ports/188278: libpciaccess is broken for non-x86 architectures
Julio Merino
jmmv at meroh.net
Sat Apr 5 03:30:01 UTC 2014
>Number: 188278
>Category: ports
>Synopsis: libpciaccess is broken for non-x86 architectures
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Apr 05 03:30:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator: Julio Merino
>Release: FreeBSD 11.0-CURRENT powerpc
>Organization:
>Environment:
System: FreeBSD mastodon.meroh.net 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r264032: Thu Apr 3 01:32:06 EDT 2014 jmmv at mastodon.meroh.net:/usr/obj/home/jmmv/os/freebsd/base/head/sys/GENERIC64 powerpc
>Description:
In:
http://lists.freebsd.org/pipermail/freebsd-ppc/2014-April/006924.html
I described a problem by which X.org cannot start on my PowerMac G5
using an NVIDIA card.
At first sight, the xf86-video-nv seems to be broken under powerpc64.
However, after a bit more digging, things appear way more broken
than that because libpciaccess has an undefined behavior on all
non-x86 platforms. This is why I'm filing this under ports and not
under powerpc.
Take a look at this stacktrace:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 51006400 (LWP 100425)]
0x00000000506557e4 in pci_io_read8 (handle=0x0, reg=10) at common_io.c:181
181 if (reg + 1 > handle->size)
(gdb) bt
#0 0x00000000506557e4 in pci_io_read8 (handle=0x0, reg=10) at common_io.c:181
#1 0x00000000516286a8 in stdReadST01 (hwp=0x510f2000) at vgaHW.c:212
#2 0x000000005162c61c in vgaHWSaveColormap (scrninfp=0x510e1400, save=0x510f2048) at vgaHW.c:1124
#3 0x000000005162c708 in vgaHWSave (scrninfp=0x510e1400, save=0x510f2048, flags=5) at vgaHW.c:1155
#4 0x00000000515bd734 in NVDACSave (pScrn=0x510e1400, vgaReg=0x510f2048, nvReg=0x510f1800, saveFonts=0) at nv_dac.c:311
#5 0x00000000515c4bdc in NVSave (pScrn=0x510e1400) at nv_driver.c:2662
#6 0x00000000515c4164 in NVScreenInit (scrnIndex=0, pScreen=0x510c7f00, argc=1, argv=0xffffffffffffdc18) at nv_driver.c:2430
#7 0x0000000010044b5c in AddScreen (pfnInit=@0x5160f778: 0x515c3f8c <NVScreenInit>, argc=1, argv=0xffffffffffffdc18) at dispatch.c:3797
#8 0x00000000100bfdf8 in InitOutput (pScreenInfo=0x10332b78 <screenInfo>, argc=1, argv=0xffffffffffffdc18) at xf86Init.c:834
#9 0x0000000010021be8 in main (argc=1, argv=0xffffffffffffdc18, envp=0xffffffffffffdc28) at main.c:203
which obviously tells us why the X.org server is crashing: we are
dereferencing a null pointer, and that null handle comes from the
libpciaccess library. The library is called on driver initialization
to get a pointer to the PCI memory (open_legacy_io) and that call
fails because of a missing implementation. The code later happily
stores a null pointer and uses it without care. (First problem:
nowhere in the code, the call to the open_legacy_io function below is
checked for success.)
The libpciaccess library has this gem:
static struct pci_io_handle *
pci_device_freebsd_open_legacy_io(struct pci_io_handle *ret,
struct pci_device *dev, pciaddr_t base, pciaddr_t size)
{
#if defined(__i386__) || defined(__amd64__)
ret->fd = open("/dev/io", O_RDWR | O_CLOEXEC);
if (ret->fd < 0)
return NULL;
ret->base = base;
ret->size = size;
return ret;
#elif defined(PCI_MAGIC_IO_RANGE)
ret->memory = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED,
aperturefd, PCI_MAGIC_IO_RANGE + base);
if (ret->memory == MAP_FAILED)
return NULL;
ret->base = base;
ret->size = size;
return ret;
#else
return NULL;
#endif
}
Which, as far as I can tell, is *completely* wrong because FreeBSD
does not define PCI_MAGIC_IO_RANGE (can't find mentions of it neither
in current nor stable/10) and thus the fallback for non-x86 platforms
cannot ever work (not to mention that aperturefd is not handled at all
in the freebsd_pci.c file).
As it turns out, the offending function was modified in:
https://bugs.freedesktop.org/show_bug.cgi?id=63583
to apparently support non-x86 platforms. Yeah, right...
>How-To-Repeat:
Attempt to start X on a non-x86 machine with the xf86-video-nv driver
(or possibly any other driver). See the server crash.
I'm unsure why this is failing now given that I think this used to
work fine a few months ago only. Don't know what has changed. Maybe
the new Xorg is triggering this, but no idea.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list