[Bug 100086] xorg server 1.19.2: Crash with PRIME and multiple displays
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Fri Nov 15 15:27:26 UTC 2019
https://bugs.freedesktop.org/show_bug.cgi?id=100086
--- Comment #24 from Peter Wu <peter at lekensteyn.nl> ---
The crash can still be reproduced with Intel + modesetting. On Arch Linux with
xf86-video-intel 1:2.99.917+893+gbff5eca4-1 and xorg-server 1.20.5-4 it
resulted in an instant segfault on connecting an external monitor. That instant
occurrence is likely due to the "autobind GPUs to the screen" patch.
With pristine xorg-server 1.20.5 + a glvnd build patch, and xf86-video-intel
2.99.917-893-gbff5eca4 from git, the following ASAN trace is observable after:
xrandr --setprovideroutputsource modesetting Intel
xrandr --output HDMI-1-1 --mode 2560x1440 # should not crash
I'll submit the updated patch to the list.
==369074==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x6120001ad918 at pc 0x7f33f0a08153 bp 0x7ffd89f50630 sp 0x7ffd89f50620
READ of size 8 at 0x6120001ad918 thread T0
#0 0x7f33f0a08152 in to_sna_from_pixmap ../../../src/sna/sna.h:521
#1 0x7f33f0a08152 in sna_pixmap_move_to_gpu
../../../src/sna/sna_accel.c:4222
#2 0x7f33f0a57f3f in sna_accel_post_damage
../../../src/sna/sna_accel.c:17773
#3 0x7f33f0a5c561 in sna_accel_block ../../../src/sna/sna_accel.c:18414
#4 0x7f33f0acce2e in sna_block_handler ../../../src/sna/sna_driver.c:777
#5 0x55bc9c56e97c in BlockHandler ../xorg-server-1.20.5/dix/dixutils.c:388
#6 0x55bc9c80ecc0 in WaitForSomething
../xorg-server-1.20.5/os/WaitFor.c:201
#7 0x55bc9c55edb7 in Dispatch ../xorg-server-1.20.5/dix/dispatch.c:421
#8 0x55bc9c56cd9c in dix_main ../xorg-server-1.20.5/dix/main.c:276
#9 0x7f33f4c21152 in __libc_start_main (/usr/lib/libc.so.6+0x27152)
#10 0x55bc9c4b264d in _start (/tmp/nv/xprefix2/bin/Xorg.bin+0xdd64d)
0x6120001ad918 is located 56 bytes to the right of 288-byte region
[0x6120001ad7c0,0x6120001ad8e0)
allocated by thread T0 here:
#0 0x7f33f5432aca in __interceptor_malloc
/build/gcc/src/gcc/libsanitizer/asan/asan_malloc_linux.cc:144
#1 0x55bc9c5bedbf in _dixAllocateScreenObjectWithPrivates
../xorg-server-1.20.5/dix/privates.c:709
#2 0x55bc9c5df890 in CreateRootWindow
../xorg-server-1.20.5/dix/window.c:571
#3 0x55bc9c56cb12 in dix_main ../xorg-server-1.20.5/dix/main.c:220
#4 0x7f33f4c21152 in __libc_start_main (/usr/lib/libc.so.6+0x27152)
--
You are receiving this mail because:
You are the QA Contact for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/intel-gfx-bugs/attachments/20191115/5ef4a4e7/attachment.html>
More information about the intel-gfx-bugs
mailing list