ubuntu-x-swat team mailing list archive
-
ubuntu-x-swat team
-
Mailing list archive
-
Message #107027
[Bug 696957] Re: [SRU] Large non-antialiased text causes xserver to abort
apport information
** Tags added: apport-collected
** Description changed:
[Impact]
On certain affected hardware, results in X server crash when looking at certain kinds of large images.
[Development Solution]
Upstream fixed this bug in the 2.13.x version of -intel that we are shipping in natty.
[Stable Solution]
The attached patch is a cherrypick from the upstream tree that applies to the 2.12.x version of -intel in maverick. This patch is also the listed solution on the upstream bug report.
[Test Case]
On affected hardware, disable font antialiasing and load http://launchpadlibrarian.net/29956668/crash.html in firefox.
This will cause a segfault of the X server.
The fix will prevent this segfault from occuring, and instead firefox
will display the words "GOODBYE WORLD!"
[Regression Potential]
Essentially none. This changes what happens when the uxa_pixmap_is_offscreen() call returns False. Before, it would fail the assertion test and terminate the X server. Pretty much any other behavior besides that is going to be an improvement!
That said, there are two subsequent commits on top of this one (which is
why the patch in the description of this bug is different than that
proposed). Near as I can tell these address other unrelated issues and
so I'm omitting them for now. It is conceivable though that this patch
provides an incomplete solution and those other patches should be
backported too. But one step at a time; if this patch alone is
sufficient to solve the issue it is the least risk way to go.
[Original Report]
Problem:
If I disable font antialiasing and attempt to access
http://launchpadlibrarian.net/29956668/crash.html in firefox my xserver aborts. This should not happen. The webpage should simply display the words "GOODBYE WORLD!" in very large text.
Note: text does not need to be very large. For example http://joe-
editor.sourceforge.net/ also triggers the bug.
Description: Ubuntu 10.10
Release: 10.10
xserver-xorg-video-intel:
Installed: 2:2.12.0-1ubuntu5.1
Candidate: 2:2.12.0-1ubuntu5.1
Version table:
*** 2:2.12.0-1ubuntu5.1 0
500 http://gb.archive.ubuntu.com/ubuntu/ maverick-updates/main i386 Packages
100 /var/lib/dpkg/status
2:2.12.0-1ubuntu5 0
500 http://gb.archive.ubuntu.com/ubuntu/ maverick/main i386 Packages
Backtrace:
#0 0x00681416 in __kernel_vsyscall ()
No symbol table info available.
#1 0x00298941 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
resultvar = <value optimised out>
pid = 3960820
selftid = 1949
#2 0x0029be42 in abort () at abort.c:92
act = {__sigaction_handler = {sa_handler = 0x468,
sa_sigaction = 0x468}, sa_mask = {__val = {3966032, 120, 3965888,
3960820, 3965888, 108, 3212918176, 3010141, 198339232, 3960820,
3960820, 109, 3212918376, 2944968, 198339336, 198339336, 108,
198339232, 0, 4222451712, 198339336, 198339437, 198339336,
198339336, 198339444, 198339636, 198339336, 198339636, 0, 0, 0,
0}}, sa_flags = 0, sa_restorer = 0x4}
sigs = {__val = {32, 0 <repeats 31 times>}}
#3 0x002918e8 in __assert_fail (
assertion=0x200098 "uxa_pixmap_is_offscreen(src_pixmap)",
file=0x200080 "../../uxa/uxa-glyphs.c", line=986,
function=0x200124 "uxa_glyphs_via_mask") at assert.c:81
buf = 0xbd26c38 "X: ../../uxa/uxa-glyphs.c:986: uxa_glyphs_via_mask: Assertion `uxa_pixmap_is_offscreen(src_pixmap)' failed.\n"
#4 0x001ef988 in uxa_glyphs_via_mask (op=3 '\003', pSrc=0xbb11b58,
pDst=0xbb366a8, maskFormat=0xb2bb7f0, xSrc=8, ySrc=77, nlist=1,
list=0xbf814570, glyphs=0xbf814170) at ../../uxa/uxa-glyphs.c:986
src_pixmap = 0xbd26440
src_x = 0
glyph = 0xbb34bb8
src_y = 0
priv = 0xbd26440
screen = 0x9c01750
mask = 0xbd26a48
y = 52
pixmap = 0xbd26938
width = <value optimised out>
dst_off_x = 6
dst_off_y = 25
box = {x1 = 6, y1 = 25, x2 = 145, y2 = 93}
component_alpha = 0
glyph_atlas = <value optimised out>
x = 2
height = <value optimised out>
error = 0
#5 uxa_glyphs (op=3 '\003', pSrc=0xbb11b58, pDst=0xbb366a8,
maskFormat=0xb2bb7f0, xSrc=8, ySrc=77, nlist=1, list=0xbf814570,
glyphs=0xbf814170) at ../../uxa/uxa-glyphs.c:1151
screen = 0x9c01750
uxa_screen = <value optimised out>
xDst = 2
yDst = 198338872
extents = {x1 = 0, y1 = 0, x2 = 0, y2 = 0}
width = 0
height = 0
ret = <value optimised out>
localDst = 0x8
#6 0x08122ae9 in damageGlyphs (op=6 '\006', pSrc=0xbb11b58, pDst=0xbb366a8,
maskFormat=0xb2bb7f0, xSrc=<value optimised out>,
ySrc=<value optimised out>, nlist=1, list=0xbf814570, glyphs=0xbf814170)
at ../../../miext/damage/damage.c:718
pScreen = <value optimised out>
#7 0x081bea90 in CompositeGlyphs (op=0 '\000', pSrc=0xbb11b58,
pDst=0xbb366a8, maskFormat=0xb2bb7f0, xSrc=<value optimised out>,
ySrc=<value optimised out>, nlist=1, lists=0xbf814570, glyphs=0xbf814170)
at ../../render/glyph.c:604
No locals.
#8 0x0811c463 in ProcRenderCompositeGlyphs (client=0xb62e338)
at ../../render/render.c:1435
glyphSet = 0xb72e468
pSrc = 0xbb11b58
pDst = 0xbb366a8
pFormat = 0xb2bb7f0
listsLocal = {{xOff = 8, yOff = 77, len = 6 '\006',
format = 0xb2bb7f0}, {xOff = 0, yOff = 0, len = 0 '\000',
format = 0x0} <repeats 52 times>, {xOff = 24081, yOff = 2064,
len = 0 '\000', format = 0x0}, {xOff = 0, yOff = 0,
len = 0 '\000', format = 0x0}, {xOff = 0, yOff = 0,
len = 0 '\000', format = 0xb62e338}, {xOff = 0, yOff = 0,
len = 0 '\000', format = 0x0}, {xOff = 4084, yOff = 2079,
len = 8 '\b', format = 0xb303cf0}, {xOff = 18536, yOff = -16511,
len = 102 'f', format = 0x8202544}, {xOff = 0, yOff = 0,
len = 136 '\210', format = 0x0}, {xOff = 0, yOff = 0,
len = 0 '\000', format = 0x0}, {xOff = 14369, yOff = 2055,
len = 0 '\000', format = 0x0}, {xOff = 0, yOff = 0,
len = 244 '\364', format = 0xb62e338}, {xOff = 9536, yOff = 2080,
len = 184 '\270', format = 0x8104a2e}}
lists = 0xbf81457c
listsBase = 0xbf814570
glyphsLocal = {0xbb34bb8, 0xb9f2868, 0xb78ace0, 0xbaf1088, 0xbaf1088,
0xbaf1088, 0x0 <repeats 250 times>}
glyph = <value optimised out>
glyphs = 0xbf814188
glyphsBase = 0xbf814170
buffer = <value optimised out>
end = 0xba105b0 "\225\021\003"
nglyph = -1082048120
nlist = 1
space = <value optimised out>
size = <value optimised out>
rc = <value optimised out>
#9 0x08118293 in ProcRenderDispatch (client=0x6) at ../../render/render.c:2051
No locals.
#10 0x0806e087 in Dispatch () at ../../dix/dispatch.c:432
result = <value optimised out>
client = 0xb62e338
nready = 0
start_tick = 260
#11 0x080625ba in main (argc=6, argv=0xbf814a04, envp=0xbf814a20)
at ../../dix/main.c:291
i = 1
alwaysCheckForInput = {0, 1}
Tracked bug down to uxa/uxa-glyphs.c in the xserver-xorg-video-intel
driver. I looked at the latest git of the driver and knocked together
the following patch which seems to work. Not sure of the quality of the
code though:
--- a/uxa/uxa-glyphs.c 2010-06-24 21:29:37.000000000 +0100
+++ b/uxa/uxa-glyphs.c 2010-12-31 19:51:49.000000000 +0000
@@ -164,8 +164,12 @@
INTEL_CREATE_PIXMAP_TILING_X);
if (!pixmap)
goto bail;
- assert (uxa_pixmap_is_offscreen(pixmap));
-
+ if (!uxa_pixmap_is_offscreen(pixmap)) {
+ /* Presume shadow is in-effect */
+ pScreen->DestroyPixmap(pixmap);
+ uxa_unrealize_glyph_caches(pScreen);
+ return TRUE;
+ }
component_alpha = NeedsComponent(pPictFormat->format);
picture = CreatePicture(0, &pixmap->drawable, pPictFormat,
CPComponentAlpha, &component_alpha,
@@ -780,9 +784,8 @@
mask_pixmap =
uxa_get_drawable_pixmap(this_atlas->pDrawable);
- assert (uxa_pixmap_is_offscreen(mask_pixmap));
-
- if (!uxa_screen->info->prepare_composite(op,
+ if (!uxa_pixmap_is_offscreen(mask_pixmap) ||
+ !uxa_screen->info->prepare_composite(op,
localSrc, this_atlas, pDst,
src_pixmap, mask_pixmap, dst_pixmap))
return -1;
@@ -983,9 +986,8 @@
src_pixmap =
uxa_get_drawable_pixmap(this_atlas->pDrawable);
- assert (uxa_pixmap_is_offscreen(src_pixmap));
-
- if (!uxa_screen->info->prepare_composite(PictOpAdd,
+ if (!uxa_pixmap_is_offscreen(src_pixmap) ||
+ !uxa_screen->info->prepare_composite(PictOpAdd,
this_atlas, NULL, mask,
src_pixmap, NULL, pixmap))
return -1;
+
+
+ ---
+ Architecture: i386
+ CurrentDmesg: [ 36.408005] eth0: no IPv6 routers present
+ DRM.card0.DisplayPort.1:
+ status: disconnected
+ enabled: disabled
+ dpms: Off
+ modes:
+ edid-base64:
+ DRM.card0.DisplayPort.2:
+ status: disconnected
+ enabled: disabled
+ dpms: Off
+ modes:
+ edid-base64:
+ DRM.card0.HDMI_Type_A.1:
+ status: disconnected
+ enabled: disabled
+ dpms: Off
+ modes:
+ edid-base64:
+ DRM.card0.HDMI_Type_A.2:
+ status: disconnected
+ enabled: disabled
+ dpms: Off
+ modes:
+ edid-base64:
+ DRM.card0.VGA.1:
+ status: connected
+ enabled: enabled
+ dpms: On
+ modes: 1280x1024 1280x1024 1280x960 1152x864 1024x768 1024x768 1024x768 832x624 800x600 800x600 800x600 800x600 640x480 640x480 640x480 640x480 720x400
+ edid-base64: AP///////wBA5QYXlxMAABcPAQMMIht4LgyVolZMliUaUFS/74CBgIFAcU8AAAAAAAAAAAAAMCoAmFEAKkAwcBMAUg4RAAAeAAAAAAAAAAAAAAAAAAAAAAAAAAAA/QA4Sx9RDgAKICAgICAgAAAA/ABHTlIgVFM3MDAKICAgAJE=
+ DistroRelease: Ubuntu 10.10
+ DkmsStatus:
+ virtualbox-ose, 3.2.8, 2.6.35-24-generic, i686: installed
+ virtualbox-ose, 3.2.8, 2.6.35-23-generic, i686: installed
+ virtualbox-ose, 3.2.8, 2.6.32-26-generic, i686: installed
+ InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release i386 (20091028.5)
+ MachineType: System manufacturer System Product Name
+ Package: xserver-xorg-video-intel 2:2.12.0-1ubuntu5.1 [modified: usr/lib/libI810XvMC.so.1.0.0 usr/lib/libIntelXvMC.so.1.0.0 usr/lib/xorg/modules/drivers/intel_drv.so]
+ PackageArchitecture: i386
+ ProcCmdLine: BOOT_IMAGE=/boot/vmlinuz-2.6.35-24-generic root=UUID=8dc60281-9b37-44b9-98fe-54ce9f16b232 ro quiet splash
+ ProcEnviron:
+ LANG=en_GB.UTF-8
+ SHELL=/bin/bash
+ ProcVersionSignature: Ubuntu 2.6.35-24.42-generic 2.6.35.8
+ Tags: maverick maverick maverick maverick maverick maverick
+ Uname: Linux 2.6.35-24-generic i686
+ UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare video
+ dmi.bios.date: 09/04/2008
+ dmi.bios.vendor: American Megatrends Inc.
+ dmi.bios.version: 0204
+ dmi.board.asset.tag: To Be Filled By O.E.M.
+ dmi.board.name: V-P5G45
+ dmi.board.vendor: ASUSTeK Computer INC.
+ dmi.board.version: Rev 1.xx
+ dmi.chassis.asset.tag: Asset-1234567890
+ dmi.chassis.type: 3
+ dmi.chassis.vendor: Chassis Manufacture
+ dmi.chassis.version: Chassis Version
+ dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr0204:bd09/04/2008:svnSystemmanufacturer:pnSystemProductName:pvrSystemVersion:rvnASUSTeKComputerINC.:rnV-P5G45:rvrRev1.xx:cvnChassisManufacture:ct3:cvrChassisVersion:
+ dmi.product.name: System Product Name
+ dmi.product.version: System Version
+ dmi.sys.vendor: System manufacturer
+ system:
+ distro: Ubuntu
+ codename: maverick
+ architecture: i686
+ kernel: 2.6.35-24-generic
** Attachment added: "BootDmesg.txt"
https://bugs.edge.launchpad.net/bugs/696957/+attachment/1807466/+files/BootDmesg.txt
--
You received this bug notification because you are a member of Ubuntu-X,
which is subscribed to xserver-xorg-video-intel in ubuntu.
https://bugs.launchpad.net/bugs/696957
Title:
[SRU] Large non-antialiased text causes xserver to abort
References
