Xorg crashed with SIGSEGV in DamageUnregister() / VAuditF()

Bug #506977 reported by Kristóf Kiszel on 2010-01-13
This bug affects 8 people
Affects Status Importance Assigned to Milestone
xorg-server (Ubuntu)

Bug Description

Installation media: latest Lucid mini.iso
Architecture: i386

root@arrakis:~# lsb_release -rd
Description: Ubuntu lucid (development branch)
Release: 10.04

root@arrakis:~# apt-cache policy xserver-xorg
  Installed: 1:7.5+1ubuntu1
  Candidate: 1:7.5+1ubuntu1
  Version table:
 *** 1:7.5+1ubuntu1 0
        500 http://hu.archive.ubuntu.com lucid/main Packages
        100 /var/lib/dpkg/status

I started the X server as root from the recovery console, because as normal user I couldn't login. (See https://bugs.launchpad.net/ubuntu/+bug/506902) Then I got a crash report from PolicyKit1-Kde and xserver-xorg.

ProblemType: Crash
Architecture: i386
CrashCounter: 1
Date: Wed Jan 13 11:37:16 2010
DistroRelease: Ubuntu 10.04
ExecutablePath: /usr/bin/Xorg
 Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
 Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
MachineType: innotek GmbH VirtualBox
Package: xserver-xorg-core 2:
ProcAttrCurrent: unconfined (enforce)
ProcCmdLine: BOOT_IMAGE=/boot/vmlinuz-2.6.32-10-generic root=UUID=dd20b96a-8496-4fe1-9735-08d8d3489cf1 ro single
ProcCmdline: /usr/bin/X -br -nolisten tcp :0 vt8 -auth /var/run/xauth/A:0-bu0xPc
 PATH=(custom, no user)
ProcVersionSignature: Ubuntu 2.6.32-10.14-generic
 xserver-xorg 1:7.5+1ubuntu1
 libgl1-mesa-glx 7.7-0ubuntu4
 libdrm2 2.4.17-0ubuntu1
 xserver-xorg-video-intel 2:2.9.1-1ubuntu1
 xserver-xorg-video-ati 1:6.12.99+git20091125.0061c4db-0ubuntu2
 Segfault happened at: 0x1bf0f7 <strchrnul+23>: mov (%eax),%cl
 PC (0x001bf0f7) ok
 source "(%eax)" (0x0000000b) not located in a known VMA region (needed readable region)!
 destination "%cl" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: xorg-server
 DamageUnregister ()
 shadowRemove () from /usr/lib/xorg/modules/libshadow.so
 ?? () from /usr/lib/xorg/modules/libshadow.so
 ?? ()
 ?? ()
Tags: lucid
Title: Xorg crashed with SIGSEGV in DamageUnregister()
Uname: Linux 2.6.32-10-generic i686

XorgConf: Error: [Errno 2] No such file or directory: '/etc/X11/xorg.conf'
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.modalias: dmi:bvninnotekGmbH:bvrVirtualBox:bd12/01/2006:svninnotekGmbH:pnVirtualBox:pvr1.2:
dmi.product.name: VirtualBox
dmi.product.version: 1.2
dmi.sys.vendor: innotek GmbH
fglrx: Not loaded
glxinfo: Error: [Errno 2] No such file or directory
 distro: Ubuntu
 architecture: i686kernel: 2.6.32-10-generic

Related branches

Kristóf Kiszel (ulysses) wrote :

 DamageUnregister ()
 shadowRemove () from /usr/lib/xorg/modules/libshadow.so
 ?? () from /usr/lib/xorg/modules/libshadow.so
 ?? ()
 ?? ()

tags: added: apport-failed-retrace
tags: removed: need-i386-retrace
tags: added: iso-testing
Bryce Harrington (bryce) on 2010-01-15
visibility: private → public
Bryce Harrington (bryce) on 2010-01-15
summary: - Xorg crashed with SIGSEGV in DamageUnregister()
+ Xorg crashed with SIGSEGV in DamageUnregister() / VAuditF()
Bryce Harrington (bryce) wrote :

I'm not 100% certain, but this bug report looks a heck of a lot like bug #506510, and I think it shares the same root cause. The problem is that error messages were being written to the log after the log file was closed, which causes a segfault in the signal handling code.

I've corrected the specific error message print which causes 506510, and am going to assume that covers this crash as well. Because of the signal handling logic, it hides the clues I'd need to be absolutely certain that fix fixes this one as well. So please test version xorg-server 2:, and if you still get a crash please reopen this bug (or file a new bug, esp. if apport captures it, and reference this bug report so we know the background).

Changed in xorg-server (Ubuntu):
importance: Undecided → High
status: New → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package xorg-server - 2:

xorg-server (2: lucid; urgency=low

  * Update 100_rethrow_signals.patch: Don't log more error messages after
    the log has been closed, else it causes a SIGSEGV (signal 11) crash
    under several different conditions, including on even ordinary error
    (LP: #506510, #507345, #506977, #504497, #507083)
 -- Bryce Harrington <email address hidden> Fri, 15 Jan 2010 15:22:34 -0800

Changed in xorg-server (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers