http://bugzilla.suse.com/show_bug.cgi?id=1016917
http://bugzilla.suse.com/show_bug.cgi?id=1016917#c12
--- Comment #12 from Michal Srb ---
The backtrace with debug info is:
#0 0x0000000000000021 in ()
#1 0x000000000059d49c in InputReady (fd=28, xevents=1, data=0x2244ce0) at
inputthread.c:173
#2 0x000000000059fba1 in ospoll_wait (ospoll=0x226ea80,
timeout=timeout@entry=-1) at ospoll.c:412
#3 0x000000000059d2f6 in InputThreadDoWork (arg=<optimized out>) at
inputthread.c:360
#4 0x00007f3012c02454 in create_thread () at /lib64/libpthread.so.0
#5 0x00007f3014fe0000 in _rtld_local () at /lib64/ld-linux-x86-64.so.2
#6 0xffffffffffffffff in ()#7 0xffffffffffffffff in ()#8
0x0000000000000000 in ()
`InputReady` function casts the `data` to `InputThreadDevice *dev` calls
`dev->readInputProc` which in this case is `xf86ReadInput`. It gives it
`dev->readInputArgs` as a its third `void *closure` parameter.
`xf86ReadInput` casts that `void *closure` parameter to `InputInfoPtr pInfo`
and attempts to call `pInfo->read_input`, however `read_input` has value 0x21
and that is where the segfault happens. The whole `pInfo` structure looks
messed up.
So it is some issue in the new threaded input handling in 1.19. It looks like
something freed and reused the InputInfo memory before this handler got to run.
If anyone is interested, I have got core dump of the crashed X server from the
installation (84 MB).
--
You are receiving this mail because:
You are on the CC list for the bug.