x11vnc able to segfault xorg

Really? This is an nvidia specific crash? Can I ask how you came to that conclusion, just for my education, so that I can better diagnose failures in the future?

Can't believe it just affect nvidia card, because I am not using the nvidia card but intel ones.

I've suffered this since upgrade to 10.10. But I can't find the crash log on Xorg.0.log.old. Can anyone help to indicate where I can find some useful log for this issue?

Are you able to reproduce this issue easily? If so, please collect a full backtrace - see http://wiki.ubuntu.com/X/Backtracing for directions. If not, could you describe the conditions under which the crash tends to occur?

If this is an nvidia-specific crash, there may be nothing we can do at the distro level, depending on where exactly in the stack the segfault occurs. If you suspect it to not be nvidia-specific, please reproduce the crash under one of the open drivers (e.g. nouveau or intel) and collect a full backtrace there.

I am using Intel Q965.

This issue can't be triggered very quickly on my machine. Normal I would work using vnc client connected to x11vnc for a while, then close vnc client. After about 1 minute, X would crash.

I've managed to reproduce it twice with gdb attached, here is log for the second time.

This bug is still there. And seems I can triggered it through some other way days ago, e.g. open a big picture in the gwenview. But after the recent update, I can only trigger it by x11vnc, after using vnclient for a period of time.

Hi Sheng,

Thanks for providing the detailed backtrace. Looks like it's a stack overflow in the client callback code when the client disappeared. The leftover callback resulted in an endless loop.

Think the next action here is to attempt reproducing it on natty, and then forward it upstream.

This bug was fixed in the package xorg-server - 2:1.10.0-0ubuntu1

---------------
xorg-server (2:1.10.0-0ubuntu1) natty; urgency=low

  * Update to new upstream final release.
    + Drop 16-construct-paths-in-doxygen.conf.diff; included in new upstream.
  * debian/patches/216_fix_sdksyms_build.diff:
    + Cherry-pick from 1.10 branch, fixing the stale sdksyms.c file picked up
      in the udeb build, causing the udeb build to fail with missing symbols.
  * Merge from unreleased Debian experimental. Remaining Ubuntu changes:
    - rules:
      + Disable SELinux, libaudit-dev is not in main yet. (LP #406226)
      + Enable xcsecurity. (LP #247537)
      + Add --with-extra-module-dir to support GL alternatives.
      + Mention Ubuntu support in builderstring rather than package uploader's
        email address.
    - control:
      + Xvfb depends on xauth, x11-xkb-utils. (LP #500102)
      + Add breaks for incompatible drivers. (LP #614993)
      + Drop libaudit-dev from build-deps.
      + Build-depend on newer mesa to pick up DRI search paths variable.
      + Bump dependency on x11proto-input-dev for Xi 2.1
      + Drop linux-any specifier to make pbuilder less narky.
      + Bump build-depends on mesa-common-dev to pick up dri.pc DRI search
        paths change for 214_glx_dri_searchdirs.patch
    - local/xvfb-run*: Add correct docs about error codes. (LP #328205)
    - debian/patches:
      + 100_rethrow_signals.patch:
        When aborting, re-raise signals for apport
      + 105_nvidia_fglrx_autodetect.patch:
        Load proprietary drivers automatically when installed.
      + 109_fix-swcursor-crash.patch:
        Avoid dereferencing null pointer while reloading cursors during
        resume. (LP #371405)
      + 111_armel-drv-fallbacks.patch:
        Add support for armel driver fallbacks.
      + 121_only_switch_vt_when_active.diff:
        Add a check to prevent the X server from changing the VT when killing
        GDM from the console.
      + 122_xext_fix_card32_overflow_in_xauth.patch:
        Fix server crash when “xauth generate” is called with large timeout.
      + 157_check_null_modes.patch, 162_null_crtc_in_rotation.patch,
        166_nullptr_xinerama_keyrepeat.patch, 167_nullptr_xisbread.patch
        172_cwgetbackingpicture_nullptr_check.patch:
        Fix various segfaults in xserver by checking pointers for NULL
        values before dereferencing them.
      + 165_man_xorg_conf_no_device_ident.patch
        Correct man page
      + 168_glibc_trace_to_stderr.patch:
        Report abort traces to stderr instead of terminal
      + 184_virtual_devices_autodetect.patch:
        Use vesa for qemu device, which is not supported by cirrus
      + 188_default_primary_to_first_busid.patch:
        Pick the first device and carry on (LP #459512)
      + 190_cache-xkbcomp_output_for_fast_start_up.patch:
      + 191-Xorg-add-an-extra-module-path.patch:
        Add support for the alternatives module path.
      + 198_nohwaccess.patch:
        Adds a -nohwaccess argument to make X not access the hardware
        ports directly.
      + 200_randr-null.patch:
        Clarify a pointer initialization.
      + 206_intel_8xx_default_t...