Ubuntu
mesa package

Xorg crashed with SIGSEGV in _mesa_update_state_locked() with DRI disabled

Bug #145289 reported by Sébastien Valette
14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
X.Org X server
Invalid
Medium
mesa (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

X crashed while I was using a custom 3D application. I was actually investigating further this bug:

https://bugs.launchpad.net/ubuntu/+source/xserver-xorg-video-ati/+bug/144865

This crash was obtained using the following xorg parameters:
Section "Device"
 Identifier "ATI Technologies Inc RV370 5B64 [FireGL V3100 (PCIE)]"
 Driver "ati"
 BusID "PCI:1:0:0"
 Option "GARTSize" "64"
 Option "DRI" "false"

EndSection

ProblemType: Crash
Architecture: i386
CrashCounter: 1
Date: Wed Sep 26 18:44:55 2007
Disassembly: 0xaf79f0e0:
DistroRelease: Ubuntu 7.10
ExecutablePath: /usr/bin/Xorg
NonfreeKernelModules: cdrom
Package: xserver-xorg-core 2:1.3.0.0.dfsg-12ubuntu6
PackageArchitecture: i386
ProcCmdline: /usr/bin/X :0 -br -audit 0 -auth /var/lib/gdm/:0.Xauth -nolisten tcp vt10
ProcCwd: /etc/X11
ProcEnviron:
 LANGUAGE=
 PATH=/sbin:/bin:/usr/sbin:/usr/bin
 LANG=fr_FR.UTF-8
Signal: 11
SourcePackage: xorg-server
Stacktrace: #0 0xaf79f0e0 in ?? ()
StacktraceTop: ?? ()
ThreadStacktrace:

Title: Xorg crashed with SIGSEGV
Uname: Linux valette-desktop 2.6.22-12-generic #1 SMP Sun Sep 23 18:11:30 GMT 2007 i686 GNU/Linux
UserGroups:

#0 _mesa_update_framebuffer (ctx=0x98eb698) at framebuffer.c:674
        fb = (struct gl_framebuffer *) 0x0
#1 0xaf7bff91 in _mesa_update_state_locked (ctx=0x98eb698) at state.c:1152
        new_state = 4294967295
#2 0xaf7c00ea in _mesa_update_state (ctx=0x98eb698) at state.c:1218
No locals.
#3 0xaf77b860 in _mesa_GetIntegerv (pname=34018, params=0xbf8b7588)
    at get.c:3741
        ctx = (GLcontext *) 0x98eb698
#4 0xb7be90c2 in __glXDisp_GetIntegerv (cl=0x83f77d8,
    pc=0x843f4a0 "\217u\003") at ../../../GL/glx/indirect_dispatch.c:1905
        pname = 34018
        compsize = 1
        answerBuffer = {-1210730033, -1209602060, 1717986918, 20, -1081378788,
  -1210722100, 1717986918, 11, 1, 20, 0, -1209597584, -1081379352, 135490926,
  0, 0, -1081378568, 136331424, -1081378568, 0, -1081379192, 135047694,
  136419728, 136406392, -1081379304, -1212712799, 135102528, 0, -1081378568,
  0 <repeats 32 times>, 136217184, -16, 2, -1081379144, 134820522, 0, 0, 1,
  136331424, 2, 0, 134820379, 136217184, 1, 0, -1081378552, 136039487,
  -2147483648, 136331424, 0, 0, 0, 0, -1081378704, 8, 0 <repeats 68 times>,
  -1081378776, -1210488832, -1209597632, 160605608, -1081378776, 1,
  -1081378652, -1210102424, -1081378652, 31, 160605608, 136217184, 138304976,
  1, -1081378744, 136083134, 31, -1081378652, 1, -1212162056, 160605608,
---Type <return> to continue, or q <return> to quit---
  136217184, -1081378712, 136078111, 135624588, 136217184, -1081378680,
  134821386, 136307620, 0, -1081378624, 4096, 138671264, -1210135373,
  136217184, 136217184, -1081378616, 1, -1081378664, 134821040, -40, 32,
  -1212067132, -1212067136, 5, -1212018432}
        error = -1081378632
        cx = <value optimized out>
#5 0xb7bddb2c in __glXDispatch (client=0x83f76a0)
    at ../../../GL/glx/glxext.c:551
        stuff = (xGLXSingleReq *) 0x843f4a0
        opcode = 117 'u'
        proc = (__GLXdispatchSingleProcPtr) 0xb7be9020 <__glXDisp_GetIntegerv>
        cl = (__GLXclientState *) 0x83f77d8
        retval = 1

See original description
Revision history for this message
Sébastien Valette (sebastien-valette) wrote :
Revision history for this message
Sébastien Valette (sebastien-valette) wrote :

here is the xorg log

Revision history for this message
Apport retracing service (apport) wrote : Symbolic stack trace

StacktraceTop:?? ()

Revision history for this message
Apport retracing service (apport) wrote : Stack trace with source code
Revision history for this message
Sébastien Valette (sebastien-valette) wrote : Re: Xorg crashed with SIGSEGV with DRI disabled

I reported it upstream:

https://bugs.freedesktop.org/show_bug.cgi?id=12612

Revision history for this message
Sébastien Valette (sebastien-valette) wrote :

"
I reported it upstream:

https://bugs.freedesktop.org/show_bug.cgi?id=12612"

oops, wrong bug. sorry..

Revision history for this message
Tormod Volden (tormodvolden) wrote :

Would you be able to look at https://wiki.ubuntu.com/DebuggingXorg and try to get a full stack trace?

This is the stack trace from the log:
2: /usr/lib/xorg/modules/extensions//libGLcore.so(_mesa_update_state_locked+0x7e1) [0xaf85bf91]
3: /usr/lib/xorg/modules/extensions//libGLcore.so(_mesa_update_state+0x2a) [0xaf85c0ea]
4: /usr/lib/xorg/modules/extensions//libGLcore.so(_mesa_GetIntegerv+0x280) [0xaf817860]
5: /usr/lib/xorg/modules/extensions//libglx.so [0xb7c850c2]
6: /usr/lib/xorg/modules/extensions//libglx.so [0xb7c79b2c]
7: /usr/bin/X [0x815755e]
8: /usr/bin/X(Dispatch+0x1aa) [0x808f47a]
9: /usr/bin/X(main+0x495) [0x8076f05]

Changed in xorg-server:
assignee: nobody → tormodvolden
status: New → Incomplete
Revision history for this message
Sébastien Valette (sebastien-valette) wrote :

here is the gdb log obtained via ssh. Hope it helps...

Revision history for this message
Tormod Volden (tormodvolden) wrote :

Thanks. Can you please install the package xserver-xorg-core-dbg and try again?

Revision history for this message
Sébastien Valette (sebastien-valette) wrote :

Here it is

Revision history for this message
Tormod Volden (tormodvolden) wrote :

Thanks, that's as good as it can get. Could you please file a bug upstream with this gdb log?

It would be nice to know how to reproduce this error. Is it only when you start one specific program?

Revision history for this message
In , Sébastien Valette (sebastien-valette) wrote :

Hi,

I'm trying to get a stable way to use my video card. When disabling DRI (adding Option "DRI" "false" to xorg.conf, I can trigger an X crash when running two instances of:
/usr/share/vtk/Rendering/Python/assembly.py

which is a sample programm from the package "python-vtk" on Ubuntu.
the X crash occurs this way : 1- make the windows overlap 2- move one of the two windows so that rendering is triggered on the other window.

I already had such problems, but it was my fault. I hope (and think) that this time I did nothing bad. I join my xorg.conf, xorg log and a gdb backtrace of X.

Revision history for this message
In , Sébastien Valette (sebastien-valette) wrote :

Created an attachment (id=11861)
xorg.conf

Revision history for this message
In , Sébastien Valette (sebastien-valette) wrote :

Created an attachment (id=11862)
Xorg log

Revision history for this message
In , Sébastien Valette (sebastien-valette) wrote :

Created an attachment (id=11863)
gdb backtrace

Revision history for this message
In , agd5f (agd5f) wrote :

looks like a mesa bug.

Revision history for this message
Sébastien Valette (sebastien-valette) wrote :

reported upstream:

https://bugs.freedesktop.org/show_bug.cgi?id=12652

Tormod Volden (tormodvolden)
Changed in xorg-server:
assignee: tormodvolden → nobody
status: Incomplete → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in xorg-server:
status: Unknown → Confirmed
Timo Aaltonen (tjaalton)
Changed in xorg-server:
importance: Undecided → Medium
Revision history for this message
Tormod Volden (tormodvolden) wrote :

The backtrace in your upstream report does not match the one in comment 10 here...

Revision history for this message
Tormod Volden (tormodvolden) wrote :

Is this still happening in Ubuntu 7.10 or Hardy Alpha 2?

Changed in mesa:
assignee: nobody → tormodvolden
status: Confirmed → Incomplete
Revision history for this message
Sébastien Valette (sebastien-valette) wrote :

>Is this still happening in Ubuntu 7.10 or Hardy Alpha 2?

(back from holidays...)

yes this bug is still happening with 7.10 (But it is not critical since it needs DRI=false).

there are two different gdb logs because I did the experiment twice...

Tormod Volden (tormodvolden)
Changed in mesa:
assignee: tormodvolden → nobody
status: Incomplete → Confirmed
Bryce Harrington (bryce)
description: updated
Revision history for this message
Bryce Harrington (bryce) wrote :

I see the upstream bug is sort of DOA (plus it's got a different backtrace than this one so isn't really relevant anyway), however in digging through the source code it appears the _mesa_update_framebuffer() function has been revamped a goodly bit since this trace was taken, so perhaps the issue has been fixed. There's been no other reports of this particular issue so hopefully that means this is a good assumption.

Changed in mesa (Ubuntu):
status: Confirmed → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in xorg-server:
importance: Unknown → Medium
Bug Watch Updater (bug-watch-updater)
Changed in xorg-server:
importance: Medium → Unknown
Bug Watch Updater (bug-watch-updater)
Changed in xorg-server:
importance: Unknown → Medium
Bug Watch Updater (bug-watch-updater)
Changed in xorg-server:
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.