Bug 441809 - Xv overlay coredump in I830PutImage caused by mplayer -vo xv playback
Summary: Xv overlay coredump in I830PutImage caused by mplayer -vo xv playback
Alias: None
Product: Fedora
Classification: Fedora
Component: xorg-x11-drv-intel
Version: 11
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Adam Jackson
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2008-04-10 09:39 UTC by Zdenek Kabelac
Modified: 2018-04-11 07:29 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-04-27 18:28:40 UTC

Attachments (Terms of Use)

Description Zdenek Kabelac 2008-04-10 09:39:06 UTC
Description of problem:

Playing video with mplayer caused Xorg crash 

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:

Core was generated by `/usr/bin/Xorg :0 -br -verbose -auth
/tmp/.gdm-xauth-gdm.S4T28T -nolisten tcp'.
Program terminated with signal 6, Aborted.
[New process 2798]
#0  0x0000003715432ef5 in raise () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install dbus.x86_64 expat.x86_64
freetype.x86_64 gcc.x86_64 glibc.x86_64 libXau.x86_64 libXdmcp.x86_64
libXfont.x86_64 libcap.x86_64 libdrm.x86_64 libfontenc.x86_64
libpciaccess.x86_64 libselinux.x86_64 mesa.x86_64 openssl.x86_64 pixman.x86_64
xorg-x11-drv-keyboard.x86_64 xorg-x11-drv-mouse.x86_64 zlib.x86_64
(gdb) bt
#0  0x0000003715432ef5 in raise () from /lib64/libc.so.6
#1  0x0000003715434a63 in abort () from /lib64/libc.so.6
#2  0x0000000000460989 in ddxGiveUp () at xf86Init.c:1267
#3  0x00000000004f5d68 in AbortServer () at log.c:406
#4  0x00000000004f6435 in FatalError (f=0x5747a0 "Caught signal %d.  Server
aborting\n") at log.c:552
#5  0x0000000000479e18 in xf86SigHandler (signo=11) at xf86Events.c:766
#6  <signal handler called>
#7  0x00007f1f6f14ef67 in I830PutImage (pScrn=0x826920, src_x=0, src_y=0,
drw_x=<value optimized out>, 
    drw_y=<value optimized out>, src_w=<value optimized out>, src_h=384,
drw_w=512, drw_h=384, id=842094169, 
width=512, height=384, sync=0, 
    clipBoxes=0x7fff78679ae0, data=0x886b80, pDraw=0x1f7c4d0) at i830_video.c:1321
#8  0x000000000048f5a6 in xf86XVPutImage (client=<value optimized out>,
pDraw=0x1f7c4d0, pPort=0x887c10, 
    pGC=<value optimized out>, src_x=-8192, src_y=32139, src_w=32768, src_h=0,
drw_x=0, drw_y=0, drw_w=<value optimized out>, 
    drw_h=<value optimized out>, format=0x8879d0, 
sync=0, width=<value optimized out>, 
    height=<value optimized out>) at xf86xv.c:1767
#9  0x00007f1f70012b1b in ?? ()
#10 0x0000000000000200 in ?? ()
#11 0x0000000000000180 in ?? ()
#12 0x0000000000000000 in ?? ()

Comment 1 Zdenek Kabelac 2008-04-10 12:15:38 UTC
this bug seems to be fixed by this commit in Xorg git:


Comment 2 Bug Zapper 2008-05-14 09:14:04 UTC
Changing version to '9' as part of upcoming Fedora 9 GA.
More information and reason for this action is here:

Comment 3 Zdenek Kabelac 2009-01-27 10:34:09 UTC
this bug is still present in the latest  Xorg server released in fedora rawhide

Happens with mplayer and using these xorg.conf options
(frankly  textured video is not usable for video playback and these options should be most probably default for Intel graphics as the tearing with modern 2GHz cpus is not even funny)

        Option	    "XvPreferOverlay" "true"
	Option	    "XvMCSurfaces" "6"

#0  memcpy () at ../sysdeps/x86_64/memcpy.S:392
392		movq	  (%rsi), %rax
(gdb) bt
#0  memcpy () at ../sysdeps/x86_64/memcpy.S:392
#1  0x00007f0dd4e5dda6 in I830PutImage (pScrn=0xd8c6d0, src_x=0, src_y=0, drw_x=957, drw_y=446, src_w=<value optimized out>, src_h=288, drw_w=512, 
    drw_h=288, id=842094169, 
    buf=0x7f0dc1439000 "#&***)('$$\"!\"#$%%&(()('''!\036\037\035\034\031\031\036!\037\037$'''&*./4<EJMX\\abcdcehjkllllmllnnooprstttstuvvwxyyy{}~~~\177\200\201\201\201\201\202\204\204\205\207\210\211\210\211\212\212\212\211\210\206\205\206\207\211\213\213\213\213\213\213\212\212\213\215\215\213\213\213\213\213\213\213\214\216\220\221\222\220\221\223\221\222\223\223\223\222\221\223\222\223\221\216\216\217\220\220\224\230\227\227\232\236\236\234\226\215\212\206\203\202\201\202\200{uqmklorrqprsuvwz}~\200\201\202\204\207"..., width=512, height=288, sync=0, clipBoxes=0x7fffe1ca3a90, data=0xdf0bb0, 
    pDraw=0x301f260) at i830_video.c:2458
#2  0x0000000000494486 in xf86XVPutImage (client=<value optimized out>, pDraw=0x301f260, pPort=0xdf19f0, pGC=<value optimized out>, src_x=-4096, 
    src_y=20473, src_w=512, src_h=31861, drw_x=0, drw_y=0, drw_w=<value optimized out>, drw_h=<value optimized out>, format=0xdf1560, 
    data=0x7f0dc1439000 "#&***)('$$\"!\"#$%%&(()('''!\036\037\035\034\031\031\036!\037\037$'''&*./4<EJMX\\abcdcehjkllllmllnnooprstttstuvvwxyyy{}~~~\177\200\201\201\201\201\202\204\204\205\207\210\211\210\211\212\212\212\211\210\206\205\206\207\211\213\213\213\213\213\213\212\212\213\215\215\213\213\213\213\213\213\213\214\216\220\221\222\220\221\223\221\222\223\223\223\222\221\223\222\223\221\216\216\217\220\220\224\230\227\227\232\236\236\234\226\215\212\206\203\202\201\202\200{uqmklorrqprsuvwz}~\200\201\202\204\207"..., sync=0, width=<value optimized out>, height=<value optimized out>)
    at xf86xv.c:1768
#3  0x00007f0dd5b5b63b in ProcXvShmPutImage (client=0x4634500) at xvdisp.c:1171
#4  0x00000000004473f4 in Dispatch () at dispatch.c:437
#5  0x000000000042cdcd in main (argc=4, argv=0x7fffe1ca3d58, envp=<value optimized out>) at main.c:383

Also this problem might be kind of related to the fact, that usually the first run of mplayer shows weird damaged picture - all next runs seems to be 'viewable' :)

Comment 4 Zdenek Kabelac 2009-01-27 11:19:35 UTC
And as the code in  i830_memory.c has significantly changed in the function i830_allocate_agp_memory I cannot check if the commit mentioned above has any relation to this bugreport - however as a minor note which could be worth fixing:

function: i830_allocate_xvmc_buffer   (compiled with INTEL_XVMC)
has this sequence:

    if (!i830_bind_memory(pScrn, *buffer))
	return FALSE;

IMHO i830_free_memory(pScrn, *buffer); is missing in this return path

But its probably not related to my bugreport.

Also another weird thing could be seen in the function: i830_allocate_memory_bo
Which also doesn't call i830_free_memory and instead does its 'own' way of freeing resources in IMHO incompatible way. (also this is just my wild guess from fast look into this code)

And here is the version of Xorg server I'm using for now:

Comment 5 Bug Zapper 2009-06-09 09:32:22 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.

More information and reason for this action is here:

Comment 6 Vedran Miletić 2009-09-06 07:27:08 UTC
In Fedora 11 package is named xorg-x11-drv-intel. Changing bugs apropriately.

Comment 7 Matěj Cepl 2009-11-05 18:19:14 UTC
Since this bugzilla report was filed, there have been several major updates in various components of the Xorg system, which may have resolved this issue. Users who have experienced this problem are encouraged to upgrade their system to the latest version of their packages. For packages from updates-testing repository you can use command

yum upgrade --enablerepo='*-updates-testing'

Alternatively, you can also try to test whether this bug is reproducible with the upcoming Fedora 12 distribution by downloading LiveMedia of F12 Beta available at http://alt.fedoraproject.org/pub/alt/nightly-composes/ . By using that you get all the latest packages without need to install anything on your computer. For more information on using LiveMedia take a look at https://fedoraproject.org/wiki/FedoraLiveCD .

Please, if you experience this problem on the up-to-date system, let us now in the comment for this bug, or whether the upgraded system works for you.

If you won't be able to reply in one month, I will have to close this bug as INSUFFICIENT_DATA. Thank you.

[This is a bulk message for all open Fedora Rawhide Xorg-related bugs. I'm adding myself to the CC list for each bug, so I'll see any comments you make after this and do my best to make sure every issue gets proper attention.]

Comment 8 Zdenek Kabelac 2009-11-05 23:42:05 UTC
I think this bug has been already fixed and could be safely closed

Comment 9 Bug Zapper 2010-04-27 11:59:26 UTC
This message is a reminder that Fedora 11 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 11.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '11'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 11's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 11 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 

Comment 10 Adam Jackson 2010-04-27 18:28:40 UTC
Closing per comment #8.

Note You need to log in before you can comment on or make changes to this bug.