[Bug 337608] Re: Sun Java Plugin 6 + firefox3.0 - kills X server on Asus EEEPC 1000 + Jaunty Alpha5

[Bryce Harrington]

I can't definitively tie either of those nulls to the affected code.
However your sample code shows that a null pointer being passed into
memcpy could indeed be the culprit.

If my guess that the mystery line is fbBlt(), this code seems to be
doing a memcpy:

        if (!upsidedown)
            for (i = 0; i < height; i++)
                MEMCPY_WRAPPED(dst + i * dstStride, src + i * srcStride, width);
        else
            for (i = height - 1; i >= 0; i--)
                MEMCPY_WRAPPED(dst + i * dstStride, src + i * srcStride, width);

        return;

Interestingly, this was the last code change to this fbblt.c file,
although you can see it was a long time ago:

commit ee02e647882a4be29e1130bd79904ee79ed6b802
Author: Aaron Plattner <aplattner at nvidia.com>
Date:   Tue Aug 1 13:45:43 2006 -0700

    Wrap libwfb memory access.
    
    Use the READ and WRITE macros to wrap memory accesses that could be in video
    memory.  Add MEMCPY_WRAPPED and MEMSET_WRAPPED macros to wrap memcpy and
    memset, respectively.


Hrm, this is a tough one.  I think the next step is to set a breakpoint and step through the fbBlt code after triggering the error, and see where memcpy is getting the null pointer.  Let me know if you'd be able/willing to do that; if not, then let's just push this bug upstream and see what they say...

-- 
Sun Java Plugin 6 + firefox3.0 - kills X server on Asus EEEPC 1000 + Jaunty Alpha5
https://bugs.launchpad.net/bugs/337608
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs