Ubuntu
mesa package

r600_dri.so crashes with a Segmentation Fault (SIGSEGV)

Bug #1454774 reported by Jason Chagas on 2015-05-13

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	mesa (Ubuntu)	Expired	Medium	Unassigned

Bug Description

r600_dri.so crashes with a Segmentation Fault (SIGSEGV). I noticed it usually happens when running the Firefox on the Google Maps website. It is inconsistent, however, and it may require a few tries before Firefox quits. Here is how I was able to trace the problem:

1) Run firefox in debub mode:

% firefox -g //launch firefox in debug mode
(gdb) handle SIGPIPE nostop //disable GDB trapping of SIGPIPE messages
(gdb) run

2) Access http://www.google.com/maps and entering addresses a few times until it crashes

3) GDB backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x00007fff892a2a2f in ?? () from /usr/lib/x86_64-linux-gnu/dri/r600_dri.so
(gdb) bt
#0 0x00007fff892a2a2f in ?? () from /usr/lib/x86_64-linux-gnu/dri/r600_dri.so
#1 0x00007fff8929ea27 in ?? () from /usr/lib/x86_64-linux-gnu/dri/r600_dri.so
#2 0x00007fff892a57ff in ?? () from /usr/lib/x86_64-linux-gnu/dri/r600_dri.so
#3 0x00007ffff1e60446 in ?? () from /usr/lib/firefox/libxul.so
#4 0x00007ffff240f36a in ?? () from /usr/lib/firefox/libxul.so
#5 0x00007ffff242fc31 in ?? () from /usr/lib/firefox/libxul.so
#6 0x00007ffff240f594 in ?? () from /usr/lib/firefox/libxul.so
#7 0x00007ffff23899fc in ?? () from /usr/lib/firefox/libxul.so
#8 0x00007ffff23f20fb in ?? () from /usr/lib/firefox/libxul.so
#9 0x00007ffff3404e58 in ?? () from /usr/lib/firefox/libxul.so
#10 0x00007ffff33ffa57 in ?? () from /usr/lib/firefox/libxul.so
#11 0x00007ffff3404a71 in ?? () from /usr/lib/firefox/libxul.so
#12 0x00007ffff3404cf6 in ?? () from /usr/lib/firefox/libxul.so
#13 0x00007ffff3405881 in ?? () from /usr/lib/firefox/libxul.so
#14 0x00007ffff31b266d in ?? () from /usr/lib/firefox/libxul.so
#15 0x00007ffff7fe75d0 in ?? ()
#16 0x0000000000000602 in ?? ()
#17 0x00007fffffff8470 in ?? ()
#18 0xfff9000000000000 in ?? ()
#19 0x00007ffff54a0a20 in ?? () from /usr/lib/firefox/libxul.so
#20 0x00007fffdea51a30 in ?? ()
#21 0x00007fffbe985a94 in ?? ()
#22 0x0000000000000482 in ?? ()
#23 0x00007fffffff8510 in ?? ()
#24 0x00007fffb666b790 in ?? ()
#25 0x0000000000000001 in ?? ()
#26 0x00007fffffff84b8 in ?? ()
#27 0xfffc7fff73f8bf40 in ?? ()
#28 0xfffc7fff73f7c7e0 in ?? ()
#29 0xfff8800000004500 in ?? ()
#30 0x00007fffffff8550 in ?? ()
#31 0x00007fffb666b790 in ?? ()
#32 0x00007fffb8e18b08 in ?? ()
#33 0x0000000000000681 in ?? ()
#34 0xfff8800000004500 in ?? ()
#35 0xfffc7fff73f7c7e0 in ?? ()
#36 0xfffc7fff73f8bf40 in ?? ()
#37 0xfffc7fffdf539f18 in ?? ()
#38 0xfff9800000000000 in ?? ()
#39 0x00007fffdea00b80 in ?? ()
#40 0x0000000000000068 in ?? ()
#41 0x00007fff73f7c2e0 in ?? ()
#42 0x00007fffb8e14308 in ?? ()
#43 0xfff9800000000000 in ?? ()
#44 0x0000000000000000 in ?? ()
(gdb)

========

I built mesa_10.1.3 with debug symbols, replaced /usr/lib/x86_64-linux-gnu/dri/r600_dri.so, ran Firefox again as described above and here is where it crashed:

Program received signal SIGSEGV, Segmentation fault.
0x0000000000000002 in ?? ()
(gdb) bt
#0 0x0000000000000002 in ?? ()
#1 0x00007fffaf5b7ac4 in pipe_sampler_view_reference (ptr=0x7fffaba98400,
    view=0x0) at ../../src/gallium/auxiliary/util/u_inlines.h:151
#2 0x00007fffaf5b80e0 in st_get_texture_sampler_view_from_stobj (
    stObj=0x7fffaba98000, pipe=0x7fffb33ed000, samp=0x7fffaba98040,
    format=PIPE_FORMAT_R8G8B8A8_UNORM) at state_tracker/st_atom_texture.c:209
#3 0x00007fffaf5b82cc in update_single_texture (st=0x7fffb4714000,
    sampler_view=0x7fffffff69e8, texUnit=3)
    at state_tracker/st_atom_texture.c:272
#4 0x00007fffaf5b8372 in update_textures (st=0x7fffb4714000, shader_stage=1,
    prog=0x7fffb555c800, max_units=16, sampler_views=0x7fffb4714990,
    num_textures=0x7fffb4714b14) at state_tracker/st_atom_texture.c:305
#5 0x00007fffaf5b84ec in update_fragment_textures (st=0x7fffb4714000)
    at state_tracker/st_atom_texture.c:355
#6 0x00007fffaf5b1401 in st_validate_state (st=0x7fffb4714000)
    at state_tracker/st_atom.c:201
#7 0x00007fffaf5bddb3 in st_Clear (ctx=0x7fffb4f7c000, mask=304)
    at state_tracker/st_cb_clear.c:443
#8 0x00007fffaf42e1c3 in _mesa_Clear (mask=17664) at main/clear.c:206
#9 0x00007ffff1e60446 in ?? () from /usr/lib/firefox/libxul.so
#10 0x00007ffff240f36a in ?? () from /usr/lib/firefox/libxul.so
#11 0x00007ffff242fc31 in ?? () from /usr/lib/firefox/libxul.so
#12 0x00007ffff240f594 in ?? () from /usr/lib/firefox/libxul.so
#13 0x00007ffff23899fc in ?? () from /usr/lib/firefox/libxul.so
#14 0x00007ffff23f20fb in ?? () from /usr/lib/firefox/libxul.so
#15 0x00007ffff3404e58 in ?? () from /usr/lib/firefox/libxul.so
#16 0x00007ffff33ffa57 in ?? () from /usr/lib/firefox/libxul.so
#17 0x00007ffff3404a71 in ?? () from /usr/lib/firefox/libxul.so
#18 0x00007ffff3404cf6 in ?? () from /usr/lib/firefox/libxul.so
#19 0x00007ffff3405881 in ?? () from /usr/lib/firefox/libxul.so
#20 0x00007ffff31b266d in ?? () from /usr/lib/firefox/libxul.so
#21 0x00007ffff7fe75d0 in ?? ()
#22 0x0000000000000602 in ?? ()
#23 0x00007fffffff8470 in ?? ()
#24 0xfff9000000000000 in ?? ()
#25 0x00007ffff54a0a20 in ?? () from /usr/lib/firefox/libxul.so
#26 0x00007fffdea51a30 in ?? ()
#27 0x00007fffcbe337b4 in ?? ()
#28 0x0000000000000482 in ?? ()
#29 0x00007fffffff8510 in ?? ()
#30 0x00007fffd9b03e90 in ?? ()
#31 0x0000000000000001 in ?? ()
#32 0x00007fffffff84b8 in ?? ()
#33 0xfffc7fff8d0c95c0 in ?? ()
#34 0xfffc7fff8d0baba0 in ?? ()
#35 0xfff8800000004500 in ?? ()
#36 0x00007fffffff8550 in ?? ()
#37 0x00007fffd9b03e90 in ?? ()
#38 0x00007fffc74ee248 in ?? ()
#39 0x0000000000000681 in ?? ()
#40 0xfff8800000004500 in ?? ()
#41 0xfffc7fff8d0baba0 in ?? ()
#42 0xfffc7fff8d0c95c0 in ?? ()
#43 0xfffc7fffdf46a220 in ?? ()
#44 0xfff9800000000000 in ?? ()
#45 0x00007fffdea00b80 in ?? ()
#46 0x0000000000000068 in ?? ()
#47 0x00007fff8d0ba6a0 in ?? ()
#48 0x00007fffc7914ff8 in ?? ()
#49 0xfff9800000000000 in ?? ()
#50 0x0000000000000000 in ?? ()
(gdb)
(gdb)
(gdb)

======================

I replaced /usr/lib/x86_64-linux-gnu/dri/r600_dri.so with a version built with the latest sources (from git://git.debian.org/git/pkg-xorg/lib/mesa) and it seems far more stable. I haven't experienced any crashes since. I looked at the sources and I see numerous changes between mesa_10.1.3 and the latest. So, it is possible the issue was fixed in the latest source base. Therefore, Canonical should consider updating the 'libgl1-mesa-dri' package.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: libgl1-mesa-dri 10.1.3-0ubuntu0.4 [modified: usr/lib/x86_64-linux-gnu/dri/r600_dri.so]
ProcVersionSignature: Ubuntu 3.13.0-52.86-generic 3.13.11-ckt18
Uname: Linux 3.13.0-52-generic x86_64
.tmp.unity.support.test.0:

ApportVersion: 2.14.1-0ubuntu3.10
Architecture: amd64
CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins'
CompositorRunning: None
CurrentDesktop: Unity
Date: Wed May 13 12:02:51 2015
DistUpgraded: Fresh install
DistroCodename: trusty
DistroVariant: ubuntu
DkmsStatus:
webcamstudio, 0.72, 3.13.0-48-generic, x86_64: installed
webcamstudio, 0.72, 3.13.0-49-generic, x86_64: installed
webcamstudio, 0.72, 3.13.0-51-generic, x86_64: installed
webcamstudio, 0.72, 3.13.0-52-generic, x86_64: installed
EcryptfsInUse: Yes
ExtraDebuggingInterest: Yes
GraphicsCard:
Advanced Micro Devices, Inc. [AMD/ATI] Cedar [Radeon HD 5000/6000/7350/8350 Series] [1002:68f9] (prog-if 00 [VGA controller])
Subsystem: Advanced Micro Devices, Inc. [AMD/ATI] Device [1002:010a]
InstallationDate: Installed on 2015-01-17 (116 days ago)
InstallationMedia: Ubuntu 14.04.1 LTS "Trusty Tahr" - Release amd64 (20140722.2)
MachineType: LENOVO 10086
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-52-generic root=UUID=0d56744c-72b1-436b-8f8d-4429be088fa0 ro quiet splash vt.handoff=7
SourcePackage: mesa
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 12/05/2012
dmi.bios.vendor: LENOVO
dmi.bios.version: EQKT21AUS
dmi.board.vendor: LENOVO
dmi.board.version: Win8 STD MM DPK IPG
dmi.chassis.type: 3
dmi.chassis.vendor: LENOVO
dmi.modalias: dmi:bvnLENOVO:bvrEQKT21AUS:bd12/05/2012:svnLENOVO:pn10086:pvrIdeaCentreK430:rvnLENOVO:rn:rvrWin8STDMMDPKIPG:cvnLENOVO:ct3:cvr:
dmi.product.name: 10086
dmi.product.version: IdeaCentre K430
dmi.sys.vendor: LENOVO
version.compiz: compiz 1:0.9.11.3+14.04.20150313-0ubuntu1
version.ia32-libs: ia32-libs N/A
version.libdrm2: libdrm2 2.4.60-2~ubuntu14.04.1
version.libgl1-mesa-dri: libgl1-mesa-dri 10.1.3-0ubuntu0.4
version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A
version.libgl1-mesa-glx: libgl1-mesa-glx 10.1.3-0ubuntu0.4
version.xserver-xorg-core: xserver-xorg-core 2:1.15.1-0ubuntu2.7
version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.8.2-1ubuntu2
version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.3.0-1ubuntu3.1
version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.910-0ubuntu1.6
version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.10-1ubuntu2
xserver.bootTime: Wed May 13 10:15:11 2015
xserver.configfile: default
xserver.errors:

xserver.logfile: /var/log/Xorg.0.log
xserver.version: 2:1.15.1-0ubuntu2.7
xserver.video_driver: radeon

Tags:

Revision history for this message

Jason Chagas (jason-chagas) wrote on 2015-05-13:

BootDmesg.txt Edit (67.2 KiB, text/plain; charset="utf-8")
BootLog.txt Edit (5.7 KiB, text/plain; charset="utf-8")
CurrentDmesg.txt Edit (973 bytes, text/plain; charset="utf-8")
Dependencies.txt Edit (532 bytes, text/plain; charset="utf-8")
DpkgLog.txt Edit (99.3 KiB, text/plain; charset="utf-8")
GconfCompiz.txt Edit (45.7 KiB, text/plain; charset="utf-8")
LightdmDisplayLog.txt Edit (2.3 KiB, text/plain; charset="utf-8")
LightdmGreeterLog.txt Edit (7.6 KiB, text/plain; charset="utf-8")
LightdmGreeterLogOld.txt Edit (7.3 KiB, text/plain; charset="utf-8")
LightdmLog.txt Edit (5.2 KiB, text/plain; charset="utf-8")
Lspci.txt Edit (11.5 KiB, text/plain; charset="utf-8")
Lsusb.txt Edit (697 bytes, text/plain; charset="utf-8")
MonitorsUser.xml.txt Edit (2.1 KiB, text/plain; charset="utf-8")
ProcCpuinfo.txt Edit (3.7 KiB, text/plain; charset="utf-8")
ProcEnviron.txt Edit (103 bytes, text/plain; charset="utf-8")
ProcInterrupts.txt Edit (2.3 KiB, text/plain; charset="utf-8")
ProcModules.txt Edit (4.3 KiB, text/plain; charset="utf-8")
UdevDb.txt Edit (168.7 KiB, text/plain; charset="utf-8")
UdevLog.txt Edit (367.8 KiB, text/plain; charset="utf-8")
UnitySupportTest.txt Edit (804 bytes, text/plain; charset="utf-8")
XorgLog.txt Edit (72.7 KiB, text/plain; charset="utf-8")
XorgLogOld.txt Edit (89.4 KiB, text/plain; charset="utf-8")
Xrandr.txt Edit (9.3 KiB, text/plain; charset="utf-8")
xdpyinfo.txt Edit (59.3 KiB, text/plain; charset="utf-8")
xserver.devices.txt Edit (320 bytes, text/plain; charset="utf-8")
xserver.outputs.txt Edit (752 bytes, text/plain; charset="utf-8")

Revision history for this message

penalvch (penalvch) wrote on 2016-03-03:

Jason Chagas, thank you for reporting this and helping make Ubuntu better.

To see if this is already resolved, could you please test http://cdimage.ubuntu.com/daily-live/current/ and advise to the results?

tags:	added: latest-bios-eqkt21aus
Changed in mesa (Ubuntu):
importance:	Undecided → Medium
status:	New → Incomplete

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-05-02:

[Expired for mesa (Ubuntu) because there has been no activity for 60 days.]

Changed in mesa (Ubuntu):
status:	Incomplete → Expired

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntumesa package

r600_dri.so crashes with a Segmentation Fault (SIGSEGV)

Bug Description

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
mesa package