Bug 286923

Summary:	x11-apps/xdm-1.1.9: Segmentation fault
Product:	Gentoo Linux	Reporter:	Martin Mokrejš <mmokrejs>
Component:	Current packages	Assignee:	Gentoo X packagers <x11>
Status:	RESOLVED UPSTREAM
Severity:	normal	CC:	leho, mwood, tg42
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://bugs.freedesktop.org/show_bug.cgi?id=24588
Whiteboard:
Package list:		Runtime testing required:	---
Attachments:	xdm-crash-glibc.txt Xorg.0.log xorg.conf xdm.log-crash-on-valid-kerberos-password crash-on-valid-kerberos-password.txt pam-config-files.txt xdm-crash-on-kerberos-password.txt xdm-crash-on-fvwm2-exit.txt

Description Martin Mokrejš 2009-09-29 13:16:22 UTC

Hi,
  I see for some while xdm dump files in /var/dumps/. The stacktraces point to glibc bug:

# emerge -pv xdm

[ebuild   R   ] x11-apps/xdm-1.1.9  USE="pam -debug -ipv6" 0 kB

Total: 1 package (1 reinstall), Size of downloads: 0 kB



  I suspect this could related to my system being "blocked" on shutdown with cupsd not willing to exit correctly. xdm session is up all the time and then after some minutes of timeouts all apps get killed. Does anybody see a reason why xdm would crash due to signal 11 or so?

  Alternatively, I see xdm dying when I startup /etc/init.d/gpm and try to login through xdm. Yes, X has enabled mouse through HAL autodiscovery. The stacktrace is maybe more confirming this theory.

I will attach the stacktrace.

Comment 1 Martin Mokrejš 2009-09-29 13:17:29 UTC

Created attachment 205582 [details]
xdm-crash-glibc.txt

# emerge --info
Portage 2.1.6.13 (default/linux/x86/2008.0/desktop, gcc-4.4.1, glibc-2.10.1-r0, 2.6.30.6 i686)
=================================================================
System uname: Linux-2.6.30.6-i686-Mobile_Intel-R-_Pentium-R-_4_-_M_CPU_1.80GHz-with-gentoo-2.0.1
Timestamp of tree: Tue, 29 Sep 2009 12:20:01 +0000
distcc 3.1 i686-pc-linux-gnu [disabled]
app-shells/bash:     4.0_p33
dev-java/java-config: 1.3.7-r1, 2.1.9-r1
dev-lang/python:     2.5.4-r3, 2.6.2-r1, 3.1.1
dev-python/pycrypto: 2.0.1-r8
dev-util/cmake:      2.6.4-r2
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.4.3-r3
sys-apps/sandbox:    2.1
sys-devel/autoconf:  2.13, 2.63-r1
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2, 1.11
sys-devel/binutils:  2.19.1-r1
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6a
virtual/os-headers:  2.6.30-r1
ACCEPT_KEYWORDS="x86 ~x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=pentium4 -mmmx -msse -msse2 -pipe -fno-strict-aliasing -ggdb"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /var/bind /var/lib/hsqldb /var/qmail/alias /var/qmail/control /var/vpopmail/etc"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-O2 -march=pentium4 -mmmx -msse -msse2 -pipe -fno-strict-aliasing -ggdb"
DISTDIR="/usr/portage/distfiles"
FEATURES="distlocks fixpackages metadata-transfer nostrip parallel-fetch protect-owned sandbox sfperms splitdebug s
trict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://gentoo.mirror.web4u.cz"
LDFLAGS="-Wl,-O1"
LINGUAS="en cs cz"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --sta
ts --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage/layman/science /usr/local/portage/layman/sunrise /usr/local/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="7zip R X Xaw3d a52 aac aalib ace acl acpi alsa amr amrnb amrwb apache audacious audiofile bash-completion bcma
th berkdb blas bluetooth boost branding bzip2 cairo cblas cddb cdparanoia cdr clamav cli colordiff compress cpio cr
acklib crypt cscope css ctype cups curl curlwrappers cxx dbi dbus dga dia directfb djbfft dri dts dv dvb dvd dvdr d
vdread eds emacs emboss emf enblend encode enscript exif expat faad fam fame fat fbcon ffmpeg fftw firefox flac fla
sh foomaticdb fortran fpx ftp gcj gd gdbm ggi gif gimp gimpprint glibc-compat20 glibc-omitfp glut gmp gnuplot gnutl
s gpgme gphoto2 gpm graphviz gs gsl gsm gstreamer gtk gtkhtml hal hdf hdf5 hp2xx i8x0 icc iconv icu id3 ieee1394 if
c imagemagick imlib inifile innodb isdnlog ithreads jack java javascript jbig jce jikes jpeg jpeg2k kdtree kerberos
 lame lapack laptop lcms leim libcaca libedit libnotify libwww live lzo lzw mad maildir matroska mhash mikmod mime 
ming mjpeg mmap mmx mng mod_python modperl modplug modules motif mozilla moznoirc mp2 mp3 mp4 mpeg mpi mpi_njtree m
pich2 mplayer mudflap mule musepack mxdatetime mysql mysqli ncurses netcdf netpbm network nls nntp nptl nptlonly ns
plugin ntfs numeric ogg opengl openmp openssl pam pango pcmcia pcntl pcre pdf perl plotutils plugin png pnm postpro
c postscript ppds pppd procmail pymol python qt3 qt3support qt4 quicktime rar raw readline recode reflection reiser
fs rpm samba sasl scanner scp seamonkey server session sftp sift slp smime sndfile soap sockets spell spl sqlite sr
t sse sse2 ssl startup-notification subtitles subversion svg svgz sysfs sysvipc t1lib tcl tcpd tetex theora threads
 thunar tidy tiff tk transcode truetype unicode urandom usb userlocales utils uuencode v4l v4l2 vcd vhook vim-synta
x vim-with-x vorbis wifi win32codecs wmf wxwindows x264 x86 xanim xcf xfs xft xinerama xinetd xml xorg xpm xsl xslt
 xulrunner xv xvid xvmc yv12 zip zlib" ALSA_CARDS="intel-8x0m" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare d
snoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route 
share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_defau
lt authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dbd deflate
 dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config mem_cache m
ime mime_magic rewrite setenvif speling status unique_id userdir usertrack vhost_alias negotiation" ELIBC="glibc" I
NPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 m
txorb ncurses text" LINGUAS="en cs cz" USERLAND="GNU" VIDEO_CARDS="radeon vesa"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, MAKEOPTS, PORTAGE_COMPRESS, POR
TAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

#

Comment 2 Justin Lecher (RETIRED) gentoo-dev

2009-10-07 18:28:32 UTC

Please attach xorg.conf and Xorg.0.log

Comment 3 Martin Mokrejš 2009-10-09 21:02:56 UTC

Created attachment 206581 [details]
Xorg.0.log

I tried to reproduce and am getting on shutdown partial stacktraces at the very moment. I am attaching maybe slightly different Xorg.log.0 file therefore. The difference would be only in the exitcodes on shutdown, though.

Specifically, I reproduced a core dump when I try to login using kerbeors password. The pam modules as you will see in xdm.log return unhandled return code. That results in coredump of smaller size. I will post that now.

Larger coredumps from xdm (which I initially reported) I get when I have in xterm rootshell, and shutdown using "sync; init 6; exit" (so it kills my xdm session, xterm, etc.). That reproducibly works as I see daily dumps when I turned down my laptop xdm crashed and have the complete dump file. Unfortunately xdm.log gets overwritten, unlike being renamed to xdm.log.old. :( Do not now why right now I cannot get a complete dump file. I upgraded few packages today, maybe that is why. :(

Comment 4 Martin Mokrejš 2009-10-09 21:04:12 UTC

Created attachment 206582 [details]
xorg.conf

Comment 5 Martin Mokrejš 2009-10-09 21:05:59 UTC

Created attachment 206583 [details]
xdm.log-crash-on-valid-kerberos-password

No kerberos KDC server issue (heimdal), I can get a valid ticket using kinit, for example.

Comment 6 Martin Mokrejš 2009-10-09 21:08:40 UTC

Created attachment 206585 [details]
crash-on-valid-kerberos-password.txt

Comment 7 Martin Mokrejš 2009-10-09 21:12:57 UTC

Created attachment 206586 [details]
pam-config-files.txt

Comment 8 Martin Mokrejš 2009-10-09 21:21:55 UTC

Finally, here is what syslog recorded:

Oct  9 22:49:08 vrapenec kernel: agpgart-intel 0000:00:00.0: AGP 2.0 bridge
Oct  9 22:49:08 vrapenec kernel: agpgart-intel 0000:00:00.0: putting AGP V2 device into 4x mode
Oct  9 22:49:08 vrapenec kernel: radeonfb 0000:01:00.0: putting AGP V2 device into 4x mode
Oct  9 22:49:09 vrapenec kernel: [drm] Setting GART location based on new memory map
Oct  9 22:49:09 vrapenec kernel: [drm] Loading R100 Microcode
Oct  9 22:49:09 vrapenec kernel: [drm] writeback test succeeded in 2 usecs
Oct  9 22:49:27 vrapenec acpid: client 2728[0:0] has disconnected
Oct  9 22:49:27 vrapenec acpid: client connected from 2728[0:0]
Oct  9 22:49:27 vrapenec acpid: 1 client rule loaded
Oct  9 22:49:28 vrapenec kernel: agpgart-intel 0000:00:00.0: AGP 2.0 bridge
Oct  9 22:49:28 vrapenec kernel: agpgart-intel 0000:00:00.0: putting AGP V2 device into 4x mode
Oct  9 22:49:28 vrapenec kernel: radeonfb 0000:01:00.0: putting AGP V2 device into 4x mode
Oct  9 22:49:28 vrapenec kernel: [drm] Loading R100 Microcode
Oct  9 22:49:36 vrapenec xdm[2733]: pam_unix(xdm:auth): authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost=  user=mmokrejs
Oct  9 22:49:38 vrapenec kernel: xdm[2733]: segfault at 1 ip b7ba9dd9 sp bfba047c error 4 in libc-2.10.1.so[b7b64000+16d000]
Oct  9 22:49:38 vrapenec kernel: mtrr: no MTRR for d8000000,2000000 found

Comment 9 Martin Mokrejš 2009-10-09 21:59:37 UTC

Ok, I finally reproduced the "largedump" files while entering the kerberos password. That gdb stacktrace is effectively same as well as the xdm.log contents. So, does not matter whether you take the kerberos way of play with kill signals directly.

Comment 10 Philip Hazel 2009-10-12 12:58:29 UTC

I am getting the same segfault, but I am not using kerberos. By compiling a private xdm and adding debugging, I tracked it down to somewhere within the call to pam_close_session(). This started after I upgraded to xorg 1.6. The fault is logged as 

xdm[23870]: segfault at b7f5caf5 ip b7bc05bb sp bfe5c8a8 error 4 in libc-2.9.so[b7b4f000+137000]

Comment 11 Christian Lerrahn 2009-10-14 20:42:01 UTC

I can also confirm this. I see the same segfault without kerberos as well. I also believe that it was introduced with the last Xorg update. I can still run X without xdm though.

Comment 12 Christian Lerrahn 2009-10-14 20:45:29 UTC

# emerge --info
Portage 2.1.7.1 (default/linux/x86/2008.0, gcc-4.2.4, glibc-2.10.1-r0, 2.6.27.3 i686)
=================================================================
System uname: Linux-2.6.27.3-i686-Genuine_Intel-R-_CPU_T2400_@_1.83GHz-with-gentoo-2.0.1
Timestamp of tree: Wed, 14 Oct 2009 19:25:02 +0000
app-shells/bash:     4.0_p33
dev-java/java-config: 2.1.9-r1
dev-lang/python:     2.4.6, 2.5.4-r3, 2.6.3, 3.1.1-r1
dev-python/pycrypto: 2.0.1-r8
dev-util/cmake:      2.6.4-r3
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.5.1
sys-apps/sandbox:    2.1
sys-devel/autoconf:  2.13, 2.63-r1
sys-devel/automake:  1.4_p6, 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2, 1.11
sys-devel/binutils:  2.19.1-r1
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6a
virtual/os-headers:  2.6.30-r1
ACCEPT_KEYWORDS="x86 ~x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch"
GENTOO_MIRRORS="ftp://mirror.internode.net/pub/gentoo ftp://ftp.swin.edu.au/gentoo http://ftp.swin.edu.au/gentoo http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo"
LDFLAGS="-Wl,-O1"
LINGUAS="en de"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://mirror.internode.net/gentoo-portage"
USE="X Xaw3d a52 aac aalib acl acpi alsa apache2 bash-completion berkdb bluetooth bzip2 clamav cli consolekit cracklib crypt cups curl dbus dga dillo divx dri dts dv dvd dvdread emacs encode esd examples expat fbcon ffmpeg fftw firefox fontconfig fortran gcj gd gdbm gif glade gnome gnutls gpm gsl gtk gtkhtml iconv icu imap imlib ipv6 isdnlog jpeg jpeg2k lapack ldap lzo mjpeg mmx mng modules mp3 mp4 mpeg mpi msn mudflap mule mysql ncurses netcdf nls nptl nptlonly nsplugin objc objc++ objc-gc ocaml ogg opengl openmp oss pam pcre pdf perl png pppd python qt3support quicktime readline reflection ruby sdl session smp spamassassin spell spl sqlite sse sse2 ssl svg svga sysfs tcl tcltk tcpd threads tiff tk truetype unicode v4l2 vorbis win32codecs wmf wmp x86 xface xinerama xml xmms xorg xpm xprint xulrunner xv xvid zip zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en de" USERLAND="GNU" VIDEO_CARDS="nv nvidia vesa" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

Comment 13 Rémi Cardona (RETIRED) gentoo-dev

2009-10-14 20:56:03 UTC

Someone please file a bug upstream [1] and paste the url here so we can track it.

Thanks

[1] http://bugs.freedesktop.org/ => select the "xorg" product

Comment 14 Rémi Cardona (RETIRED) gentoo-dev

2009-10-14 21:44:41 UTC

*** Bug 287817 has been marked as a duplicate of this bug. ***

Comment 15 Martin Mokrejš 2009-10-16 21:45:04 UTC

Created attachment 207363 [details]
xdm-crash-on-kerberos-password.txt

Comment 16 Martin Mokrejš 2009-10-16 21:45:23 UTC

Created attachment 207364 [details]
xdm-crash-on-fvwm2-exit.txt

Comment 17 Martin Mokrejš 2009-10-16 21:53:26 UTC

The crash when I exit my window manager is related to PAM. The file xdm-crash-on-fvwm2-exit.txt contains full debug as I have finally figured out why I did not have debug info for glibc (bug #289364).

The crash on kerberos password is different (see xdm-crash-on-kerberos-password.txt) for full debug (I zapped the contents of pa_string variable). Hope that was the right field. ;-) I suspect an issue between glibc-2.10.1 and 2.6.30.6 kernel.

Please note my kernel headers at least at the moment are 2.6.30-r1 while /usr/src/linux symlinks to linux-2.6.30.6 tree. I think I saw somewhere in Gentoo bugzilla today that glibc should compile fine unless kernel headers are newer then the actually running kernel. I don't think it is my case but let me emphasize this.

I am not reopening upstream, at least yet.

Comment 18 Martin Mokrejš 2009-10-16 21:59:37 UTC

(In reply to comment #16)
> Created an attachment (id=207364) [details]
> xdm-crash-on-fvwm2-exit.txt
> 

Anyway, what is this evil command? I forgot to ask while opening this bug report:

/bin/rm -f /var/lib/xdm/authdir/authfiles/A*[cut]

Doesn't xdm know the name of the tempfile it created?

Comment 19 Rémi Cardona (RETIRED) gentoo-dev

2009-10-17 05:42:15 UTC

(In reply to comment #13)
> Someone please file a bug upstream [1] and paste the url here so we can track
> it.
> 
> Thanks
> 
> [1] http://bugs.freedesktop.org/ => select the "xorg" product

Comment 20 Martin Mokrejš 2009-10-17 11:07:36 UTC

The "kerberos" issue in https://bugs.freedesktop.org/show_bug.cgi?id=24588 .

The SessionExit -> PAM -> strlen() issue is in https://bugs.freedesktop.org/show_bug.cgi?id=24589 .

Comment 21 Rémi Cardona (RETIRED) gentoo-dev

2009-10-17 13:34:13 UTC

reopening

Comment 22 Rémi Cardona (RETIRED) gentoo-dev

2009-10-17 13:34:51 UTC

And closing with the proper resolution.

Thanks

Comment 23 Martin Mokrejš 2010-01-12 22:15:54 UTC

Upstream has committed a fix: http://bugs.freedesktop.org/show_bug.cgi?id=24589
 . Remi, please bring for us into Gentoo.

Comment 24 Rémi Cardona (RETIRED) gentoo-dev

2010-01-19 00:46:31 UTC

Does it work for you?

Thanks

Comment 25 Martin Mokrejš 2010-01-19 13:17:55 UTC

The patch fixes the problem with xdm crashing on logout. Not the issue with kerberos password.

Comment 26 Rémi Cardona (RETIRED) gentoo-dev

2010-01-19 20:48:48 UTC

xdm being really low-priority for us (and me being very busy IRL) I can just suggest using xdm-9999 from the x11 overlay and opening new bugs upstream (with remi at gentoo dot org CCed) so that bugs are taken care of.

We'll close this bug once a new release of xdm is done upstream.

Thanks

Comment 27 Martin Mokrejš 2010-03-16 19:59:12 UTC

(In reply to comment #26)
> xdm being really low-priority for us (and me being very busy IRL) I can just
> suggest using xdm-9999 from the x11 overlay and opening new bugs upstream (with
> remi at gentoo dot org CCed) so that bugs are taken care of.
> 
> We'll close this bug once a new release of xdm is done upstream.
> 
> Thanks
> 

There is no xdm in x11 overlay at all. :( But as you probably also received a Cc: from  the upstream bug, it is likely the bug was fixed by upstream just now.

Comment 28 Rémi Cardona (RETIRED) gentoo-dev

2010-03-16 22:19:10 UTC

(In reply to comment #27)
> There is no xdm in x11 overlay at all. :( 

Feel free to send us one, we'll gladly review it and put it in the overlay. Just use the latest ebuild as a base, that should work. (as long as you number it -9999)

> But as you probably also received a
> Cc: from  the upstream bug, it is likely the bug was fixed by upstream just
> now. 

Yeah, I saw. Testing the latest git is a good idea.

Thanks