When I run an X session, and I close the lid of my laptop, my session terminates. Here's a stack trace from a crashed session: Backtrace: 0: /usr/bin/X(xf86SigHandler+0x96) [0x80b9248] 1: [0xffffe420] 2: /lib/libc.so.6(strtoul+0x3e) [0xb7d4966e] 3: /usr/bin/X [0x80c8f66] 4: /usr/bin/X(xf86HandlePMEvents+0x2f) [0x80a644b] 5: /usr/bin/X(xf86Wakeup+0x131) [0x80ba1cc] 6: /usr/bin/X(WakeupHandler+0x41) [0x8083f48] 7: /usr/bin/X(WaitForSomething+0x21c) [0x815054c] 8: /usr/bin/X(Dispatch+0x7f) [0x8080f64] 9: /usr/bin/X(main+0x4cb) [0x806e668] 10: /lib/libc.so.6(__libc_start_main+0xd8) [0xb7d32878] 11: /usr/bin/X(FontFileCompleteXLFD+0xa1) [0x806dad1] I believe the same problem has been reported upon in, https://bugs.freedesktop.org/show_bug.cgi?id=5140, as the backtrace is similar. However bug 5140 suggests that it is sloved in 7.1. I've recompiled my X server in debug and produced a core. With the core, it was clear that on lines 76 and 82 the file hw/xfree86/os-support/linux/lnx_acpi.c, the result of strtok is not checked to be non-null. Hence a null-pointer is passed to strtoul, which crashes strtoul and the X server. Indeed, checking the result of strtok before passing it to strtoul solves the problem.
Created attachment 7531 [details] [review] Check zero-pointer result of strtok in lnx_acpi.c When I include this patch, my X server survives closing and opening the lid of my beautifull 6 years old Dell inspiron 4000...
It is bug 6364 that has the similar stack trace, not 5140. Sorry about the mixup.
*** Bug 8717 has been marked as a duplicate of this bug. ***
Created attachment 7553 [details] [review] new patch that fixes real problem Take another look at lnx_acpi.c, starting from line 61. In the event of the crash, the string that should be parsed is "video VID 00000080 00000000". The old code tries to chop off "video" with a call to strtok(ev, "video") on line 68, and then goes on to parse the rest of the string. This is not what happens: the call to strtok sees "v","i","d","e", and "o" as delimiters, and puts the first non-empty string (i.e., " VID 0000080 00000000") into the variable video. The remainder of the string is then empty; the subsequent calls to strtok(NULL, " ") return NULL. When such a NULL is passed to strtoul, we have our well-known crash. This new patch changes the initial call to strtok to indeed just chop off the "video" bit by using a space as delimiter. This leaves the rest for parsing into GFX, notify and data. This seems to be what was intended, enabling the debug code in there also puts the right lines into my Xorg.0.log. I've removed the zero-pointer checks from my earlier patch; even though this is making assumptions about the format that is being read; i.e., all video events should read "video <string1> <string2> <string3>". I don't have the specs but it seems that this assumption is valid.
I've just tested this on my Mandriva Cooker x11-server pacakage and it has appeared to fix the problem I was having on my Dell Inspiron 6400 (2.0 GHz Core 2 Duo x86_64 with pci=noirq arg which hides one of the cores but makes the machine usable!). My xorg used to crash whenever I closed the lit. With the attached patch applied I no longer get a crash.
Adding me to CC.
committed to master, and server 1.2 branch, thanks
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.