Summary: | memory corruption on ati/radeon driver or xorg core | ||||||
---|---|---|---|---|---|---|---|
Product: | xorg | Reporter: | Matti Aarnio <matti.aarnio> | ||||
Component: | Driver/Radeon | Assignee: | xf86-video-ati maintainers <xorg-driver-ati> | ||||
Status: | RESOLVED WORKSFORME | QA Contact: | Xorg Project Team <xorg-team> | ||||
Severity: | major | ||||||
Priority: | medium | ||||||
Version: | git | ||||||
Hardware: | x86-64 (AMD64) | ||||||
OS: | Linux (All) | ||||||
Whiteboard: | |||||||
i915 platform: | i915 features: | ||||||
Attachments: |
|
The mouse position indication is actually a Gnome feature possible to turn off with gnome-mouse-properties, and ticking off "Locate Pointer". I just turned it off, and will commence testing, if it could save me from crashes. (In reply to comment #0) > > Crashes either back to text console, or wedges so badly, that graphics stays on > without other recovery, than reboot (on Linux done with SysReq keys, > thankfully) maybe related: http://bugzilla.kernel.org/show_bug.cgi?id=14064 http://bugzilla.kernel.org/show_bug.cgi?id=14065 http://bugzilla.kernel.org/show_bug.cgi?id=13925 > maybe related:
> http://bugzilla.kernel.org/show_bug.cgi?id=14064
> http://bugzilla.kernel.org/show_bug.cgi?id=14065
> http://bugzilla.kernel.org/show_bug.cgi?id=13925
No. The problem is not in kernel, always in the X server itself,
which crashes with backtraces.
Kernel has never reported anything being wrong, and non-X-consoled
service application do continue to work.
I have been able to reduce this likelyhood by DISABLING the Gnome
mouse setting "Locate Pointer". In fact it has not happened since
I turned that feature off.
I have never had problems with mplayer, like those quoted cases show.
Apparently this got fixed when Fedora updated ATI driver to new svn snapshot. These work: xorg-x11-drv-ati-6.13.0-0.3.20090908git651fe5a47.fc12.x86_64 xorg-x11-server-Xorg-1.6.99.900-1.fc12.x86_64 Status "Probably fixed" should exist... |
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.
Created attachment 29267 [details] sample copy of /var/log/Xorg.0.log Running bleeding edge Fedora 12 Rawhide xorg server with modules loaded from following packages: xorg-x11-server-Xorg-1.6.99-45.20090903.fc12.x86_64 xorg-x11-drv-ati-6.13.0-0.2.20090821gitb1b77a4d6.fc12.x86_64 xorg-x11-drv-evdev-2.2.99-6.20090814.fc12.x86_64 Crashes either back to text console, or wedges so badly, that graphics stays on without other recovery, than reboot (on Linux done with SysReq keys, thankfully) Sometimes it just wedges without any hint of problems on the log files. Some sample backtraces from my saved case logs, malloc()/realloc()/free() does appear in them more often than not. Backtrace: 0: /usr/bin/X (xorg_backtrace+0x28) [0x46b1c8] 1: /usr/bin/X (0x400000+0x65b79) [0x465b79] 2: /lib64/libpthread.so.0 (0x7f1ce9957000+0xf320) [0x7f1ce9966320] 3: /usr/bin/X (FreeResource+0xae) [0x430dde] 4: /usr/bin/X (0x400000+0x2bafb) [0x42bafb] 5: /usr/bin/X (0x400000+0x2dfac) [0x42dfac] 6: /usr/bin/X (0x400000+0x21d1a) [0x421d1a] 7: /lib64/libc.so.6 (__libc_start_main+0xfd) [0x7f1ce8129b4d] 8: /usr/bin/X (0x400000+0x218c9) [0x4218c9] Segmentation fault at address (nil) Fatal server error: Caught signal 11 (Segmentation fault). Server aborting This is easy-ish to provoke with repeatedly poking left-control, which is then drawing concentric rings around the cursor. Usually at that time the system crashes with following kind of reports, but unfortunately not always. [mi] EQ overflowing. The server is probably stuck in an infinite loop. Backtrace: 0: /usr/bin/X (xorg_backtrace+0x28) [0x46b1c8] 1: /usr/bin/X (mieqEnqueue+0x1f4) [0x456cc4] 2: /usr/bin/X (xf86PostMotionEventP+0xde) [0x47894e] 3: /usr/lib64/xorg/modules/input/evdev_drv.so (0x7f584932f000+0x3dff) [0x7f5849332dff] 4: /usr/bin/X (0x400000+0x6bb17) [0x46bb17] 5: /usr/bin/X (0x400000+0xfcd13) [0x4fcd13] 6: /lib64/libpthread.so.0 (0x7f58609d8000+0xf320) [0x7f58609e7320] 7: /lib64/libc.so.6 (0x7f585f18c000+0xeff8e) [0x7f585f27bf8e] 8: /lib64/libc.so.6 (0x7f585f18c000+0x7d3da) [0x7f585f2093da] 9: /lib64/libc.so.6 (__libc_malloc+0x67) [0x7f585f206f57] 10: /lib64/libc.so.6 (0x7f585f18c000+0x6fe65) [0x7f585f1fbe65] 11: /lib64/libc.so.6 (0x7f585f18c000+0x75876) [0x7f585f201876] 12: /lib64/libc.so.6 (0x7f585f18c000+0x7a803) [0x7f585f206803] 13: /lib64/libc.so.6 (0x7f585f18c000+0x7c5e2) [0x7f585f2085e2] 14: /lib64/libc.so.6 (realloc+0xe5) [0x7f585f208cb5] 15: /usr/bin/X (miRectAlloc+0x37) [0x458647] 16: /usr/lib64/xorg/modules/libfb.so (fbPixmapToRegion+0x46f) [0x7f585b9ae6cf] 17: /usr/bin/X (0x400000+0x9abc9) [0x49abc9] 18: /usr/bin/X (0x400000+0x9be65) [0x49be65] 19: /usr/bin/X (0x400000+0x2dfac) [0x42dfac] 20: /usr/bin/X (0x400000+0x21d1a) [0x421d1a] 21: /lib64/libc.so.6 (__libc_start_main+0xfd) [0x7f585f1aab4d] 22: /usr/bin/X (0x400000+0x218c9) [0x4218c9] [mi] EQ overflowing. The server is probably stuck in an infinite loop. Backtrace: 0: /usr/bin/X (xorg_backtrace+0x28) [0x46b1c8] 1: /usr/bin/X (mieqEnqueue+0x1f4) [0x456cc4] 2: /usr/bin/X (xf86PostMotionEventP+0xde) [0x47894e] 3: /usr/lib64/xorg/modules/input/evdev_drv.so (0x7fad872dc000+0x3dff) [0x7fad872dfdff] 4: /usr/bin/X (0x400000+0x6bb17) [0x46bb17] 5: /usr/bin/X (0x400000+0xfcd13) [0x4fcd13] 6: /lib64/libpthread.so.0 (0x7fad9e985000+0xf320) [0x7fad9e994320] 7: /lib64/libc.so.6 (0x7fad9d139000+0xeff8e) [0x7fad9d228f8e] 8: /lib64/libc.so.6 (0x7fad9d139000+0x7d3da) [0x7fad9d1b63da] 9: /lib64/libc.so.6 (__libc_malloc+0x67) [0x7fad9d1b3f57] 10: /lib64/libc.so.6 (0x7fad9d139000+0x6fe65) [0x7fad9d1a8e65] 11: /lib64/libc.so.6 (0x7fad9d139000+0x75876) [0x7fad9d1ae876] 12: /lib64/libc.so.6 (0x7fad9d139000+0x79e16) [0x7fad9d1b2e16] 13: /lib64/libc.so.6 (__libc_malloc+0x72) [0x7fad9d1b3f62] 14: /usr/bin/X (miRegionCreate+0x23) [0x458e93] 15: /usr/bin/X (miValidatePicture+0x1ab) [0x560d9b] 16: /usr/bin/X (0x400000+0xb643a) [0x4b643a] 17: /usr/bin/X (ValidatePicture+0x9) [0x4b6459] 18: /usr/bin/X (CompositePicture+0xad) [0x4b697d] 19: /usr/bin/X (miTrapezoids+0x21e) [0x55e9fe] 20: /usr/bin/X (0x400000+0xb2f47) [0x4b2f47] 21: /usr/bin/X (0x400000+0x2dfac) [0x42dfac] 22: /usr/bin/X (0x400000+0x21d1a) [0x421d1a] 23: /lib64/libc.so.6 (__libc_start_main+0xfd) [0x7fad9d157b4d] 24: /usr/bin/X (0x400000+0x218c9) [0x4218c9]