After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 741881 - F21 Wayland Mode Change Crashes desktop
F21 Wayland Mode Change Crashes desktop
Status: RESOLVED FIXED
Product: cogl
Classification: Platform
Component: general
unspecified
Other Linux
: Normal critical
: ---
Assigned To: Cogl maintainer(s)
Cogl maintainer(s)
Depends on:
Blocks:
 
 
Reported: 2014-12-22 21:46 UTC by Sinclair Yeh
Modified: 2015-01-30 15:22 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
kms-winsys: Mark the framebuffer to be bound when setting a new layout (1.29 KB, patch)
2015-01-21 20:47 UTC, Rui Matos 		committed Details | Review

Description Sinclair Yeh 2014-12-22 21:46:06 UTC 
Steps to Reproduce:
  1.  Log into Wayland version of desktop
  2.  Right click on desktop -> Settings
  3.  Pick a resolution and select Apply
  4.  gnome crashes

FYI, my F21 is running inside of a VM (VMWare Fusion 7).  I had to rebuild Xwayland to not use glamor otherwise some of the rendering will be incorrect, but this doesn't impact the crash.

The crash happens in libgbm: mesa/src/gbm/backends/dri/gbm_dri.c
In "image_get_buffers()", gbm_dri_device(surf->base.gbm) returns NULL.  This
causes "dri" to be NULL, and thus the crash in the subsequent line "if (dri->image_get_buffers == NULL)"

The key sequence of events is this:
  cogl_kms_display_set_layout()
    ...
    gbm_surface_destroy(); // destroys current gbm_dri_surface, let's call it SF

  ...

  _clutter_stage_do_pick()
    cogl_framebuffer_clear4f()
      ....
      image_get_buffers();  <------- crash

The reason why image_get_buffers() crashes is because gbm_dri_device(surf->base.gbm) still points to the same SF that has been freed earlier.  Some times it's garbage, and we get away with it, but most of the time the relevant field is NULL, and we crash.

I think somehow the new on-screen surface is not bound before _clutter_stage_do_pick() is called.

---------------------------------------------------------------------------

+ Trace 234442

  • #0 image_get_buffers
    at backends/dri/gbm_dri.c line 120
  • #1 dri2_allocate_textures
    at dri2.c line 254
  • #2 dri2_allocate_textures
    at dri2.c line 377
  • #3 dri_st_framebuffer_validate
    at dri_drawable.c line 83
  • #4 st_framebuffer_validate
    at ../../src/mesa/state_tracker/st_manager.c line 200
  • #5 st_manager_validate_framebuffers
    at ../../src/mesa/state_tracker/st_manager.c line 862
  • #6 st_validate_state
    at ../../src/mesa/state_tracker/st_atom.c line 180
  • #7 st_Clear
    at ../../src/mesa/state_tracker/st_cb_clear.c line 449
  • #8 cogl_framebuffer_clear4f
    at ./cogl-framebuffer.c line 388
  • #9 _clutter_stage_do_pick
    at ./clutter-stage.c line 1541
  • #10 clutter_stage_get_actor_at_pos
    at ./clutter-stage.c line 2928
  • #11 repick_for_event
    at wayland/meta-wayland-pointer.c line 299
  • #12 meta_wayland_pointer_repick
    at wayland/meta-wayland-pointer.c line 732
  • #13 meta_wayland_seat_repick
    at wayland/meta-wayland-seat.c line 304 






Comment 1


Rui Matos





          2015-01-05 14:35:19 UTC
        



I reported a similar trace in mesa's bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=85093






Comment 2


Sinclair Yeh





          2015-01-05 16:18:27 UTC
        



Thanks for the confirmation.

FYI, adding a check for "dri == NULL" in image_get_buffers() fixes the problem for me, but I don't think that's the right approach.  I think the problem started above MESA, probably in mutter.






Comment 3


Rui Matos





          2015-01-21 20:47:30 UTC
        



Created attachment 295130 [details] [review]
kms-winsys: Mark the framebuffer to be bound when setting a new layout

--

This patch fixes it for me.






Comment 4


Sinclair Yeh





          2015-01-23 20:43:38 UTC
        



Verified the fix works.






Comment 5


drago01





          2015-01-23 20:44:44 UTC
        



The patch isn't pushed yet .. so leave that bug open until this happens.






Comment 6


Sinclair Yeh





          2015-01-23 20:45:04 UTC
        



Review of attachment 295130 [details] [review]:

Tested-by: Sinclair Yeh <syeh@vmware.com>






Comment 7


Robert Bragg





          2015-01-29 15:39:46 UTC
        



Review of attachment 295130 [details] [review]:

This looks good to me.

Sorry I haven't tested it myself, but if you're happy that it's been tested, please feel free to land the patch.






Comment 8


Rui Matos





          2015-01-30 15:22:24 UTC
        



Review: http://lists.freedesktop.org/archives/cogl/2015-January/001707.html

Attachment 295130 [details] pushed as b9d6cf4 - kms-winsys: Mark the framebuffer to be bound when setting a new layout