ubuntu-x-swat team mailing list archive
-
ubuntu-x-swat team
-
Mailing list archive
-
Message #107018
[Bug 696957] Re: Large non-antialiased text causes xserver to abort
Actually I think even without the detailed hw logs this issue is clear
enough we can go ahead with the SRU.
** Description changed:
- Binary package hint: xserver-xorg-video-intel
-
+ [Impact]
+ On certain affected hardware, results in X server crash when looking at certain kinds of large images.
+
+ [Development Solution]
+ Upstream fixed this bug in the 2.13.x version of -intel that we are shipping in natty.
+
+ [Stable Solution]
+ The attached patch is a cherrypick from the upstream tree that applies to the 2.12.x version of -intel in maverick. This patch is also the listed solution on the upstream bug report.
+
+ [Test Case]
+ On affected hardware, disable font antialiasing and load http://launchpadlibrarian.net/29956668/crash.html in firefox.
+ This will cause a segfault of the X server.
+
+ The fix will prevent this segfault from occuring, and instead firefox
+ will display the words "GOODBYE WORLD!"
+
+ [Regression Potential]
+ Essentially none. This changes what happens when the uxa_pixmap_is_offscreen() call returns False. Before, it would fail the assertion test and terminate the X server. Pretty much any other behavior besides that is going to be an improvement!
+
+ That said, there are two subsequent commits on top of this one (which is
+ why the patch in the description of this bug is different than that
+ proposed). Near as I can tell these address other unrelated issues and
+ so I'm omitting them for now. It is conceivable though that this patch
+ provides an incomplete solution and those other patches should be
+ backported too. But one step at a time; if this patch alone is
+ sufficient to solve the issue it is the least risk way to go.
+
+ [Original Report]
Problem:
- If I disable font antialiasing and attempt to access
- http://launchpadlibrarian.net/29956668/crash.html in firefox my xserver aborts. This should not happen. The webpage should simply display the words "GOODBYE WORLD!" in very large text.
+ If I disable font antialiasing and attempt to access
+ http://launchpadlibrarian.net/29956668/crash.html in firefox my xserver aborts. This should not happen. The webpage should simply display the words "GOODBYE WORLD!" in very large text.
Note: text does not need to be very large. For example http://joe-
editor.sourceforge.net/ also triggers the bug.
Description: Ubuntu 10.10
Release: 10.10
xserver-xorg-video-intel:
- Installed: 2:2.12.0-1ubuntu5.1
- Candidate: 2:2.12.0-1ubuntu5.1
- Version table:
- *** 2:2.12.0-1ubuntu5.1 0
- 500 http://gb.archive.ubuntu.com/ubuntu/ maverick-updates/main i386 Packages
- 100 /var/lib/dpkg/status
- 2:2.12.0-1ubuntu5 0
- 500 http://gb.archive.ubuntu.com/ubuntu/ maverick/main i386 Packages
-
+ Installed: 2:2.12.0-1ubuntu5.1
+ Candidate: 2:2.12.0-1ubuntu5.1
+ Version table:
+ *** 2:2.12.0-1ubuntu5.1 0
+ 500 http://gb.archive.ubuntu.com/ubuntu/ maverick-updates/main i386 Packages
+ 100 /var/lib/dpkg/status
+ 2:2.12.0-1ubuntu5 0
+ 500 http://gb.archive.ubuntu.com/ubuntu/ maverick/main i386 Packages
Backtrace:
#0 0x00681416 in __kernel_vsyscall ()
No symbol table info available.
#1 0x00298941 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
- resultvar = <value optimised out>
- pid = 3960820
- selftid = 1949
+ resultvar = <value optimised out>
+ pid = 3960820
+ selftid = 1949
#2 0x0029be42 in abort () at abort.c:92
- act = {__sigaction_handler = {sa_handler = 0x468,
- sa_sigaction = 0x468}, sa_mask = {__val = {3966032, 120, 3965888,
- 3960820, 3965888, 108, 3212918176, 3010141, 198339232, 3960820,
- 3960820, 109, 3212918376, 2944968, 198339336, 198339336, 108,
- 198339232, 0, 4222451712, 198339336, 198339437, 198339336,
- 198339336, 198339444, 198339636, 198339336, 198339636, 0, 0, 0,
- 0}}, sa_flags = 0, sa_restorer = 0x4}
- sigs = {__val = {32, 0 <repeats 31 times>}}
+ act = {__sigaction_handler = {sa_handler = 0x468,
+ sa_sigaction = 0x468}, sa_mask = {__val = {3966032, 120, 3965888,
+ 3960820, 3965888, 108, 3212918176, 3010141, 198339232, 3960820,
+ 3960820, 109, 3212918376, 2944968, 198339336, 198339336, 108,
+ 198339232, 0, 4222451712, 198339336, 198339437, 198339336,
+ 198339336, 198339444, 198339636, 198339336, 198339636, 0, 0, 0,
+ 0}}, sa_flags = 0, sa_restorer = 0x4}
+ sigs = {__val = {32, 0 <repeats 31 times>}}
#3 0x002918e8 in __assert_fail (
- assertion=0x200098 "uxa_pixmap_is_offscreen(src_pixmap)",
- file=0x200080 "../../uxa/uxa-glyphs.c", line=986,
- function=0x200124 "uxa_glyphs_via_mask") at assert.c:81
- buf = 0xbd26c38 "X: ../../uxa/uxa-glyphs.c:986: uxa_glyphs_via_mask: Assertion `uxa_pixmap_is_offscreen(src_pixmap)' failed.\n"
- #4 0x001ef988 in uxa_glyphs_via_mask (op=3 '\003', pSrc=0xbb11b58,
- pDst=0xbb366a8, maskFormat=0xb2bb7f0, xSrc=8, ySrc=77, nlist=1,
- list=0xbf814570, glyphs=0xbf814170) at ../../uxa/uxa-glyphs.c:986
- src_pixmap = 0xbd26440
- src_x = 0
- glyph = 0xbb34bb8
- src_y = 0
- priv = 0xbd26440
- screen = 0x9c01750
- mask = 0xbd26a48
- y = 52
- pixmap = 0xbd26938
- width = <value optimised out>
- dst_off_x = 6
- dst_off_y = 25
- box = {x1 = 6, y1 = 25, x2 = 145, y2 = 93}
- component_alpha = 0
- glyph_atlas = <value optimised out>
- x = 2
- height = <value optimised out>
- error = 0
- #5 uxa_glyphs (op=3 '\003', pSrc=0xbb11b58, pDst=0xbb366a8,
- maskFormat=0xb2bb7f0, xSrc=8, ySrc=77, nlist=1, list=0xbf814570,
- glyphs=0xbf814170) at ../../uxa/uxa-glyphs.c:1151
- screen = 0x9c01750
- uxa_screen = <value optimised out>
- xDst = 2
- yDst = 198338872
- extents = {x1 = 0, y1 = 0, x2 = 0, y2 = 0}
- width = 0
- height = 0
- ret = <value optimised out>
- localDst = 0x8
- #6 0x08122ae9 in damageGlyphs (op=6 '\006', pSrc=0xbb11b58, pDst=0xbb366a8,
- maskFormat=0xb2bb7f0, xSrc=<value optimised out>,
- ySrc=<value optimised out>, nlist=1, list=0xbf814570, glyphs=0xbf814170)
- at ../../../miext/damage/damage.c:718
- pScreen = <value optimised out>
- #7 0x081bea90 in CompositeGlyphs (op=0 '\000', pSrc=0xbb11b58,
- pDst=0xbb366a8, maskFormat=0xb2bb7f0, xSrc=<value optimised out>,
- ySrc=<value optimised out>, nlist=1, lists=0xbf814570, glyphs=0xbf814170)
- at ../../render/glyph.c:604
+ assertion=0x200098 "uxa_pixmap_is_offscreen(src_pixmap)",
+ file=0x200080 "../../uxa/uxa-glyphs.c", line=986,
+ function=0x200124 "uxa_glyphs_via_mask") at assert.c:81
+ buf = 0xbd26c38 "X: ../../uxa/uxa-glyphs.c:986: uxa_glyphs_via_mask: Assertion `uxa_pixmap_is_offscreen(src_pixmap)' failed.\n"
+ #4 0x001ef988 in uxa_glyphs_via_mask (op=3 '\003', pSrc=0xbb11b58,
+ pDst=0xbb366a8, maskFormat=0xb2bb7f0, xSrc=8, ySrc=77, nlist=1,
+ list=0xbf814570, glyphs=0xbf814170) at ../../uxa/uxa-glyphs.c:986
+ src_pixmap = 0xbd26440
+ src_x = 0
+ glyph = 0xbb34bb8
+ src_y = 0
+ priv = 0xbd26440
+ screen = 0x9c01750
+ mask = 0xbd26a48
+ y = 52
+ pixmap = 0xbd26938
+ width = <value optimised out>
+ dst_off_x = 6
+ dst_off_y = 25
+ box = {x1 = 6, y1 = 25, x2 = 145, y2 = 93}
+ component_alpha = 0
+ glyph_atlas = <value optimised out>
+ x = 2
+ height = <value optimised out>
+ error = 0
+ #5 uxa_glyphs (op=3 '\003', pSrc=0xbb11b58, pDst=0xbb366a8,
+ maskFormat=0xb2bb7f0, xSrc=8, ySrc=77, nlist=1, list=0xbf814570,
+ glyphs=0xbf814170) at ../../uxa/uxa-glyphs.c:1151
+ screen = 0x9c01750
+ uxa_screen = <value optimised out>
+ xDst = 2
+ yDst = 198338872
+ extents = {x1 = 0, y1 = 0, x2 = 0, y2 = 0}
+ width = 0
+ height = 0
+ ret = <value optimised out>
+ localDst = 0x8
+ #6 0x08122ae9 in damageGlyphs (op=6 '\006', pSrc=0xbb11b58, pDst=0xbb366a8,
+ maskFormat=0xb2bb7f0, xSrc=<value optimised out>,
+ ySrc=<value optimised out>, nlist=1, list=0xbf814570, glyphs=0xbf814170)
+ at ../../../miext/damage/damage.c:718
+ pScreen = <value optimised out>
+ #7 0x081bea90 in CompositeGlyphs (op=0 '\000', pSrc=0xbb11b58,
+ pDst=0xbb366a8, maskFormat=0xb2bb7f0, xSrc=<value optimised out>,
+ ySrc=<value optimised out>, nlist=1, lists=0xbf814570, glyphs=0xbf814170)
+ at ../../render/glyph.c:604
No locals.
#8 0x0811c463 in ProcRenderCompositeGlyphs (client=0xb62e338)
- at ../../render/render.c:1435
- glyphSet = 0xb72e468
- pSrc = 0xbb11b58
- pDst = 0xbb366a8
- pFormat = 0xb2bb7f0
- listsLocal = {{xOff = 8, yOff = 77, len = 6 '\006',
- format = 0xb2bb7f0}, {xOff = 0, yOff = 0, len = 0 '\000',
- format = 0x0} <repeats 52 times>, {xOff = 24081, yOff = 2064,
- len = 0 '\000', format = 0x0}, {xOff = 0, yOff = 0,
- len = 0 '\000', format = 0x0}, {xOff = 0, yOff = 0,
- len = 0 '\000', format = 0xb62e338}, {xOff = 0, yOff = 0,
- len = 0 '\000', format = 0x0}, {xOff = 4084, yOff = 2079,
- len = 8 '\b', format = 0xb303cf0}, {xOff = 18536, yOff = -16511,
- len = 102 'f', format = 0x8202544}, {xOff = 0, yOff = 0,
- len = 136 '\210', format = 0x0}, {xOff = 0, yOff = 0,
- len = 0 '\000', format = 0x0}, {xOff = 14369, yOff = 2055,
- len = 0 '\000', format = 0x0}, {xOff = 0, yOff = 0,
- len = 244 '\364', format = 0xb62e338}, {xOff = 9536, yOff = 2080,
- len = 184 '\270', format = 0x8104a2e}}
- lists = 0xbf81457c
- listsBase = 0xbf814570
- glyphsLocal = {0xbb34bb8, 0xb9f2868, 0xb78ace0, 0xbaf1088, 0xbaf1088,
- 0xbaf1088, 0x0 <repeats 250 times>}
- glyph = <value optimised out>
- glyphs = 0xbf814188
- glyphsBase = 0xbf814170
- buffer = <value optimised out>
- end = 0xba105b0 "\225\021\003"
- nglyph = -1082048120
- nlist = 1
- space = <value optimised out>
- size = <value optimised out>
- rc = <value optimised out>
+ at ../../render/render.c:1435
+ glyphSet = 0xb72e468
+ pSrc = 0xbb11b58
+ pDst = 0xbb366a8
+ pFormat = 0xb2bb7f0
+ listsLocal = {{xOff = 8, yOff = 77, len = 6 '\006',
+ format = 0xb2bb7f0}, {xOff = 0, yOff = 0, len = 0 '\000',
+ format = 0x0} <repeats 52 times>, {xOff = 24081, yOff = 2064,
+ len = 0 '\000', format = 0x0}, {xOff = 0, yOff = 0,
+ len = 0 '\000', format = 0x0}, {xOff = 0, yOff = 0,
+ len = 0 '\000', format = 0xb62e338}, {xOff = 0, yOff = 0,
+ len = 0 '\000', format = 0x0}, {xOff = 4084, yOff = 2079,
+ len = 8 '\b', format = 0xb303cf0}, {xOff = 18536, yOff = -16511,
+ len = 102 'f', format = 0x8202544}, {xOff = 0, yOff = 0,
+ len = 136 '\210', format = 0x0}, {xOff = 0, yOff = 0,
+ len = 0 '\000', format = 0x0}, {xOff = 14369, yOff = 2055,
+ len = 0 '\000', format = 0x0}, {xOff = 0, yOff = 0,
+ len = 244 '\364', format = 0xb62e338}, {xOff = 9536, yOff = 2080,
+ len = 184 '\270', format = 0x8104a2e}}
+ lists = 0xbf81457c
+ listsBase = 0xbf814570
+ glyphsLocal = {0xbb34bb8, 0xb9f2868, 0xb78ace0, 0xbaf1088, 0xbaf1088,
+ 0xbaf1088, 0x0 <repeats 250 times>}
+ glyph = <value optimised out>
+ glyphs = 0xbf814188
+ glyphsBase = 0xbf814170
+ buffer = <value optimised out>
+ end = 0xba105b0 "\225\021\003"
+ nglyph = -1082048120
+ nlist = 1
+ space = <value optimised out>
+ size = <value optimised out>
+ rc = <value optimised out>
#9 0x08118293 in ProcRenderDispatch (client=0x6) at ../../render/render.c:2051
No locals.
#10 0x0806e087 in Dispatch () at ../../dix/dispatch.c:432
- result = <value optimised out>
- client = 0xb62e338
- nready = 0
- start_tick = 260
+ result = <value optimised out>
+ client = 0xb62e338
+ nready = 0
+ start_tick = 260
#11 0x080625ba in main (argc=6, argv=0xbf814a04, envp=0xbf814a20)
- at ../../dix/main.c:291
- i = 1
- alwaysCheckForInput = {0, 1}
-
-
- Tracked bug down to uxa/uxa-glyphs.c in the xserver-xorg-video-intel driver. I looked at the latest git of the driver and knocked together the following patch which seems to work. Not sure of the quality of the code though:
+ at ../../dix/main.c:291
+ i = 1
+ alwaysCheckForInput = {0, 1}
+
+ Tracked bug down to uxa/uxa-glyphs.c in the xserver-xorg-video-intel
+ driver. I looked at the latest git of the driver and knocked together
+ the following patch which seems to work. Not sure of the quality of the
+ code though:
--- a/uxa/uxa-glyphs.c 2010-06-24 21:29:37.000000000 +0100
+++ b/uxa/uxa-glyphs.c 2010-12-31 19:51:49.000000000 +0000
@@ -164,8 +164,12 @@
- INTEL_CREATE_PIXMAP_TILING_X);
- if (!pixmap)
- goto bail;
+ INTEL_CREATE_PIXMAP_TILING_X);
+ if (!pixmap)
+ goto bail;
- assert (uxa_pixmap_is_offscreen(pixmap));
-
+ if (!uxa_pixmap_is_offscreen(pixmap)) {
+ /* Presume shadow is in-effect */
+ pScreen->DestroyPixmap(pixmap);
+ uxa_unrealize_glyph_caches(pScreen);
+ return TRUE;
+ }
- component_alpha = NeedsComponent(pPictFormat->format);
- picture = CreatePicture(0, &pixmap->drawable, pPictFormat,
- CPComponentAlpha, &component_alpha,
+ component_alpha = NeedsComponent(pPictFormat->format);
+ picture = CreatePicture(0, &pixmap->drawable, pPictFormat,
+ CPComponentAlpha, &component_alpha,
@@ -780,9 +784,8 @@
-
- mask_pixmap =
- uxa_get_drawable_pixmap(this_atlas->pDrawable);
+
+ mask_pixmap =
+ uxa_get_drawable_pixmap(this_atlas->pDrawable);
- assert (uxa_pixmap_is_offscreen(mask_pixmap));
-
- if (!uxa_screen->info->prepare_composite(op,
+ if (!uxa_pixmap_is_offscreen(mask_pixmap) ||
+ !uxa_screen->info->prepare_composite(op,
- localSrc, this_atlas, pDst,
- src_pixmap, mask_pixmap, dst_pixmap))
- return -1;
+ localSrc, this_atlas, pDst,
+ src_pixmap, mask_pixmap, dst_pixmap))
+ return -1;
@@ -983,9 +986,8 @@
-
- src_pixmap =
- uxa_get_drawable_pixmap(this_atlas->pDrawable);
+
+ src_pixmap =
+ uxa_get_drawable_pixmap(this_atlas->pDrawable);
- assert (uxa_pixmap_is_offscreen(src_pixmap));
-
- if (!uxa_screen->info->prepare_composite(PictOpAdd,
+ if (!uxa_pixmap_is_offscreen(src_pixmap) ||
+ !uxa_screen->info->prepare_composite(PictOpAdd,
- this_atlas, NULL, mask,
- src_pixmap, NULL, pixmap))
- return -1;
+ this_atlas, NULL, mask,
+ src_pixmap, NULL, pixmap))
+ return -1;
** Changed in: xserver-xorg-video-intel (Ubuntu)
Importance: Medium => High
** Changed in: xserver-xorg-video-intel (Ubuntu)
Status: Incomplete => Triaged
** Summary changed:
- Large non-antialiased text causes xserver to abort
+ [SRU] Large non-antialiased text causes xserver to abort
** Also affects: xserver-xorg-video-intel (Ubuntu Maverick)
Importance: Undecided
Status: New
** Also affects: xserver-xorg-video-intel (Ubuntu Natty)
Importance: High
Status: Triaged
** Changed in: xserver-xorg-video-intel (Ubuntu Maverick)
Status: New => Triaged
** Changed in: xserver-xorg-video-intel (Ubuntu Maverick)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu-X,
which is subscribed to xserver-xorg-video-intel in ubuntu.
https://bugs.launchpad.net/bugs/696957
Title:
[SRU] Large non-antialiased text causes xserver to abort
References
