Random freeze when using gl application

Bug #788730 reported by Mathieu Virbel on 2011-05-26
This bug affects 2 people
Affects Status Importance Assigned to Milestone
mesa (Ubuntu)

Bug Description

The following bug don't impact me directly because i'm a nvidia user. But i got lot of people complaining about a random freeze when using opengl application. I've been able to track down the bug. It's actually reported at :


Ubuntu ship Mesa 7.10.2, and it seem they got a bug when reading builtin.
1. in src/glsl/builtin_functions.cpp:38, they are creating a fakeCtx, but never initialize it, except API
2. 4 lines after, this unitialized context is used by _mesa_glsl_parse_state()
3. in src/glsl/glsl_parser_extras.cpp:98, the highest_version is read from the fake context... and so you can random value. It can be very high in some case like 135840965
4. few lines after, they are doing a loop, and generate a string of supported glsl version. Unfortunatly, the loop is too big to be finished, and the string became really really big... and it's freeze here. (strlen issue ? dunno.)

So here we are, to prevent that, i've tryed to initialize part of the structure used in _mesa_glsl_parse_state.

--- src/glsl/builtin_function.cpp.before 2011-05-26 18:54:01.299953729 +0200
+++ src/glsl/builtin_function.cpp 2011-05-26 18:54:44.730017427 +0200
@@ -37,6 +37,8 @@
    struct gl_context fakeCtx;
    fakeCtx.API = API_OPENGL;
+ fakeCtx.Const.GLSLVersion = 120;
+ fakeCtx.Extensions.ARB_ES2_compatibility = 0;
    gl_shader *sh = _mesa_new_shader(NULL, 0, target);
    struct _mesa_glsl_parse_state *st =
       new(sh) _mesa_glsl_parse_state(&fakeCtx, target, sh);

I'm not sure at all that this will be ok for everyone, but it's resolving the current freeze, by using initialized value...

Related branches

tags: added: patch
Bryce Harrington (bryce) wrote :

@Chris, this bug has a patch. Please review and include in your mesa merge if it looks suitable.

Also, if it does look good can you file an SRU and upload to natty-proposed?

Changed in mesa (Ubuntu):
assignee: nobody → Chris Halse Rogers (raof)
assignee: Chris Halse Rogers (raof) → nobody
status: New → Triaged
Chris Halse Rogers (raof) wrote :

This is fixed in the newer 7.10 snapshot. Should be uploaded early this week.

Changed in mesa (Ubuntu):
status: Triaged → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (4.5 KiB)

This bug was fixed in the package mesa - 7.10.3-0ubuntu1

mesa (7.10.3-0ubuntu1) oneiric; urgency=low

  * New upstream 7.10.3 bugfix release.
   - Fixes infinite loop in GLSL compiler (LP: #788730)
  * Merge with Debian unstable. Remaining Ubuntu changes:
   - debian/control
      + Drop lesstif-dev from Build-Depends; it's in Universe.
      + Comment out GLw libs since it depends on lesstif-dev.
      + Drop i686 swx11 libgl package.
      + Add libdrm-dev to mesa-common-dev Depends.
    - debian/rules
      + Use --disable-glw for swx11 targets too.
      + Don't enable motif for swx11 targets.
      + Use lzma compression for binary debs to save CD space.
      + Drop unloved mach64 driver.
      + Install both r300/r300g and r600/r600g
      + Use --enable-shared-dricore to claw back CD space.
    - debian/patches
      + 100_no_abi_tag.patch
      + 101_ubuntu_hidden_glname.patch
      + 103_savage-expose_fbmodes_with_nonzero_alpha.patch
    - rules, libgl1-mesa-{glx,dev,swx11,swx11-dev}.install.in,
      libgl1-mesa-{glx,swx11}.{postinst,prerm}, libgl1-mesa-dev.links.in:
      Install libGL.so* in /usr/lib/mesa to allow things to work with
    - debian/not-installed:
      + Drop i686 files; we don't build 686-optimised packages in the first
    - debian/gbp.conf
      + Point at Ubuntu branch to make git-buildpackage less narky.
    - debian/patches/105_use_shared_libdricore.patch, debian/rules:
      + Link DRI drivers against shared dricore routines to save CD space.
    - debian/patches/109_fix_length_of_glxgetfbconfigssgix.patch:
      Fix "BadLength (poly request too large or internal Xlib length"
      when using non-C, non-en locales. (LP 714280)
    - debian/patches/108_fix_leaks_dri2_screen_creation.patch: Cherrypick
      to fix some leaks in DRI2 screen creation failure paths.
    - 114_intel_dri_renderer_string.diff: Re-add "GEM" to the dri renderer
      string of the intel driver. (LP 753370)
    - 113_fix_tls.diff: Fix crashes in unrelated code due to TLS usage.
  * debian/rules:
  * debian/libgl1-mesa-dri-experimental.install.in:
    - Ship i915g in the experimental package. We're already building it,
      and it's apparently now comparable to i915c.
  * debian/control:
  * debian/libgl1-mesa-dri-experimental.install.in:
  * debian/libgl1-mesa-dri.install.linux.in:
    - Move nouveau gallium driver from -dri-experimental to -dri. Upstream
      is no longer adamant that bugs should be ignored. Try installing it by
      default to get a better Unity experience OOTB. (LP: #759562)
  * debian/libgl1-mesa-dri-experimental.install.in:
  * debian/libgl1-mesa-dri.install.linux.in:
    - Move r300/r600 classic drivers to -experimental. They're not supported.
      Shave another ~1MB off the CD!
  * debian/control:
    - Add new bison and flex build-depends.
  * debian/patches/115_llvm_dynamic_linking.diff
    - Dynamically link DRI drivers to libllvm. Saves ~6MiB per DRI driver.
  * debian/rules:
  * debian/patches/116_use_shared_galliumcore.diff:
  * debian/libgl1-mesa-dri.install.in:
    - Link gallium DRI drivers against shared gallium routines to save CD


Changed in mesa (Ubuntu):
status: Fix Committed → Fix Released
Mathieu Virbel (tito-bankiz) wrote :

Thanks guys !

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers