[Bug 698125] New: Xvfb crashes in miInitVisuals ()
https://bugzilla.novell.com/show_bug.cgi?id=698125 https://bugzilla.novell.com/show_bug.cgi?id=698125#c0 Summary: Xvfb crashes in miInitVisuals () Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: x86-64 OS/Version: openSUSE 11.4 Status: NEW Severity: Critical Priority: P5 - None Component: X.Org AssignedTo: bnc-team-xorg-bugs@forge.provo.novell.com ReportedBy: giecrilj@stegny.2a.pl QAContact: xorg-maintainer-bugs@forge.provo.novell.com Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1 The X windows virtual frame buffer server crashes with the default depth preset to 2. Reproducible: Always Steps to Reproduce: 1. { gdb Xvfb; } 2. { run :1 -screen 0 10x10x2; } Actual Results: 2. Starting program: /usr/bin/Xvfb :1 -screen 0 10x10x2 [Thread debugging using libthread_db enabled] Program received signal SIGSEGV, Segmentation fault. 0x0000000000543830 in miInitVisuals () (gdb) bt #0 0x0000000000543830 in miInitVisuals () #1 0x00000000004fc502 in fbInitVisuals () #2 0x000000000041f2fb in fbFinishScreenInit () #3 0x000000000041f5d6 in fbScreenInit () #4 0x000000000041c87b in ?? () #5 0x000000000050daa8 in AddScreen () #6 0x000000000041dccf in InitOutput () #7 0x00000000004fc6ed in ?? () #8 0x00007ffff67c4bfd in __libc_start_main (main=0x4fc510, argc=5, ubp_av=0x7fffffffdc68, init=<value optimized out>, fini=<value optimized out>, rtld_fini=<value optimized out>, stack_end=0x7fffffffdc58) at libc-start.c:226 #9 0x000000000041c189 in _start () Expected Results: 2, The server should not crash. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=698125 https://bugzilla.novell.com/show_bug.cgi?id=698125#c Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium Status|NEW |ASSIGNED AssignedTo|bnc-team-xorg-bugs@forge.pr |sndirsch@novell.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=698125 https://bugzilla.novell.com/show_bug.cgi?id=698125#c1 Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO InfoProvider| |giecrilj@stegny.2a.pl Summary|Xvfb crashes in |Xvfb crashes in |miInitVisuals () |miInitVisuals () with | |1/4bit color depth. --- Comment #1 from Stefan Dirsch <sndirsch@novell.com> 2011-06-06 09:32:21 UTC --- I'm wondering what's the use case for 2 bit color depth. 8, 15, 16, 24 bit sounds reasonable to me. Maybe also 1 and 4 bit (which is also broken I figured out meanwhile), but 2 bit? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=698125 https://bugzilla.novell.com/show_bug.cgi?id=698125#c2 --- Comment #2 from Christopher Yeleighton <giecrilj@stegny.2a.pl> 2011-06-06 12:03:57 UTC --- I think I can disclose that we produce 4-color compressed hi-res raster images. The problem is urgent, so I am going to look into it myself anyway; the trouble is the debugging information in Xvfb is too scarce. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=698125 https://bugzilla.novell.com/show_bug.cgi?id=698125#c Stefan Dirsch <sndirsch@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|giecrilj@stegny.2a.pl | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=698125 https://bugzilla.novell.com/show_bug.cgi?id=698125#c3 --- Comment #3 from Christopher Yeleighton <giecrilj@stegny.2a.pl> 2011-06-06 22:07:09 UTC --- using xorg-x11-server-7.6_1.9.3-15.18.4 Program received signal SIGSEGV, Segmentation fault. 0x0000000000543830 in miInitVisuals (visualp=0x7fffffffe478, depthp=0x7fffffffe470, nvisualp=0x7fffffff0001, ndepthp=<value optimized out>, rootDepthp=0x7fffffffe484, defaultVisp=0x7fffffffe480, sizes=128, bitsPerRGB=8, preferredVis=-1) at micmap.c:664 664 *defaultVisp = depth[i].vids[j]; #0 0x0000000000543830 in miInitVisuals (visualp=0x7fffffffe478, depthp=0x7fffffffe470, nvisualp=0x7fffffff0001, ndepthp=<value optimized out>, rootDepthp=0x7fffffffe484, defaultVisp=0x7fffffffe480, sizes=128, bitsPerRGB=8, preferredVis=-1) at micmap.c:664 #1 0x00000000004fc502 in fbInitVisuals (visualp=<value optimized out>, depthp=<value optimized out>, nvisualp=<value optimized out>, ndepthp=<value optimized out>, rootDepthp=<value optimized out>, defaultVisp=<value optimized out>, sizes=128, bitsPerRGB=8) at ../../fb/fbcmap_mi.c:122 #2 0x000000000041f2fb in fbFinishScreenInit (pScreen=0x7ebf30, pbits=0x7ec360, xsize=10, ysize=10, dpix=100, dpiy=100, width=12, bpp=8) at fbscreen.c:226 #3 0x000000000041f5d6 in fbScreenInit (pScreen=0x7ebf30, pbits=0x7ec360, xsize=10, ysize=10, dpix=100, dpiy=100, width=12, bpp=8) at fbscreen.c:283 #4 0x000000000041c87b in vfbScreenInit (index=<value optimized out>, pScreen=0x7ebf30, argc=<value optimized out>, argv=<value optimized out>) at InitOutput.c:871 #5 0x000000000050daa8 in AddScreen (pfnInit=<value optimized out>, argc=5, argv=0x7fffffffe798) at dispatch.c:3919 #6 0x000000000041dccf in InitOutput (screenInfo=<value optimized out>, argc=5, argv=0x7fffffffe798) at InitOutput.c:970 #7 0x00000000004fc6ed in main (argc=5, argv=<value optimized out>, envp=<value optimized out>) at main.c:209 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=698125 https://bugzilla.novell.com/show_bug.cgi?id=698125#c4 --- Comment #4 from Christopher Yeleighton <giecrilj@stegny.2a.pl> 2011-06-17 14:03:42 UTC --- because depth[i].vids == NULL (when built with -O0) this should be set in micmap.c:565 but it is not reached because miVisuals->count == 0 at micmap.c:563 (each time) miVisuals is static at micmap.c:376, to be set at micmap.c:420 but then visuals == 0 (parameter), so count gets 0 too now, miSetVisualTypes is called * from miSetPixmapDepths (with visuals=0) * from miInitVisuals, but only if (!miVisuals), which is not the case even if the server does not crash However, it is successfully called from vfbScreenInit. The code of vfbSceenInit (hw/vfb/InitOutput.c:832) explicitly supports some depths but not others: <<< switch (pvfb->depth) { case 8: miSetVisualTypesAndMasks (8, ((1 << StaticGray) | (1 << GrayScale) | (1 << StaticColor) | (1 << PseudoColor) | (1 << TrueColor) | (1 << DirectColor)), 8, PseudoColor, 0, 0, 0); break; case 15: miSetVisualTypesAndMasks (15, ((1 << TrueColor) | (1 << DirectColor)), 8, TrueColor, 0x7c00, 0x03e0, 0x001f); break; case 16: miSetVisualTypesAndMasks (16, ((1 << TrueColor) | (1 << DirectColor)), 8, TrueColor, 0xf800, 0x07e0, 0x001f); break; case 24: miSetVisualTypesAndMasks (24, ((1 << TrueColor) | (1 << DirectColor)), 8, TrueColor, 0xff0000, 0x00ff00, 0x0000ff); break; case 30: miSetVisualTypesAndMasks (30, ((1 << TrueColor) | (1 << DirectColor)), 10, TrueColor, 0x3ff00000, 0x000ffc00, 0x000003ff); break; }
If the declared depth is not one of them, Xvfb crashes. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=698125 https://bugzilla.novell.com/show_bug.cgi?id=698125#c5 Christopher Yeleighton <giecrilj@stegny.2a.pl> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED URL| |https://bugs.freedesktop.or | |g/show_bug.cgi?id=38420 Resolution| |UPSTREAM --- Comment #5 from Christopher Yeleighton <giecrilj@stegny.2a.pl> 2011-06-17 18:02:12 UTC --- This particular code fragment is obviously wrong in not providing a default handler and it is not patched. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com