[Bug 99358] Xorg crashes with SIGSEGV in sna_set_cursor_position()
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Fri Jan 20 09:28:21 UTC 2017
https://bugs.freedesktop.org/show_bug.cgi?id=99358
--- Comment #5 from Igor Mammedov <qwerty0987654321 at mail.ru> ---
With patches from comments 3 and 4 applied it managed tnot crash for 2~days,
but it did crash in the end.
I've split line where it crashes to find out offending pointer so here it goes:
Message: Process 1565 (Xorg) of user 16585 dumped core.
Stack trace of thread 1577:
#0 0x00007f28b2fce188 sna_set_cursor_position (intel_drv.so)
#1 0x00000000004bc462 xf86MoveCursor (Xorg)
#2 0x0000000000586063 miPointerMoveNoEvent (Xorg)
#3 0x0000000000586e64 miPointerSetPosition (Xorg)
#4 0x000000000044d6ae positionSprite (Xorg)
#5 0x000000000044deb3 positionSprite (Xorg)
#6 0x000000000044f75f GetPointerEvents (Xorg)
#7 0x000000000044fd10 QueuePointerEvents (Xorg)
#8 0x00007f28b0d10cb5 xf86libinput_handle_motion
(libinput_drv.so)
#9 0x00007f28b0d11880 xf86libinput_read_input
(libinput_drv.so)
#10 0x000000000059ccec InputReady (Xorg)
#11 0x000000000059f351 ospoll_wait (Xorg)
#12 0x000000000059cb46 InputThreadDoWork (Xorg)
#13 0x00007f28b78706ca start_thread (libpthread.so.0)
#14 0x00007f28b75aaf7f __clone (libc.so.6)
Stack trace of thread 1565:
#0 0x00007f28b787938d __lll_lock_wait (libpthread.so.0)
#1 0x00007f28b7872eca pthread_mutex_lock (libpthread.so.0)
#2 0x000000000059ca30 input_lock (Xorg)
#3 0x00000000004bc246 xf86SetCursor (Xorg)
#4 0x00000000004bacd5 xf86CursorSetCursor (Xorg)
#5 0x00000000005866fb miPointerUpdateSprite (Xorg)
#6 0x000000000058694a miPointerDisplayCursor (Xorg)
#7 0x00000000004c9601 CursorDisplayCursor (Xorg)
#8 0x0000000000518830 AnimCurDisplayCursor (Xorg)
#9 0x000000000043fea8 ChangeToCursor (Xorg)
#10 0x00000000004412e7 WindowHasNewCursor (Xorg)
#11 0x000000000046a9c8 ChangeWindowDeviceCursor (Xorg)
#12 0x0000000000531f76 ProcXIChangeCursor (Xorg)
#13 0x00000000004370b5 Dispatch (Xorg)
#14 0x000000000043b038 dix_main (Xorg)
#15 0x00007f28b74c3401 __libc_start_main (libc.so.6)
#16 0x0000000000424d1a _start (Xorg)
Stack trace of thread 1566:
#0 0x00007f28b7876460 pthread_cond_wait@@GLIBC_2.3.2
(libpthread.so.0)
#1 0x00007f28b300b769 __run__ (intel_drv.so)
#2 0x00007f28b78706ca start_thread (libpthread.so.0)
#3 0x00007f28b75aaf7f __clone (libc.so.6)
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007f28b2fce188 in sna_set_cursor_position (scrn=0x1a2b700, x=119,
y=523) at sna_display.c:6333
6333 CursorBitsPtr bits = ref->bits;
(gdb) l
6331 if (crtc->transform_in_use) {
6332 CursorPtr ref = sna->cursor.ref;
6333 CursorBitsPtr bits = ref->bits;
6334 int xhot = bits->xhot;
6335 int yhot = sna->cursor.ref->bits->yhot;
6336 struct pict_f_vector v, hot;
(gdb) p sna->cursor.ref
$1 = (CursorPtr) 0x2478ef0
(gdb) p *sna->cursor.ref
$2 = {bits = 0x2478f28, foreRed = 0, foreGreen = 0, foreBlue = 0, backRed =
65535, backGreen = 65535,
backBlue = 65535, refcnt = 4, devPrivates = 0x2478f20, id = 20973559,
serialNumber = 1368, name = 0}
(gdb) p sna->cursor
$3 = {cursors = 0x1eba540, info = 0x1a37c80, ref = 0x2478ef0, serial = 47981,
fg = 4278190080, bg = 4294967295,
size = 64, disable = false, active = true, last_x = 119, last_y = 523,
max_size = 256, use_gtt = true,
num_stash = 0, stash = 0x1e6f980, scratch = 0x7f28b99ac010}
--
You are receiving this mail because:
You are the QA Contact for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/intel-gfx-bugs/attachments/20170120/80f47294/attachment.html>
More information about the intel-gfx-bugs
mailing list