[Wayland-bugs] [Bug 100053] Xwayland: reproducible crash in 1.19.x

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Fri Mar 3 16:16:36 UTC 2017 

https://bugs.freedesktop.org/show_bug.cgi?id=100053

            Bug ID: 100053
           Summary: Xwayland: reproducible crash in 1.19.x
           Product: Wayland
           Version: unspecified
          Hardware: Other
                OS: All
            Status: NEW
          Severity: normal
          Priority: medium
         Component: XWayland
          Assignee: wayland-bugs at lists.freedesktop.org
          Reporter: fourdan at xfce.org
        QA Contact: xorg-team at lists.x.org

Created attachment 130052
  --> https://bugs.freedesktop.org/attachment.cgi?id=130052&action=edit
valgrind logs

Description:

I can reliably crash Xwayaldn when the last X11 client exits.

How reproducible:

Awlays

Steps to reproduce:

1. Run "Xwayland :1" from a Wayland session
2. Start an X11 client
   DISPLAY=:1 xterm
3. Quit the xterm,
4. Repeat

Actual result:

Xwayland crashes either with a segfault or a double-free

Expected result:

No crash

Additional data:

Xwayland handler signature:

(EE) 
(EE) Backtrace:
(EE) 0: /home/ofourdan/local/bin/Xwayland (OsSigHandler+0x29) [0x4762b9]
(EE) 1: /lib64/libpthread.so.0 (__restore_rt+0x0) [0x70515bf]
(EE) 2: /usr/lib64/dri/swrast_dri.so
(__driDriverGetExtensions_virtio_gpu+0x30f54d) [0x1009612d]
(EE) 3: /usr/lib64/dri/swrast_dri.so
(__driDriverGetExtensions_virtio_gpu+0x30f615) [0x100962b5]
(EE) 4: /usr/lib64/dri/swrast_dri.so
(__driDriverGetExtensions_virtio_gpu+0x30d22f) [0x10091aef]
(EE) 5: /home/ofourdan/local/bin/Xwayland (__glXDRIscreenDestroy+0x17)
[0x4fba57]
(EE) 6: /home/ofourdan/local/bin/Xwayland (glxCloseScreen+0x36) [0x4fc286]
(EE) 7: /home/ofourdan/local/bin/Xwayland (dix_main+0x4f9) [0x43f5f9]
(EE) 8: /lib64/libc.so.6 (__libc_start_main+0xf1) [0x727e401]
(EE) 9: /home/ofourdan/local/bin/Xwayland (_start+0x2a) [0x4231fa]
(EE) 10: ? (?+0x2a) [0x2a]
(EE) 
(EE) Segmentation fault at address 0x18
(EE) 
Fatal server error:
(EE) Caught signal 11 (Segmentation fault). Server aborting
(EE) 
Aborted (core dumped)


actual backtrace from gdb.

(gdb) bt
#0  __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
#1  0x000000000729551a in __GI_abort () at abort.c:89
#2  0x000000000047923e in OsAbort () at utils.c:1355
#3  0x00000000004740c3 in AbortServer () at log.c:877
#4  0x0000000000474e38 in FatalError (
    f=f at entry=0x598220 "Caught signal %d (%s). Server aborting\n") at
log.c:1015
#5  0x000000000047630e in OsSigHandler (signo=11, sip=<optimized out>,
unused=<optimized out>)
    at osinit.c:154
#6  <signal handler called>
#7  dri_destroy_screen_helper (screen=screen at entry=0x0) at dri_screen.c:393
#8  0x000000000fd86cb5 in dri_destroy_screen (sPriv=0xea5bdd0) at
dri_screen.c:408
#9  0x000000000fd848cf in driDestroyScreen (psp=0xea5bdd0) at dri_util.c:229
#10 0x00000000004fba57 in __glXDRIscreenDestroy (baseScreen=0xe1ebf10) at
glxdriswrast.c:430
#11 0x00000000004fc286 in glxCloseScreen (pScreen=0xd3d6c60) at
glxscreens.c:164
#12 0x000000000043f5f9 in dix_main (argc=3, argv=0xffefffbe8, envp=<optimized
out>) at main.c:336
#13 0x000000000727e401 in __libc_start_main (main=0x4231c0 <main>, argc=3,
argv=0xffefffbe8, 
    init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>,
stack_end=0xffefffbd8)
    at ../csu/libc-start.c:289
#14 0x00000000004231fa in _start ()

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/wayland-bugs/attachments/20170303/724b42ac/attachment.html>

More information about the wayland-bugs mailing list