NetBSD Problem Report #53812
From www@NetBSD.org Wed Dec 26 04:02:21 2018
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 3E3107A1BC
for <gnats-bugs@gnats.NetBSD.org>; Wed, 26 Dec 2018 04:02:21 +0000 (UTC)
Message-Id: <20181226040219.921F67A1F0@mollari.NetBSD.org>
Date: Wed, 26 Dec 2018 04:02:19 +0000 (UTC)
From: mustang@engholm.org
Reply-To: mustang@engholm.org
To: gnats-bugs@NetBSD.org
Subject: vncserver consistently crashes
X-Send-Pr-Version: www-1.0
>Number: 53812
>Category: pkg
>Synopsis: vncserver consistently crashes
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Dec 26 04:05:00 +0000 2018
>Last-Modified: Thu Dec 27 03:15:01 +0000 2018
>Originator: Da Engholm
>Release: 2018-Q3
>Organization:
>Environment:
NetBSD localhost 8.0 NetBSD 8.0 (GENERIC) #0: Tue Jul 17 14:59:51 UTC 2018 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/xen/compile/GENERIC amd64
>Description:
Xvnc crashes consistently producing a core file. This occurs with net/vnc built from sources and installed as a binary package using pkgin. I have seen this for several years now, though I can't recall now when it started. I have a NetBSD-7.0.2 host with vnc-3.3.3.2nb4 which functions. I can copy the Xvnc binary on that system to a newer system, overlying the non-working Xvnc binary then VNC server works fine.
I've tried this with several VNC viewers: gvncviewer and RealVNC on Ubuntu 16.04.5 LTS, RealVNC on Android, vncviewer on NetBSD 8.0 with identical results.
As consistently as this has failed for me for years, I am surprised that searches on Google have not turned up any other complaints, nor have I seen anything come up in pkgsrc-users.
>How-To-Repeat:
I did this with a VMWare guest. Having gone through it several times with
the same result, I don't believe that the particulars (CPU count, memory
size, file system capacity) make any difference. I have also demonstrated this on NetBSD 8.0 and older running in a XEN user domain (running on a NetBSD 6.1.4 host).
* install NetBSD-8.0 (several previous versions also demonstrate the
problem)
+ select installation of binary packages (pkgin)
* log in and install vnc package (pkgin install vnc)
* start a VNC server (vncserver :1)
* check to make sure Xvnc is running (pgrep -fl vnc;netstat -anfinet)
* connect a vncviewer to the vncserver
* note that Xvnc is no longer running (pgrep -fl vnc;netstat -anfinet)
* note that Xvnc.core has been created
>Fix:
I know of no way to work around this problem besides using a copy of Xvnc built in 2009.
>Audit-Trail:
From: Leonardo Taccari <leot@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/53812: vncserver consistently crashes
Date: Wed, 26 Dec 2018 10:27:25 +0100
Hello Da,
mustang@engholm.org writes:
> [...]
> * install NetBSD-8.0 (several previous versions also demonstrate the
> problem)
> + select installation of binary packages (pkgin)
> * log in and install vnc package (pkgin install vnc)
> * start a VNC server (vncserver :1)
> * check to make sure Xvnc is running (pgrep -fl vnc;netstat -anfinet)
> * connect a vncviewer to the vncserver
> * note that Xvnc is no longer running (pgrep -fl vnc;netstat -anfinet)
> * note that Xvnc.core has been created
> [...]
At least in the case built from pkgsrc...
Can you please try to rebuild it from pkgsrc as follow?:
% env CFLAGS=-g INSTALL_UNSTRIPPED=yes make replace
Then when it crashes can you please share the share the output of?:
% gdb -core Xvnc.core `which Xvnc`
Another possible interesting information to look are messages in
`/var/log/messages' (some pkgsrc security machinisms produce
information there in case of program that violate them).
Thank you!
From: Dan Engholm <mustang@engholm.org>
To: gnats-bugs@NetBSD.org, pkg-manager@netbsd.org, gnats-admin@netbsd.org,
pkgsrc-bugs@netbsd.org
Cc:
Subject: Re: pkg/53812: vncserver consistently crashes
Date: Wed, 26 Dec 2018 17:56:09 -0800
This is a multi-part message in MIME format.
--------------407789ED23302A0992EF2EC0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Leonardo,
The gdb output looks like this:
$ gdb -core Xvnc.core `which Xvnc`
GNU gdb (GDB) 7.12
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show
copying"
and "show warranty" for details.
This GDB was configured as "x86_64--netbsd".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/pkg/bin/Xvnc...(no debugging symbols
found)...done.
[New process 1]
Core was generated by `Xvnc'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x0000000000410834 in FakeAllocColor ()
(gdb) bt
#0 0x0000000000410834 in FakeAllocColor ()
#1 0x0000000000473d77 in rfbSpriteRestoreCursor ()
#2 0x0000000000474d9a in rfbSendFramebufferUpdate ()
#3 0x00000000004751ac in rfbProcessClientMessage ()
#4 0x000000000046a110 in rfbCheckFds ()
#5 0x0000000000469475 in ProcessInputEvents ()
#6 0x000000000041a7a1 in Dispatch ()
#7 0x000000000050b71f in main ()
(gdb) x/16i $rip-32
0x410814 <FakeAllocColor+44>: or $0x66,%al
0x410816 <FakeAllocColor+46>: mov %eax,0x3c(%rsp)
0x41081a <FakeAllocColor+50>: lea 0x38(%rsp),%rax
0x41081f <FakeAllocColor+55>: lea 0x3c(%rsp),%rdx
0x410824 <FakeAllocColor+60>: lea 0x2(%rax),%rsi
0x410828 <FakeAllocColor+64>: mov 0x18(%rdi),%rax
0x41082c <FakeAllocColor+68>: mov %rbp,%rcx
0x41082f <FakeAllocColor+71>: lea 0x38(%rsp),%rdi
=> 0x410834 <FakeAllocColor+76>: callq *0x250(%rax)
0x41083a <FakeAllocColor+82>: movswl 0xc(%rbp),%r13d
0x41083f <FakeAllocColor+87>: cmpw $0x5,0x8(%rbx)
0x410844 <FakeAllocColor+92>: ja 0x4109dd
<FakeAllocColor+501>
0x41084a <FakeAllocColor+98>: movzwl 0x8(%rbx),%eax
0x41084e <FakeAllocColor+102>: jmpq *0x50c3f0(,%rax,8)
0x410855 <FakeAllocColor+109>: mov (%r12),%rax
0x410859 <FakeAllocColor+113>: mov 0x10(%rbp),%rdx
(gdb) info regs
Undefined info command: "regs". Try "help info".
(gdb) info reg
rax 0x0 0
rbx 0x7172cc5f2000 124737868996608
rcx 0x0 0
rdx 0x7f7fff84f1fc 140187724476924
rsi 0x7f7fff84f1fa 140187724476922
rdi 0x7f7fff84f1f8 140187724476920
rbp 0x0 0x0
rsp 0x7f7fff84f1c0 0x7f7fff84f1c0
r8 0x18 24
r9 0x8 8
r10 0x0 0
r11 0x0 0
r12 0x7172cc51b240 124737868116544
r13 0x179 377
r14 0x7172cc50c610 124737868056080
r15 0x7172cc51b1b0 124737868116400
rip 0x410834 0x410834 <FakeAllocColor+76>
eflags 0x10206 [ PF IF RF ]
cs 0xe033 57395
ss 0xe02b 57387
ds 0x23 35
es 0x23 35
fs 0x0 0
gs 0x0 0
Nothing new was written to any file in /var/log, let alone messages.
FWIW, this is the content of the ~/.vnc/<hostname>.log file:
Getting interface configuration (4): Device not configured
26/12/18 08:05:57 Xvnc version 3.3.3r2
26/12/18 08:05:57 Copyright (C) AT&T Laboratories Cambridge.
26/12/18 08:05:57 All Rights Reserved.
26/12/18 08:05:57 See http://www.uk.research.att.com/vnc for
information on VNC
26/12/18 08:05:57 Desktop name 'X' (robin.engholm.org:1)
26/12/18 08:05:57 Protocol version supported 3.3
26/12/18 08:05:57 Listening for VNC connections on TCP port 5901
26/12/18 08:05:57 Listening for HTTP connections on TCP port 5801
26/12/18 08:05:57 URL http://robin.engholm.org:5801
PATH =
/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/pkg/bin:/usr/pkg/sbin:/usr/X11R7/bin:/home/mustang/bin:/usr/pkg/java/bin
xrdb: Can't open display ':1'
xsetroot: unable to open display ':1'
twm: unable to open display ":1"
xterm: Xt error: Can't open display: :1
26/12/18 08:06:05 Got connection from client 172.16.2.25
26/12/18 08:06:05 Protocol version 3.3
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type 541214224
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type 268447745
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type 16795158
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type 369111061
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type 352339471
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type 251670534
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type 100681221
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type 83898370
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type 33572352
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type -314
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type -239
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring unknown
encoding type -223
26/12/18 08:06:11 Pixel format for client 172.16.2.25:
26/12/18 08:06:11 8 bpp, depth 8
26/12/18 08:06:11 uses a colour map (not true colour).
26/12/18 08:06:11 no translation needed
I'm happy to perform any other experiments, just let me know. Thanks for
your quick response. BTW, I have installed tigervnc on one of my hosts
and that appears to work just fine.
--Dan
On 12/26/18 1:30 AM, Leonardo Taccari wrote:
> The following reply was made to PR pkg/53812; it has been noted by GNATS.
>
> From: Leonardo Taccari<leot@NetBSD.org>
> To:gnats-bugs@NetBSD.org
> Cc:
> Subject: Re: pkg/53812: vncserver consistently crashes
> Date: Wed, 26 Dec 2018 10:27:25 +0100
>
> Hello Da,
>
> mustang@engholm.org writes:
> > [...]
> > * install NetBSD-8.0 (several previous versions also demonstrate the
> > problem)
> > + select installation of binary packages (pkgin)
> > * log in and install vnc package (pkgin install vnc)
> > * start a VNC server (vncserver :1)
> > * check to make sure Xvnc is running (pgrep -fl vnc;netstat -anfinet)
> > * connect a vncviewer to the vncserver
> > * note that Xvnc is no longer running (pgrep -fl vnc;netstat -anfinet)
> > * note that Xvnc.core has been created
> > [...]
>
> At least in the case built from pkgsrc...
> Can you please try to rebuild it from pkgsrc as follow?:
>
> % env CFLAGS=-g INSTALL_UNSTRIPPED=yes make replace
>
> Then when it crashes can you please share the share the output of?:
>
> % gdb -core Xvnc.core `which Xvnc`
>
> Another possible interesting information to look are messages in
> `/var/log/messages' (some pkgsrc security machinisms produce
> information there in case of program that violate them).
>
>
> Thank you!
>
--------------407789ED23302A0992EF2EC0
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 8bit
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Leonardo,</p>
<p>The gdb output looks like this:</p>
<blockquote>
<p>$ gdb -core Xvnc.core `which Xvnc`<br>
GNU gdb (GDB) 7.12<br>
Copyright (C) 2016 Free Software Foundation, Inc.<br>
License GPLv3+: GNU GPL version 3 or later <a
class="moz-txt-link-rfc2396E"
href="http://gnu.org/licenses/gpl.html"><http://gnu.org/licenses/gpl.html></a><br>
This is free software: you are free to change and redistribute
it.<br>
There is NO WARRANTY, to the extent permitted by law. Type
"show copying"<br>
and "show warranty" for details.<br>
This GDB was configured as "x86_64--netbsd".<br>
Type "show configuration" for configuration details.<br>
For bug reporting instructions, please see:<br>
<a class="moz-txt-link-rfc2396E"
href="http://www.gnu.org/software/gdb/bugs/"><http://www.gnu.org/software/gdb/bugs/></a>.<br>
Find the GDB manual and other documentation resources online
at:<br>
<a class="moz-txt-link-rfc2396E"
href="http://www.gnu.org/software/gdb/documentation/"><http://www.gnu.org/software/gdb/documentation/></a>.<br>
For help, type "help".<br>
Type "apropos word" to search for commands related to
"word"...<br>
Reading symbols from /usr/pkg/bin/Xvnc...(no debugging symbols
found)...done.<br>
[New process 1]<br>
Core was generated by `Xvnc'.<br>
Program terminated with signal SIGSEGV, Segmentation fault.<br>
#0 0x0000000000410834 in FakeAllocColor ()<br>
(gdb) bt<br>
#0 0x0000000000410834 in FakeAllocColor ()<br>
#1 0x0000000000473d77 in rfbSpriteRestoreCursor ()<br>
#2 0x0000000000474d9a in rfbSendFramebufferUpdate ()<br>
#3 0x00000000004751ac in rfbProcessClientMessage ()<br>
#4 0x000000000046a110 in rfbCheckFds ()<br>
#5 0x0000000000469475 in ProcessInputEvents ()<br>
#6 0x000000000041a7a1 in Dispatch ()<br>
#7 0x000000000050b71f in main ()<br>
(gdb) x/16i $rip-32<br>
0x410814 <FakeAllocColor+44>: or $0x66,%al<br>
0x410816 <FakeAllocColor+46>: mov
%eax,0x3c(%rsp)<br>
0x41081a <FakeAllocColor+50>: lea
0x38(%rsp),%rax<br>
0x41081f <FakeAllocColor+55>: lea
0x3c(%rsp),%rdx<br>
0x410824 <FakeAllocColor+60>: lea
0x2(%rax),%rsi<br>
0x410828 <FakeAllocColor+64>: mov
0x18(%rdi),%rax<br>
0x41082c <FakeAllocColor+68>: mov %rbp,%rcx<br>
0x41082f <FakeAllocColor+71>: lea
0x38(%rsp),%rdi<br>
=> 0x410834 <FakeAllocColor+76>: callq
*0x250(%rax)<br>
0x41083a <FakeAllocColor+82>: movswl
0xc(%rbp),%r13d<br>
0x41083f <FakeAllocColor+87>: cmpw
$0x5,0x8(%rbx)<br>
0x410844 <FakeAllocColor+92>: ja 0x4109dd
<FakeAllocColor+501><br>
0x41084a <FakeAllocColor+98>: movzwl
0x8(%rbx),%eax<br>
0x41084e <FakeAllocColor+102>: jmpq
*0x50c3f0(,%rax,8)<br>
0x410855 <FakeAllocColor+109>: mov (%r12),%rax<br>
0x410859 <FakeAllocColor+113>: mov
0x10(%rbp),%rdx<br>
(gdb) info regs<br>
Undefined info command: "regs". Try "help info".<br>
(gdb) info reg<br>
rax 0x0 0<br>
rbx 0x7172cc5f2000 124737868996608<br>
rcx 0x0 0<br>
rdx 0x7f7fff84f1fc 140187724476924<br>
rsi 0x7f7fff84f1fa 140187724476922<br>
rdi 0x7f7fff84f1f8 140187724476920<br>
rbp 0x0 0x0<br>
rsp 0x7f7fff84f1c0 0x7f7fff84f1c0<br>
r8 0x18 24<br>
r9 0x8 8<br>
r10 0x0 0<br>
r11 0x0 0<br>
r12 0x7172cc51b240 124737868116544<br>
r13 0x179 377<br>
r14 0x7172cc50c610 124737868056080<br>
r15 0x7172cc51b1b0 124737868116400<br>
rip 0x410834 0x410834 <FakeAllocColor+76><br>
eflags 0x10206 [ PF IF RF ]<br>
cs 0xe033 57395<br>
ss 0xe02b 57387<br>
ds 0x23 35<br>
es 0x23 35<br>
fs 0x0 0<br>
gs 0x0 0<br>
</p>
</blockquote>
<p>Nothing new was written to any file in /var/log, let
alone messages. FWIW, this is the content of the ~/.vnc/<hostname>.log
file:</p>
<blockquote>
<p>Getting interface configuration (4): Device not configured<br>
26/12/18 08:05:57 Xvnc version 3.3.3r2<br>
26/12/18 08:05:57 Copyright (C) AT&T Laboratories
Cambridge.<br>
26/12/18 08:05:57 All Rights Reserved.<br>
26/12/18 08:05:57 See <a class="moz-txt-link-freetext"
href="http://www.uk.research.att.com/vnc">http://www.uk.research.att.com/vnc</a>
for information on VNC<br>
26/12/18 08:05:57 Desktop name 'X' (robin.engholm.org:1)<br>
26/12/18 08:05:57 Protocol version supported 3.3<br>
26/12/18 08:05:57 Listening for VNC connections on TCP port
5901<br>
26/12/18 08:05:57 Listening for HTTP connections on TCP port
5801<br>
26/12/18 08:05:57 URL <a class="moz-txt-link-freetext"
href="http://robin.engholm.org:5801">http://robin.engholm.org:5801</a><br>
PATH =
/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/pkg/bin:/usr/pkg/sbin:/usr/X11R7/bin:/home/mustang/bin:/usr/pkg/java/bin<br>
xrdb: Can't open display ':1'<br>
xsetroot: unable to open display ':1'<br>
twm: unable to open display ":1"<br>
xterm: Xt error: Can't open display: :1<br>
<br>
26/12/18 08:06:05 Got connection from client 172.16.2.25<br>
26/12/18 08:06:05 Protocol version 3.3<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type 541214224<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type 268447745<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type 16795158<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type 369111061<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type 352339471<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type 251670534<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type 100681221<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type 83898370<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type 33572352<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type -314<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type -239<br>
26/12/18 08:06:11 rfbProcessClientNormalMessage: ignoring
unknown encoding type -223<br>
26/12/18 08:06:11 Pixel format for client 172.16.2.25:<br>
26/12/18 08:06:11 8 bpp, depth 8<br>
26/12/18 08:06:11 uses a colour map (not true colour).<br>
26/12/18 08:06:11 no translation needed<br>
</p>
</blockquote>
<p>I'm happy to perform any other experiments, just let me know.
Thanks for your quick response. BTW, I have installed tigervnc on
one of my hosts and that appears to work just fine.</p>
<p>--Dan<br>
</p>
<div class="moz-cite-prefix">On 12/26/18 1:30 AM, Leonardo Taccari
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:20181226093001.C974F7A1E3@mollari.NetBSD.org">
<pre class="moz-quote-pre" wrap="">The following reply was made to PR pkg/53812; it has been noted by GNATS.
From: Leonardo Taccari <a class="moz-txt-link-rfc2396E" href="mailto:leot@NetBSD.org"><leot@NetBSD.org></a>
To: <a class="moz-txt-link-abbreviated" href="mailto:gnats-bugs@NetBSD.org">gnats-bugs@NetBSD.org</a>
Cc:
Subject: Re: pkg/53812: vncserver consistently crashes
Date: Wed, 26 Dec 2018 10:27:25 +0100
Hello Da,
<a class="moz-txt-link-abbreviated" href="mailto:mustang@engholm.org">mustang@engholm.org</a> writes:
> [...]
> * install NetBSD-8.0 (several previous versions also demonstrate the
> problem)
> + select installation of binary packages (pkgin)
> * log in and install vnc package (pkgin install vnc)
> * start a VNC server (vncserver :1)
> * check to make sure Xvnc is running (pgrep -fl vnc;netstat -anfinet)
> * connect a vncviewer to the vncserver
> * note that Xvnc is no longer running (pgrep -fl vnc;netstat -anfinet)
> * note that Xvnc.core has been created
> [...]
At least in the case built from pkgsrc...
Can you please try to rebuild it from pkgsrc as follow?:
% env CFLAGS=-g INSTALL_UNSTRIPPED=yes make replace
Then when it crashes can you please share the share the output of?:
% gdb -core Xvnc.core `which Xvnc`
Another possible interesting information to look are messages in
`/var/log/messages' (some pkgsrc security machinisms produce
information there in case of program that violate them).
Thank you!
</pre>
</blockquote>
</body>
</html>
--------------407789ED23302A0992EF2EC0--
(Contact us)
$NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.