16060 – glint 1.2.0 driver segfaults with 1.4.0.90 and 1.3.0.0

Bug 16060 - glint 1.2.0 driver segfaults with 1.4.0.90 and 1.3.0.0

Summary: glint 1.2.0 driver segfaults with 1.4.0.90 and 1.3.0.0

Status:	RESOLVED FIXED

Alias:	None

Product:	xorg
Classification:	Unclassified
Component:	Driver/glint (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	medium normal
Assignee:	Xorg Project Team
QA Contact:	Xorg Project Team

URL:	http://gitweb.freedesktop.org/?p=xorg...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2008-05-22 06:28 UTC by Tobias Klausmann
Modified:	2008-06-30 08:51 UTC (History)
CC List:	1 user (show)

See Also:
i915 platform:
i915 features:

Attachments
patch (544 bytes, patch) 2008-06-23 15:13 UTC, Julien Cristau	no flags	Details \| Splinter Review
View All

Description Tobias Klausmann 2008-05-22 06:28:03 UTC

# X -config /root/xorg.conf.new

This is a pre-release version of the X server from The X.Org Foundation.
It is not supported in any way.
Bugs may be filed in the bugzilla at http://bugs.freedesktop.org/.
Select the "xorg" product for bugs you find in this release.
Before reporting bugs in pre-release versions please check the
latest version in the X.Org Foundation git repository.
See http://wiki.x.org/wiki/GitPage for git access instructions.

X.Org X Server 1.4.0.90
Release Date: 5 September 2007
X Protocol Version 11, Revision 0
Build Operating System: Linux 2.6.26-rc2 alpha 
Current Operating System: Linux dragunov 2.6.26-rc2 #1 Thu May 15 20:58:00 CEST 2008 alpha
Build Date: 22 May 2008  01:46:50PM
 
	Before reporting problems, check http://wiki.x.org
	to make sure that you have the latest version.
Module Loader present
Markers: (--) probed, (**) from config file, (==) default setting,
	(++) from command line, (!!) notice, (II) informational,
	(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Thu May 22 14:50:36 2008
(++) Using config file: "/root/xorg.conf.new"

Backtrace:
0: X [0x1200ffce4]
1: X(xf86SigHandler+0xf4) [0x1200ffc6c]
2: /lib/libc.so.6.1 [0x200003c39d0]
3: /usr/lib/xorg/modules/drivers//glint_drv.so [0x200007eaaa8]
4: X(InitOutput+0xc98) [0x1200a0028]
5: X(main+0x5b8) [0x120035dc0]
6: /lib/libc.so.6.1(__libc_start_main+0xe0) [0x200003ab5a0]
7: X(__start+0x38) [0x1200356c8]

Fatal server error:
Caught signal 11.  Server aborting

Aborted (core dumped)
[root@dragunov ~]# gdb X core
GNU gdb 6.8
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "alpha-unknown-linux-gnu"...
Reading symbols from /lib/libdl.so.2.1...done.
Loaded symbols for /lib/libdl.so.2.1
Reading symbols from /usr/lib/libXfont.so.1...done.
Loaded symbols for /usr/lib/libXfont.so.1
Reading symbols from /usr/lib/libfreetype.so.6...done.
Loaded symbols for /usr/lib/libfreetype.so.6
Reading symbols from /usr/lib/libXau.so.6...done.
Loaded symbols for /usr/lib/libXau.so.6
Reading symbols from /usr/lib/libfontenc.so.1...done.
Loaded symbols for /usr/lib/libfontenc.so.1
Reading symbols from /lib/libz.so.1...done.
Loaded symbols for /lib/libz.so.1
Reading symbols from /usr/lib/libpixman-1.so.0...done.
Loaded symbols for /usr/lib/libpixman-1.so.0
Reading symbols from /usr/lib/libhal.so.1...done.
Loaded symbols for /usr/lib/libhal.so.1
Reading symbols from /usr/lib/libdbus-1.so.3...done.
Loaded symbols for /usr/lib/libdbus-1.so.3
Reading symbols from /usr/lib/libXdmcp.so.6...done.
Loaded symbols for /usr/lib/libXdmcp.so.6
Reading symbols from /lib/libm.so.6.1...done.
Loaded symbols for /lib/libm.so.6.1
Reading symbols from /lib/librt.so.1...done.
Loaded symbols for /lib/librt.so.1
Reading symbols from /lib/libc.so.6.1...done.
Loaded symbols for /lib/libc.so.6.1
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /lib/libpthread.so.0...done.
Loaded symbols for /lib/libpthread.so.0
Reading symbols from /usr/lib/xorg/modules/libpcidata.so...done.
Loaded symbols for /usr/lib/xorg/modules//libpcidata.so
Reading symbols from /usr/lib/xorg/modules/extensions/libxtrap.so...done.
Loaded symbols for /usr/lib/xorg/modules/extensions//libxtrap.so
Reading symbols from /usr/lib/xorg/modules/extensions/libglx.so...done.
Loaded symbols for /usr/lib/xorg/modules/extensions//libglx.so
Reading symbols from /usr/lib/xorg/modules/extensions/librecord.so...done.
Loaded symbols for /usr/lib/xorg/modules/extensions//librecord.so
Reading symbols from /usr/lib/xorg/modules/extensions/libextmod.so...done.
Loaded symbols for /usr/lib/xorg/modules/extensions//libextmod.so
Reading symbols from /usr/lib/xorg/modules/extensions/libdri.so...done.
Loaded symbols for /usr/lib/xorg/modules/extensions//libdri.so
Reading symbols from /usr/lib/libdrm.so.2...done.
Loaded symbols for /usr/lib/libdrm.so.2
Reading symbols from /usr/lib/xorg/modules/extensions/libdbe.so...done.
Loaded symbols for /usr/lib/xorg/modules/extensions//libdbe.so
Reading symbols from /usr/lib/xorg/modules/fonts/libtype1.so...done.
Loaded symbols for /usr/lib/xorg/modules/fonts//libtype1.so
Reading symbols from /usr/lib/xorg/modules/fonts/libfreetype.so...done.
Loaded symbols for /usr/lib/xorg/modules/fonts//libfreetype.so
Reading symbols from /usr/lib/xorg/modules/drivers/glint_drv.so...done.
Loaded symbols for /usr/lib/xorg/modules/drivers//glint_drv.so
Reading symbols from /usr/lib/xorg/modules/input/mouse_drv.so...done.
Loaded symbols for /usr/lib/xorg/modules/input//mouse_drv.so
Reading symbols from /usr/lib/xorg/modules/input/kbd_drv.so...done.
Loaded symbols for /usr/lib/xorg/modules/input//kbd_drv.so
Reading symbols from /usr/lib/gcc/alpha-unknown-linux-gnu/4.2.3/libgcc_s.so.1...done.
Loaded symbols for /usr/lib/gcc/alpha-unknown-linux-gnu/4.2.3/libgcc_s.so.1
Core was generated by `X -config /root/xorg.conf.new'.
Program terminated with signal 6, Aborted.
[New process 10061]
#0  0x00000200003c2238 in raise () from /lib/libc.so.6.1
(gdb) bt
#0  0x00000200003c2238 in raise () from /lib/libc.so.6.1
#1  0x00000200003c3b58 in abort () from /lib/libc.so.6.1
#2  0x00000001200a1aa8 in ddxGiveUp () at xf86Init.c:1063
#3  0x00000001200a1c0c in AbortDDX () at xf86Init.c:1112
#4  0x00000001202b056c in AbortServer () at log.c:406
#5  0x00000001202b0b1c in FatalError (f=0x0) at log.c:552
#6  0x00000001200ffc84 in xf86SigHandler (signo=11) at xf86Events.c:766
#7  0x00000200003c39d0 in ?? () from /lib/libc.so.6.1
#8  0x00000200007eaaa8 in GLINTPreInit (pScrn=0x12045d4e0, flags=0) at glint_driver.c:1411
#9  0x00000001200a0028 in InitOutput (pScreenInfo=0x1204445a8, argc=3, argv=0x11fc83448) at xf86Init.c:538
#10 0x0000000120035dc0 in main (argc=3, argv=0x11fc83448, envp=0x11fc83468) at main.c:369
(gdb) quit


Version 1.1.1 of the driver works fine.

Comment 1 Tobias Klausmann 2008-05-23 10:36:58 UTC

Armin and I narrowed it down to this commit:

http://gitweb.freedesktop.org/?p=xorg/driver/xf86-video-glint.git;a=commit;h=c4b0de8dc27ce4c3145dca36f75f3b3e4fdd20b9

Unfortunately, my knowledge of the guts of libpciaccess and the glint chip is nonexistant, so I can't really narrow it down further. I'm quite willing to test patches, though.

Comment 2 Julien Cristau 2008-06-23 15:10:21 UTC

On Fri, May 23, 2008 at 10:36:58 -0700, bugzilla-daemon@freedesktop.org wrote:

> --- Comment #1 from Tobias Klausmann <klausman-gentoo@schwarzvogel.de>  2008-05-23 10:36:58 PST ---
> Armin and I narrowed it down to this commit:
> 
> http://gitweb.freedesktop.org/?p=xorg/driver/xf86-video-glint.git;a=commit;h=c4b0de8dc27ce4c3145dca36f75f3b3e4fdd20b9
> 
> Unfortunately, my knowledge of the guts of libpciaccess and the glint chip is
> nonexistant, so I can't really narrow it down further. I'm quite willing to
> test patches, though.
> 
Can you test the following:

diff --git a/src/glint_driver.c b/src/glint_driver.c
index eb375ec..47127f9 100644
--- a/src/glint_driver.c
+++ b/src/glint_driver.c
@@ -1408,7 +1408,7 @@ GLINTPreInit(ScrnInfoPtr pScrn, int flags)
        pGlint->IOAddress = pGlint->pEnt->device->IOBase;
        from = X_CONFIG;
     } else {
-       pGlint->IOAddress = PCI_REGION_BASE(pGlint->MultiPciInfo[0], 0, REGION_M
+       pGlint->IOAddress = PCI_REGION_BASE(pGlint->PciInfo, 0, REGION_MEM) & 0x
     }
 
     if ((IS_J2000) && (pGlint->Chipset == PCI_VENDOR_3DLABS_CHIP_GAMMA)) {

The corresponding change in the pciaccess conversion looks suspicious.

Thanks,
Julien

Comment 3 Julien Cristau 2008-06-23 15:13:14 UTC

Created attachment 17336 [details] [review]
patch

Comment 4 Julien Cristau 2008-06-23 15:13:54 UTC

(In reply to comment #2) 
> Can you test the following:

the patch was messed up in email, so i've attached it this time.

Comment 5 Raúl Porcel 2008-06-30 06:59:57 UTC

Works fine! Thanks.

(II) LoadModule: "glint"
(II) Loading /usr/lib/xorg/modules/drivers//glint_drv.so
(II) Module glint: vendor="X.Org Foundation"
        compiled for 1.3.0, module version = 1.2.0
        Module class: X.Org Video Driver
        ABI class: X.Org Video Driver, version 1.2

Comment 6 Julien Cristau 2008-06-30 08:51:11 UTC

> --- Comment #5 from Raúl Porcel <armin76@gentoo.org>  2008-06-30 06:59:57 PST ---
> Works fine! Thanks.
> 
Thanks for testing; I pushed the patch to master.

commit 9c4f5ec0c8a5b48b9b923798175cc6e66932f8ed
Author: Julien Cristau <jcristau@debian.org>
Date:   Tue Jun 24 03:17:32 2008 +0200

    Fix regression from pciaccess conversion (bug#16060)

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.