #5 0x00007f3eb2953908 in DisableDevice ()
 No symbol table info available.
 #6 0x00007f3eb2953d48 in RemoveDevice ()
 No symbol table info available.
 #7 0x00007f3eb29abdc1 in DeleteInputDeviceRequest ()
 No symbol table info available.
 #8 0x00007f3eb294fd5c in ?? ()
 No symbol table info available.
 #9 0x00007f3eb2950301 in ?? ()
 No symbol table info available.
 #10 0x00007f3eb2a9f707 in ?? ()
 No symbol table info available.
 #11 0x00007f3eb2aa0303 in ?? ()
 No symbol table info available.
 #12 <signal handler called>
 No symbol table info available.
 #13 0x00007f3eb2961558 in ?? ()
 No symbol table info available.
 #14 0x00007f3eb29695ed in DeliverRawEvent ()
 No symbol table info available.
 #15 0x00007f3eb2a2afe9 in ?? ()
 No symbol table info available.
 #16 0x00007f3eb2a55eb1 in ?? ()
 No symbol table info available.
 #17 0x00007f3eb2a75391 in mieqProcessDeviceEvent ()
 No symbol table info available.
 #18 0x00007f3eb295220d in ?? ()
 No symbol table info available.
 #19 0x00007f3eb2953908 in DisableDevice ()
 No symbol table info available.
 #20 0x00007f3eb2953d48 in RemoveDevice ()
 No symbol table info available.
 #21 0x00007f3eb29abdc1 in DeleteInputDeviceRequest ()
 No symbol table info available.
 #22 0x00007f3eb294fd5c in ?? ()
 No symbol table info available.
 #23 0x00007f3eb2950301 in ?? ()
 No symbol table info available.
 #24 0x00007f3eb294971c in ?? ()
 No symbol table info available.
 #25 0x00007f3eb0ac776d in __libc_start_main (main=0x7f3eb2949310, argc=8, ubp_av=0x7fffc138bf48, init=<optimised out>, fini=<optimised out>, rtld_fini=<optimised out>, stack_end=0x7fffc138bf38) at libc-start.c:226
         result = <optimised out>
         unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -1809244600017920725, 139907260782964, 140736435109696, 0, 0, 1809259501354966315, 1772488368390888747}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x7f3eb2aa2fc0, 0x7fffc138bf48}, data = {prev = 0x0, cleanup = 0x0, canceltype = -1297469504}}}
         not_first_call = <optimised out>
 #26 0x00007f3eb294999d in _start ()
 No symbol table info available.

Changed in xorg (Ubuntu):
importance: Undecided → High
Revision history for this message
Bob Bib (bobbib) wrote :

vanvugt,
> apport keeps failing to ever upload the crash reports
 isn't that a Precise feature (bug #994921)?

tags: added: amd64 precise ubuntu
Timo Aaltonen (tjaalton)
affects: xorg (Ubuntu) → xorg-server (Ubuntu)
Sebastien Bacher (seb128)
Changed in xorg-server (Ubuntu Precise):
importance: Undecided → High
status: New → Triaged
milestone: none → ubuntu-12.04.1
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

This is caused by the patch introduced in -0ubuntu10.2.

Revision history for this message
Sebastien Bacher (seb128) wrote :

Confirmed using Xephyr :1 and running DISPLAY=:1 gnome-settings-daemon, that segfaults Xephyr every time with 10.2, downgrading xserver-xephyr to 10.1 fixes it

Changed in xorg-server (Ubuntu Precise):
assignee: nobody → Maarten Lankhorst (mlankhorst)
Revision history for this message
Maarten Lankhorst (mlankhorst) wrote :

12:35 < jcristau> possibly https://lists.debian.org/debian-x/2012/05/msg00240.html?
12:36 < jcristau> sadly no bt in that bug though
12:36 < tjaalton> in the lp one? right
12:36 < tjaalton> but does look similar
12:37 < jcristau> yeah looks the same
12:37 < jcristau> there's a revert in 1.12-branch that fixes it
12:37 < tjaalton> oh
12:37 < jcristau> 58dfb13953af71021317b9d85230b1163198f031

Revision history for this message
Timo Aaltonen (tjaalton) wrote :

yes, the revert removes the patch added in -0u10.2 :)

Bug Watch Updater (bug-watch-updater)
Changed in xorg-server (Debian):
status: Unknown → Fix Released
Maarten Lankhorst (mlankhorst)
description: updated
Maarten Lankhorst (mlankhorst)
description: updated
Sebastien Bacher (seb128)
Changed in xorg-server (Ubuntu Precise):
status: Triaged → Fix Committed
Maarten Lankhorst (mlankhorst)
Changed in xorg-server (Ubuntu):
status: Confirmed → Fix Committed
Revision history for this message
Chris Halse Rogers (raof) wrote : Please test proposed package

Hello matanya, or anyone else affected,

Accepted xorg-server into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/xorg-server/2:1.11.4-0ubuntu10.3 in a few hours and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-needed
Revision history for this message
matanya (matmo) wrote :

Half of my installation is on -proposed :) will add this too. Thanks!

Revision history for this message
Maarten Lankhorst (mlankhorst) wrote :

I verified the package in -proposed fixes Xephyr, so if someone could verify the original Xorg crash bug is gone too.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Testing the new packages today:
    xserver-common_1.11.4-0ubuntu10.3_all.deb
    xserver-xorg-core_1.11.4-0ubuntu10.3_amd64.deb

However it will be 24 hours before I have a definitive answer as to whether the original crash is gone.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

The fix is working nicely (1.11.4-0ubuntu10.3). No more crashes since.

tags: added: verification-done
removed: verification-needed
Revision history for this message
matanya (matmo) wrote :

works well here as well. Thank you.
When will it be released?

Revision history for this message
Philip Wyett (philswyett) wrote :

The proposed update when installed on precise will stop glx loading on systems that have the NVIDIA 173.14.35 driver installed. The 10.2 package is fine and works well with the driver in question.

Revision history for this message
Maarten Lankhorst (mlankhorst) wrote :

That's not good, could you give me a log?

Revision history for this message
Philip Wyett (philswyett) wrote :
Revision history for this message
Philip Wyett (philswyett) wrote :
Revision history for this message
Philip Wyett (philswyett) wrote :

As the logs above show.

Comment #16:

glx fails to initialize.

Comment #17:

After reinstalling nvidia driver. All is well and glx loads and performs as it should.

Revision history for this message
Maarten Lankhorst (mlankhorst) wrote :

If you install nvidia driver yourself this is expected behavior and not a bug, installing any version of xserver will trigger it with any nvidia driver because nvidia overwrites libglx.so

Revision history for this message
Philip Wyett (philswyett) wrote :

Thanks for the info. Good to know. Odd that I have never hit this problem in many years.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package xorg-server - 2:1.11.4-0ubuntu10.3

---------------
xorg-server (2:1.11.4-0ubuntu10.3) precise-proposed; urgency=low

  [ Maarten Lankhorst ]
  * Add upstream patches for proper device disabling (LP: #1009629)
    - 510-dix-return-early-from-DisableDevice-if-the-device-is.patch
    - 511-dix-move-freeing-the-sprite-into-a-function.patch
    - 512-dix-free-the-sprite-when-disabling-the-device.patch
    - 513-dix-disable-non-sprite-owners-first-when-disabling-p.patch
    - 514-Xi-drop-forced-unpairing-when-changing-the-hierarchy.patch
    - 515-dix-disable-all-devices-before-shutdown.patch
 -- Chase Douglas <email address hidden> Wed, 20 Jun 2012 09:12:44 -0700

Changed in xorg-server (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
David López (david-lopez-upct) wrote :

I used ATI propietary drivers (from ati webpage, not from repository), last night I installed this update and then my computer refused to start in graphic mode, it only started in console (tested several times). I've solved it installing ATI drivers from repository (sudo apt-get install fglrx).

I attach all my Xorg files from /var/log/, I hope this helps.

Revision history for this message
Maarten Lankhorst (mlankhorst) wrote :

I assume it's the same error as your nvidia counterpart above, the update overwrites libglx.so that was overwritten by your manual install. The ubuntu reinstall of fglrx fixed it. Can you remove the ubuntu package and reinstall that version of the driver you were using before to be sure?

Maarten Lankhorst (mlankhorst)
Changed in xorg-server (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.