Debian
xfree86 package

Bug #10973
Comment #14

Comment 14 for bug 10973

Revision history for this message

Debian Bug Importer (debzilla) wrote on 2004-12-15:

#14

Message-ID: <email address hidden>
Date: Wed, 15 Dec 2004 15:29:54 -0500
From: Branden Robinson <email address hidden>
To: <email address hidden>
Subject: Re: Bug#284448: Got it. back traced core dump

--+mSjbC2tVdWE/Wop
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Dec 12, 2004 at 11:11:44PM +0100, David A. van Leeuwen wrote:
> OK, I got it. After another upgrade to `testing' today, and a reboot=20
> for a kernel parameter earlier today, My SiS6326 card started to crash=20
> more consistently, even with the dfsg.1-4 package. So I tried the=20
> -dbg_4.3.0.dfsg.1-8 package under root and unlimited core size, and=20
> after a while trying I caught the crash.
>=20
> I hope Mozilla (in which I can't seem to include text from a file---i=20
> must attach---sorry) shows the bug report properly.
>=20
> I've noticed that a typical behaviour is: server either crashes on one=20
> of the first 10-or-so launches of clients (doesn't matter which), or it=
=20
> doesn't, and then tends to live very long.
>=20
> I hope this information help you.

Hmm, well, given your backtrace, I might have been wrong about this being
SiS-specific.

See below.

> (gdb) bt
> #0 0x400f46b1 in kill () from /lib/libc.so.6
> #1 0x400f4435 in raise () from /lib/libc.so.6
> #2 0x400f5978 in abort () from /lib/libc.so.6
> #3 0x0847454c in ddxGiveUp () at xf86Init.c:1173
> #4 0x0847462b in AbortDDX () at xf86Init.c:1224
> #5 0x08516e5f in AbortServer () at utils.c:436
> #6 0x085187eb in FatalError (
> f=3D0x8a36fa0 "Caught signal %d. Server aborting\n") at utils.c:1421
> #7 0x0848f646 in xf86SigHandler (signo=3D11) at xf86Events.c:1230
> #8 <signal handler called>
> #9 0x40142a1f in memcpy () from /lib/libc.so.6
> #10 0x0892a025 in fs_read_list_info (fpe=3D0x8bcf350, blockrec=3D0x8d6519=
8)
> at fserve.c:2376
> #11 0x089286fc in fs_read_reply (fpe=3D0x8bcf350, client=3D0x0) at fserve=
=2Ec:1310
> #12 0x08928810 in fs_wakeup (fpe=3D0x8bcf350, mask=3D0x8b57f60) at fserve=
=2Ec:1349
> #13 0x0850ae1d in FontWakeup (data=3D0x0, count=3D1, LastSelectMask=3D0x8=
b57f60)
> at dixfonts.c:190
> #14 0x084e759f in WakeupHandler (result=3D1, pReadmask=3D0x8b57f60)
> at dixutils.c:459
> #15 0x085107cb in WaitForSomething (pClientsReady=3D0xbffff8e4) at WaitFo=
r.c:353
> #16 0x084de1dc in Dispatch () at dispatch.c:379
> #17 0x084f58c4 in main (argc=3D2, argv=3D0xbffffda4, envp=3D0xbffffdb0)
> at main.c:469
> (gdb) bt full -7
> #11 0x089286fc in fs_read_reply (fpe=3D0x8bcf350, client=3D0x0) at fserve=
=2Ec:1310
> conn =3D 0x8bcf378
> blockrec =3D 0x8d65198
> ret =3D 1
> err =3D 85
> rep =3D (fsGenericReply *) 0x8bcf808
> #12 0x08928810 in fs_wakeup (fpe=3D0x8bcf350, mask=3D0x8b57f60) at fserve=
=2Ec:1349
> LastSelectMask =3D (fd_set *) 0x8b57f60
> conn =3D 0x8bcf378
> #13 0x0850ae1d in FontWakeup (data=3D0x0, count=3D1, LastSelectMask=3D0x8=
b57f60)
> at dixfonts.c:190
> i =3D 0
> fpe =3D 0x8bcf350
> #14 0x084e759f in WakeupHandler (result=3D1, pReadmask=3D0x8b57f60)
> at dixutils.c:459
> i =3D 3
> j =3D 1074663374
> #15 0x085107cb in WaitForSomething (pClientsReady=3D0xbffff8e4) at WaitFo=
r.c:353
> i =3D 1
> waittime =3D {tv_sec =3D 30, tv_usec =3D 0}
> wt =3D (struct timeval *) 0xbffff8b0
> timeout =3D 599800
> standbyTimeout =3D 1199800
> suspendTimeout =3D 1799800
> offTimeout =3D 2399800
> clientsReadable =3D {fds_bits =3D {0 <repeats 32 times>}}
> clientsWritable =3D {fds_bits =3D {1, 34572, -1073743944, 137854978,=20
> 148262064, 2048, -1073743912, 1, 146208600, 146208600, -1073743912,=
=20
> 137858932, 148262296, 81928, 0, 1075039169, 146208600, 857, 0,=20
> 1075818748, 0, 1075818728, 1075818732, -1073743888, 1075818656,=20
> 1075818656, -1073743816, 1075039169, 1075818656, 0, 1053956, 10758186=
56}}
> curclient =3D 16
> selecterr =3D 0
> nready =3D 1
> devicesReadable =3D {fds_bits =3D {16, 0, 0, 0, 16, 148264696,=20
> -1073744072, 139360755, 148264744, 148263348, 148263320, 146600824, 1=
,=20
> 148261712, -1073743752, 139511553, 148264744, 139510958, 148262504,=
=20
> -1073743792, -1073743892, -1073743796, 0, 148262232, 7, 56, 107581865=
6,=20
> 1075815968, 1075818656, 1075818656, -1073743976, 1075035747}}
> now =3D 43454
> someReady =3D 0
> #16 0x084de1dc in Dispatch () at dispatch.c:379
> clientReady =3D (int *) 0xbffff8e4
> result =3D 0
> client =3D 0x8d65728
> nready =3D -1
> icheck =3D (HWEventQueuePtr *) 0x8b55bc8
> start_tick =3D 4440
> #17 0x084f58c4 in main (argc=3D2, argv=3D0xbffffda4, envp=3D0xbffffdb0)
> at main.c:469
> i =3D 1
> j =3D 2
> k =3D 2
> error =3D -1073742428
> xauthfile =3D 0xbfffffb8 "/root/.Xauthority"
> alwaysCheckForInput =3D {0, 1}
> (gdb)=20

Can you show us the output of "bt full -9" instead, please? I'm sorry if
my instructions were confusing; the goal is to get a close look at the
stack frames *right below* the point where the signal handler is called.
That can tell us, for example, if what we're dealing with is a good
old-fashioned null pointer dereference.

--=20
G. Branden Robinson | Never underestimate the power of
Debian GNU/Linux | human stupidity.
<email address hidden> | -- Robert Heinlein
http://people.debian.org/~branden/ |

--+mSjbC2tVdWE/Wop
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iEYEARECAAYFAkHAnsIACgkQ6kxmHytGonzugACgo2BMlxVTUkVN+DycLFBbKDi3
LzQAn2CMSYaBjkh+XaWcB0Ykg4i4FEQl
=p+IL
-----END PGP SIGNATURE-----

--+mSjbC2tVdWE/Wop--

Message-ID: <20041215202954.GX2243@redwald.deadbeast.net>
Date: Wed, 15 Dec 2004 15:29:54 -0500
From: Branden Robinson <branden@debian.org>
To: 284448-submitter@bugs.debian.org
Subject: Re: Bug#284448: Got it.  back traced core dump

--+mSjbC2tVdWE/Wop
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Dec 12, 2004 at 11:11:44PM +0100, David A. van Leeuwen wrote:
> OK, I got it.  After another upgrade to `testing' today, and a reboot=20
> for a kernel parameter earlier today, My SiS6326 card started to crash=20
> more consistently, even with the dfsg.1-4 package.  So I tried the=20
> -dbg_4.3.0.dfsg.1-8 package under root and unlimited core size, and=20
> after a while trying I caught the crash.
>=20
> I hope Mozilla (in which I can't seem to include text from a file---i=20
> must attach---sorry) shows the bug report properly.
>=20
> I've noticed that a typical behaviour is: server either crashes on one=20
> of the first 10-or-so launches of clients (doesn't matter which), or it=
=20
> doesn't, and then tends to live very long.
>=20
> I hope this information help you.

Hmm, well, given your backtrace, I might have been wrong about this being
SiS-specific.

See below.

> (gdb) bt
> #0  0x400f46b1 in kill () from /lib/libc.so.6
> #1  0x400f4435 in raise () from /lib/libc.so.6
> #2  0x400f5978 in abort () from /lib/libc.so.6
> #3  0x0847454c in ddxGiveUp () at xf86Init.c:1173
> #4  0x0847462b in AbortDDX () at xf86Init.c:1224
> #5  0x08516e5f in AbortServer () at utils.c:436
> #6  0x085187eb in FatalError (
>     f=3D0x8a36fa0 "Caught signal %d.  Server aborting\n") at utils.c:1421
> #7  0x0848f646 in xf86SigHandler (signo=3D11) at xf86Events.c:1230
> #8  <signal handler called>
> #9  0x40142a1f in memcpy () from /lib/libc.so.6
> #10 0x0892a025 in fs_read_list_info (fpe=3D0x8bcf350, blockrec=3D0x8d6519=
8)
>     at fserve.c:2376
> #11 0x089286fc in fs_read_reply (fpe=3D0x8bcf350, client=3D0x0) at fserve=
=2Ec:1310
> #12 0x08928810 in fs_wakeup (fpe=3D0x8bcf350, mask=3D0x8b57f60) at fserve=
=2Ec:1349
> #13 0x0850ae1d in FontWakeup (data=3D0x0, count=3D1, LastSelectMask=3D0x8=
b57f60)
>     at dixfonts.c:190
> #14 0x084e759f in WakeupHandler (result=3D1, pReadmask=3D0x8b57f60)
>     at dixutils.c:459
> #15 0x085107cb in WaitForSomething (pClientsReady=3D0xbffff8e4) at WaitFo=
r.c:353
> #16 0x084de1dc in Dispatch () at dispatch.c:379
> #17 0x084f58c4 in main (argc=3D2, argv=3D0xbffffda4, envp=3D0xbffffdb0)
>     at main.c:469
> (gdb) bt full -7
> #11 0x089286fc in fs_read_reply (fpe=3D0x8bcf350, client=3D0x0) at fserve=
=2Ec:1310
> 	conn =3D 0x8bcf378
> 	blockrec =3D 0x8d65198
> 	ret =3D 1
> 	err =3D 85
> 	rep =3D (fsGenericReply *) 0x8bcf808
> #12 0x08928810 in fs_wakeup (fpe=3D0x8bcf350, mask=3D0x8b57f60) at fserve=
=2Ec:1349
> 	LastSelectMask =3D (fd_set *) 0x8b57f60
> 	conn =3D 0x8bcf378
> #13 0x0850ae1d in FontWakeup (data=3D0x0, count=3D1, LastSelectMask=3D0x8=
b57f60)
>     at dixfonts.c:190
> 	i =3D 0
> 	fpe =3D 0x8bcf350
> #14 0x084e759f in WakeupHandler (result=3D1, pReadmask=3D0x8b57f60)
>     at dixutils.c:459
> 	i =3D 3
> 	j =3D 1074663374
> #15 0x085107cb in WaitForSomething (pClientsReady=3D0xbffff8e4) at WaitFo=
r.c:353
> 	i =3D 1
> 	waittime =3D {tv_sec =3D 30, tv_usec =3D 0}
> 	wt =3D (struct timeval *) 0xbffff8b0
> 	timeout =3D 599800
> 	standbyTimeout =3D 1199800
> 	suspendTimeout =3D 1799800
> 	offTimeout =3D 2399800
> 	clientsReadable =3D {fds_bits =3D {0 <repeats 32 times>}}
> 	clientsWritable =3D {fds_bits =3D {1, 34572, -1073743944, 137854978,=20
>     148262064, 2048, -1073743912, 1, 146208600, 146208600, -1073743912,=
=20
>     137858932, 148262296, 81928, 0, 1075039169, 146208600, 857, 0,=20
>     1075818748, 0, 1075818728, 1075818732, -1073743888, 1075818656,=20
>     1075818656, -1073743816, 1075039169, 1075818656, 0, 1053956, 10758186=
56}}
> 	curclient =3D 16
> 	selecterr =3D 0
> 	nready =3D 1
> 	devicesReadable =3D {fds_bits =3D {16, 0, 0, 0, 16, 148264696,=20
>     -1073744072, 139360755, 148264744, 148263348, 148263320, 146600824, 1=
,=20
>     148261712, -1073743752, 139511553, 148264744, 139510958, 148262504,=
=20
>     -1073743792, -1073743892, -1073743796, 0, 148262232, 7, 56, 107581865=
6,=20
>     1075815968, 1075818656, 1075818656, -1073743976, 1075035747}}
> 	now =3D 43454
> 	someReady =3D 0
> #16 0x084de1dc in Dispatch () at dispatch.c:379
> 	clientReady =3D (int *) 0xbffff8e4
> 	result =3D 0
> 	client =3D 0x8d65728
> 	nready =3D -1
> 	icheck =3D (HWEventQueuePtr *) 0x8b55bc8
> 	start_tick =3D 4440
> #17 0x084f58c4 in main (argc=3D2, argv=3D0xbffffda4, envp=3D0xbffffdb0)
>     at main.c:469
> 	i =3D 1
> 	j =3D 2
> 	k =3D 2
> 	error =3D -1073742428
> 	xauthfile =3D 0xbfffffb8 "/root/.Xauthority"
> 	alwaysCheckForInput =3D {0, 1}
> (gdb)=20

Can you show us the output of "bt full -9" instead, please?  I'm sorry if
my instructions were confusing; the goal is to get a close look at the
stack frames *right below* the point where the signal handler is called.
That can tell us, for example, if what we're dealing with is a good
old-fashioned null pointer dereference.

--=20
G. Branden Robinson                |      Never underestimate the power of
Debian GNU/Linux                   |      human stupidity.
branden@debian.org                 |      -- Robert Heinlein
http://people.debian.org/~branden/ |

--+mSjbC2tVdWE/Wop
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iEYEARECAAYFAkHAnsIACgkQ6kxmHytGonzugACgo2BMlxVTUkVN+DycLFBbKDi3
LzQAn2CMSYaBjkh+XaWcB0Ykg4i4FEQl
=p+IL
-----END PGP SIGNATURE-----

--+mSjbC2tVdWE/Wop--

Debianxfree86 package

Comment 14 for bug 10973

Debian
xfree86 package