Bug 96384

Summary: /usr/libexec/Xorg: crash in XkbFlushLedEvents on opening laptop
Product: xorg Reporter: Frederic Germain <frederic.germain>
Component: Server/Input/CoreAssignee: Peter Hutterer <peter.hutterer>
Status: RESOLVED FIXED QA Contact: Xorg Project Team <xorg-team>
Severity: major    
Priority: medium CC: peter.hutterer
Version: git   
Hardware: Other   
OS: All   
i915 platform: i915 features:

Description Frederic Germain 2016-06-05 08:25:10 UTC

I'm on Fedora 23, where they have xorg-server-1.18.3 and really few patches.
When I use vmware, for some unknown reason yet, the user Xorg process crashes when I attempt a login after a locking the screen.
Some other people found the stacktrace of the crash in other scenarii. A bug for fedora is opened here : https://bugzilla.redhat.com/show_bug.cgi?id=1335439

As I always get the problem, I made a quick fix in XkbFlushLedEvents in xkb/xkbLEDs.c, and I don't have that crash anymore

But if someone could easily understand more the problem, it would be great. I'd be happy to help.

I copy the part from bugzilla.redhat where I send more infos :

I have it each time I run a vm inside vmware player.
I use the latest vmwareplayer from today,, but "patched" with unlocker208. well it's a tainted environment
Xorg crash when inputing correct password when back from lock screen (actually maybe before, when opening the laptop, I'm not sure)

trace from ~/.local/share/xorg/Xorg.1.log.old :

[  2850.183] (EE) Backtrace:
[  2850.184] (EE) 0: /usr/libexec/Xorg (OsLookupColor+0x139) [0x597889]
[  2850.186] (EE) 1: /lib64/libc.so.6 (__restore_rt+0x0) [0x7fed00f75aaf]
[  2850.186] (EE) 2: /usr/libexec/Xorg (XkbFlushLedEvents+0xb7) [0x547837]
[  2850.187] (EE) 3: /usr/libexec/Xorg (XkbFlushLedEvents+0x30e) [0x547bbe]
[  2850.187] (EE) 4: /usr/libexec/Xorg (XkbUpdateAllDeviceIndicators+0x70) [0x547cf0]
[  2850.188] (EE) 5: /usr/libexec/Xorg (XkbCompileKeymapFromString+0xa31d) [0x5479dd]
[  2850.189] (EE) 6: /usr/libexec/Xorg (SendErrorToClient+0x2df) [0x436a3f]
[  2850.189] (EE) 7: /usr/libexec/Xorg (remove_fs_handlers+0x453) [0x43aa53]
[  2850.191] (EE) 8: /lib64/libc.so.6 (__libc_start_main+0xf0) [0x7fed00f61580]
[  2850.192] (EE) 9: /usr/libexec/Xorg (_start+0x29) [0x424d99]
[  2850.193] (EE) 10: ? (?+0x29) [0x29]

It was attached to gdb, when it crashed :

Program received signal SIGSEGV, Segmentation fault.
XkbFlushLedEvents (dev=dev@entry=0x14f8d20, kbd=kbd@entry=0x14f8d20,
    sli=sli@entry=0x183e9d0, ed=0x7fff6b7d14b0, changes=<optimized out>,
    cause=cause@entry=0x0) at xkbLEDs.c:772
772                 XkbSendExtensionDeviceNotify(dev, cause->client, ed);
Missing separate debuginfos, use: dnf debuginfo-install libevdev-1.4.5-2.fc23.x86_64 mtdev-1.1.5-5.fc23.x86_64 xorg-x11-drv-evdev-2.9.99-2.20150807git66c997886.fc23.x86_64 xorg-x11-drv-intel-2.99.917-19.20151206.fc23.x86_64 xorg-x11-drv-synaptics-1.8.3-1.fc23.x86_64
(gdb) bt
#0  XkbFlushLedEvents (dev=dev@entry=0x14f8d20, kbd=kbd@entry=0x14f8d20,
    sli=sli@entry=0x183e9d0, ed=0x7fff6b7d14b0, changes=<optimized out>,
    cause=cause@entry=0x0) at xkbLEDs.c:772
#1  0x0000000000547a8e in XkbUpdateLedAutoState (dev=dev@entry=0x14f8d20,
    sli=0x183e9d0, maps_to_check=<optimized out>, ed=<optimized out>,
    ed@entry=0x0, changes=<optimized out>, changes@entry=0x0,
    cause=cause@entry=0x0) at xkbLEDs.c:303
#2  0x0000000000547cf0 in XkbUpdateLedAutoState (cause=0x0, changes=0x0,
    ed=0x0, maps_to_check=<optimized out>, sli=<optimized out>,
    dev=0x14f8d20) at xkbLEDs.c:246
#3  XkbUpdateAllDeviceIndicators (changes=changes@entry=0x0,
    cause=cause@entry=0x0) at xkbLEDs.c:321
#4  0x000000000053e1bd in ProcXkbGetKbdByName (client=0x175c870)
    at xkb.c:6019
#5  0x00000000004369bf in Dispatch () at dispatch.c:430
#6  0x000000000043a9c3 in dix_main (argc=14, argv=0x7fff6b7d2938,
    envp=<optimized out>) at main.c:300
#7  0x00007fed00f61580 in __libc_start_main (main=0x424d60 <main>, argc=14,
    argv=0x7fff6b7d2938, init=<optimized out>, fini=<optimized out>,
    rtld_fini=<optimized out>, stack_end=0x7fff6b7d2928) at libc-start.c:289
#8  0x0000000000424d99 in _start () at xkb.c:3504

Comment 1 Pierre Ossman 2016-06-27 12:17:34 UTC
Commit ac164e58870d70640381e68b776eb95578c7fbd3 looks suspicious as it calls XkbUpdateAllDeviceIndicators() without a cause specified. That commit is also backported in to the RPM package in Fedora.
Comment 2 Peter Hutterer 2016-06-28 01:49:31 UTC
Comment 3 Peter Hutterer 2016-10-26 05:34:04 UTC
commit d135100d6b17e54262a12aeaebe0fe2fe48da3bb
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue Jun 28 11:42:41 2016 +1000

    xkb: add a cause to the xkb indicator update after a keymap change

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.