Really the bug is more severe than just failing (and innocent) xscreensaver.
backtrace:
#0 0x00002ade19df2582 in _mesa_x86_64_transform_points4_perspective () from
/usr/lib/dri/i915_dri.so
#1 0x00002ade19d85909 in ?? () from /usr/lib/dri/i915_dri.so
#2 0x00002ade19d7bd7b in _tnl_run_pipeline () from /usr/lib/dri/i915_dri.so
#3 0x00002ade19d7c2a4 in _tnl_draw_prims () from /usr/lib/dri/i915_dri.so
#4 0x00002ade19d7454e in vbo_exec_vtx_flush () from /usr/lib/dri/i915_dri.so
#5 0x00002ade19d700fd in vbo_exec_FlushVertices () from
/usr/lib/dri/i915_dri.so
#6 0x00002ade19cfbe2e in _mesa_Flush () from /usr/lib/dri/i915_dri.so
#7 0x000000000040486a in draw_polytopes (mi=0x7fff93e3fd30) at polytopes.c:3064
#8 0x000000000040738b in xlockmore_screenhack (dpy=0x63fb30, window=73400322,
want_writable_colors=<value optimized out>,
want_uniform_colors=0, want_smooth_colors=0, want_bright_colors=0,
event_mask=66, hack_init=0x404ec0 <init_polytopes>,
hack_draw=0x4046d0 <draw_polytopes>, hack_reshape=0x404e70
<reshape_polytopes>, hack_handle_events=0x404ce0 <polytopes_handle_event>,
hack_free=0) at xlockmore.c:444
#9 0x0000000000404fc8 in screenhack (dpy=0x6c75c0, window=6922368) at
./../xlockmore.h:158
#10 0x0000000000405a81 in main (argc=1, argv=0x7fff93e404c8) at
./../screenhack.c:679
#11 0x00002ade18810b44 in __libc_start_main () from /lib/libc.so.6
#12 0x0000000000403199 in _start ()
BUT! the point is not a backtrace, but a code inside driver:
(gdb) disassemble
Dump of assembler code for function _mesa_x86_64_transform_points4_perspective:
0x00002ade19df2530 <_mesa_x86_64_transform_points4_perspective+0>: mov
0x10(%rdx),%ecx
0x00002ade19df2533 <_mesa_x86_64_transform_points4_perspective+3>: movzbl
0x14(%rdx),%eax
0x00002ade19df2537 <_mesa_x86_64_transform_points4_perspective+7>: mov
%ecx,0x10(%rdi)
0x00002ade19df253a <_mesa_x86_64_transform_points4_perspective+10>: movl
$0x4,0x18(%rdi)
0x00002ade19df2541 <_mesa_x86_64_transform_points4_perspective+17>: orl
$0xf,0x1c(%rdi)
0x00002ade19df2545 <_mesa_x86_64_transform_points4_perspective+21>: test
%ecx,%ecx
0x00002ade19df2547 <_mesa_x86_64_transform_points4_perspective+23>: xchg
%ax,%ax
0x00002ade19df254a <_mesa_x86_64_transform_points4_perspective+26>: je
0x2ade19df25b3 <_mesa_x86_64_transform_points4_perspective+131>
0x00002ade19df254c <_mesa_x86_64_transform_points4_perspective+28>: mov
0x8(%rdx),%rdx
0x00002ade19df2550 <_mesa_x86_64_transform_points4_perspective+32>: mov
0x8(%rdi),%rdi
0x00002ade19df2554 <_mesa_x86_64_transform_points4_perspective+36>: movd
(%rsi),%mm0
0x00002ade19df2557 <_mesa_x86_64_transform_points4_perspective+39>: pxor
%mm7,%mm7
0x00002ade19df255a <_mesa_x86_64_transform_points4_perspective+42>:
punpckldq 0x14(%rsi),%mm0
0x00002ade19df255e <_mesa_x86_64_transform_points4_perspective+46>: movq
0x20(%rsi),%mm2
0x00002ade19df2562 <_mesa_x86_64_transform_points4_perspective+50>:
prefetch (%rdx)
0x00002ade19df2565 <_mesa_x86_64_transform_points4_perspective+53>: movd
0x28(%rsi),%mm1
0x00002ade19df2569 <_mesa_x86_64_transform_points4_perspective+57>: xchg
%ax,%ax
0x00002ade19df256c <_mesa_x86_64_transform_points4_perspective+60>:
punpckldq 0x38(%rsi),%mm1
0x00002ade19df2570 <_mesa_x86_64_transform_points4_perspective+64>:
prefetchw 0x20(%rdi)
0x00002ade19df2574 <_mesa_x86_64_transform_points4_perspective+68>: movq
(%rdx),%mm4
0x00002ade19df2577 <_mesa_x86_64_transform_points4_perspective+71>: movq
0x8(%rdx),%mm5
0x00002ade19df257b <_mesa_x86_64_transform_points4_perspective+75>: movd
0x8(%rdx),%mm3
0x00002ade19df257f <_mesa_x86_64_transform_points4_perspective+79>: movq
%mm5,%mm6
0x00002ade19df2582 <_mesa_x86_64_transform_points4_perspective+82>: pfmul
%mm0,%mm4
0x00002ade19df2586 <_mesa_x86_64_transform_points4_perspective+86>:
punpckldq %mm5,%mm5
0x00002ade19df2589 <_mesa_x86_64_transform_points4_perspective+89>: pfmul
%mm2,%mm5
0x00002ade19df258d <_mesa_x86_64_transform_points4_perspective+93>: pfsubr
%mm7,%mm3
0x00002ade19df2591 <_mesa_x86_64_transform_points4_perspective+97>: pfmul
%mm1,%mm6
0x00002ade19df2595 <_mesa_x86_64_transform_points4_perspective+101>: pfadd
%mm4,%mm5
0x00002ade19df2599 <_mesa_x86_64_transform_points4_perspective+105>: pfacc
%mm3,%mm6
0x00002ade19df259d <_mesa_x86_64_transform_points4_perspective+109>: movq
%mm5,(%rdi)
0x00002ade19df25a0 <_mesa_x86_64_transform_points4_perspective+112>: add
%rax,%rdx
0x00002ade19df25a3 <_mesa_x86_64_transform_points4_perspective+115>: movq
%mm6,0x8(%rdi)
0x00002ade19df25a7 <_mesa_x86_64_transform_points4_perspective+119>: add
$0x10,%rdi
0x00002ade19df25ab <_mesa_x86_64_transform_points4_perspective+123>: dec
%ecx
0x00002ade19df25ad <_mesa_x86_64_transform_points4_perspective+125>:
prefetch 0x20(%rdx)
0x00002ade19df25b1 <_mesa_x86_64_transform_points4_perspective+129>: jne
0x2ade19df2570 <_mesa_x86_64_transform_points4_perspective+64>
0x00002ade19df25b3 <_mesa_x86_64_transform_points4_perspective+131>: femms
0x00002ade19df25b5 <_mesa_x86_64_transform_points4_perspective+133>: retq
0x00002ade19df25b6 <_mesa_x86_64_transform_points4_perspective+134>: nopw
%cs:0x0(%rax,%rax,1)
End of assembler dump.
We see that SIGILL fires at the first pfmul
pfmul is AMD 3-D Now opcode, and it fails since I have Intel Core 2 Duo CPU.
So the bug can manifest itself in any app with OpenGL, this could possibly lock
up the screen, is this enough for High priority?
--
[apport] polytopes crashed with SIGILL in
_mesa_x86_64_transform_points4_perspective()
https://bugs.launchpad.net/bugs/87661
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
