Bug 4859

Summary: Signal 11 at startup with Matrox G450
Product: xorg Reporter: Tony Houghton <h>
Component: Driver/mgaAssignee: Adam Jackson <ajax>
Status: RESOLVED FIXED QA Contact:
Severity: critical    
Priority: high CC: mharris, michal.jnn
Version: 6.8.2   
Hardware: x86 (IA32)   
OS: Linux (All)   
Whiteboard:
i915 platform: i915 features:
Bug Depends on:    
Bug Blocks: 1690    
Attachments:
Description Flags
Patch to fix this bug in 6.8.2 none

Description Tony Houghton 2005-10-24 07:32:45 UTC 
The server catches a signal 11 at startup on my Matrox G450. It was working fine
with an identical config with XFree86 4.x until a Debian upgrade replaced it
with X.org. I installed the static debugging Debian package and ran it via a gdb
 wrapper script to get as much info as possible:

(gdb) Reading symbols from /usr/X11R6/bin/Xorg-debug...done.
Using host libthread_db library "/lib/tls/libthread_db.so.1".
(gdb) (gdb) Signal        Stop  Print   Pass to program Description
SIGUSR1       No        Yes     Yes             User defined signal 1
(gdb) Signal        Stop        Print   Pass to program Description
SIGUSR2       No        Yes     Yes             User defined signal 2
(gdb) Signal        Stop        Print   Pass to program Description
SIGPIPE       No        Yes     Yes             Broken pipe
(gdb) Starting program: /usr/X11R6/bin/Xorg-debug -dpi 100 -nolisten tcp

X Window System Version 6.8.2 (Debian (non-modularized) 6.8.2.dfsg.1-9
20051014051248 David Nusinow <dnusinow@debian.org>)
Release Date: 9 February 2005
X Protocol Version 11, Revision 0, Release 6.8.2
Build Operating System: Linux 2.6.12-1-686 i686 [ELF]
Current Operating System: Linux bedroom 2.6.13 #1 Tue Sep 13 21:08:50 BST 2005 i686
Build Date: 14 October 2005
        Before reporting problems, check http://wiki.X.Org
        to make sure that you have the latest version.
OS Kernel: Linux version 2.6.13 (tony@bedroom) (gcc version 4.0.1 (Debian
4.0.1-2)) #1 Tue Sep 13 21:08:50 BST 2005 T
Markers: (--) probed, (**) from config file, (==) default setting,
        (++) from command line, (!!) notice, (II) informational,
        (WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Mon Oct 24 15:19:32 2005
(==) Using config file: "/etc/X11/xorg.conf"
(WW) MGA(0): Failed to set up write-combining range (0xd8000000,0x2000000)

Program received signal SIGSEGV, Segmentation fault.
0x08392036 in xf86DoEDID_DDC2 (scrnIndex=0, pBus=0x8ba6b00) at xf86DDC.c:217
217     xf86DDC.c: No such file or directory.
        in xf86DDC.c
(gdb) Undefined command: "module".  Try "help".
(gdb) #0  0x08392036 in xf86DoEDID_DDC2 (scrnIndex=0, pBus=0x8ba6b00)
    at xf86DDC.c:217
#1  0x0804e6f3 in MGAdoDDC (pScrn=0x8ba4770) at mga_driver.c:1063
#2  0x08050649 in MGAPreInit (pScrn=0x8ba4770, flags=0) at mga_driver.c:1996
#3  0x084a23bd in InitOutput (pScreenInfo=0x8b8d140, argc=5, argv=0xbfc97f94)
    at xf86Init.c:624
#4  0x085297c0 in main (argc=5, argv=0xbfc97f94, envp=0xbfc97fac) at main.c:365
(gdb) Continuing.

Fatal server error:
Caught signal 11.  Server aborting


Please consult the The X.Org Foundation support
         at http://wiki.X.Org
 for help.
Please also check the log file at "/var/log/Xorg.0.log" for additional information.


Program received signal SIGABRT, Aborted.
0xb7dbfa27 in raise () from /lib/tls/libc.so.6
Comment 1 Adam Jackson 2005-10-24 12:13:24 UTC 
line 217 contains the following gem:

    VDIF_Block =
        VDIFRead(scrnIndex, pBus, EDID1_LEN * (tmp->no_sections + 1));

we do not check that tmp is non-null.  we get it from xf86InterpretEDID, which
can definitely return null, so that's pretty awesome.  should probably wrap that
stanza in if (tmp).
Comment 2 Tony Houghton 2005-11-08 14:34:11 UTC 
Created attachment 3742 [details] [review]
Patch to fix this bug in 6.8.2

I added a check for tmp being NULL as suggested, and the server now starts
successfully. This is a patch against the Debian package version
6.8.2.dfsg.1-1.
Comment 3 Adam Jackson 2005-11-19 04:59:39 UTC 
applied, thanks!
Comment 4 Adam Jackson 2005-11-30 16:06:10 UTC 
*** Bug 5133 has been marked as a duplicate of this bug. ***

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.