compiz crashes when using alt-tab (the radeon driver kills it)
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | Mesa |
Fix Released
|
High
|
||
| | Unity |
Invalid
|
Undecided
|
Unassigned | |
| | compiz (Fedora) |
Unknown
|
Unknown
|
||
| | compiz (Ubuntu) |
Undecided
|
Unassigned | ||
| | mesa (Ubuntu) |
Undecided
|
Unassigned | ||
| | xserver-xorg-video-ati (Ubuntu) |
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: compiz
While alt-tabbing with compiz (latest version, 1:0.9.2.
I've noticed crashers like this for a while since i switched over to natty, but most of the time i was getting traces that were mostly "stack smashers" according to smspillaz.
Withi this one, i think i've put the finger on a more probable cause for the crasher. See stacktrace at http://
b#0 0x00fc230b in radeon_
(gdb) bt
#0 0x00fc230b in radeon_
#1 0x00fd272f in r300_texture_
#2 0x00fdd2b4 in r300_resource_
#3 0x00fc0958 in dri2_allocate_
#4 0x00fc1797 in dri_st_
#5 0x00fc1916 in dri_set_tex_buffer2 () from /usr/lib/
#6 0x008fc019 in dri2_bind_tex_image () from /usr/lib/
#7 0x008d3cb6 in __glXBindTexIma
#8 0x006c8a8a in TfpTexture:
#9 0x006c5b3e in boost::
#10 0x006c850a in GLTexture:
#11 0x00c88743 in DecorTexture:
...
dbarth@thinkpad:~$ apt-cache policy libgl1-mesa-dri
libgl1-mesa-dri:
Installed: 7.9+repack-1ubuntu3
Candidate: 7.9+repack-1ubuntu3
Version table:
*** 7.9+repack-1ubuntu3 0
500 http://
100 /var/lib/
To reproduce: alt-tab, and sometimes that will crash
mipmap was enabled, though i've had identical crashers when it was disabled as well.
---
Architecture: i386
CompizPlugins: No value set for `/apps/
CompositorRunning: compiz
DRM.card0.LVDS.1:
status: connected
enabled: enabled
dpms: On
modes: 1400x1050 1400x1050 1280x1024 1280x1024 1280x960 1280x854 1280x800 1280x720 1152x768 1024x768 1024x768 800x600 800x600 848x480 720x480 640x480 640x480
edid-base64: AP/////
DRM.card0.VGA.1:
status: disconnected
enabled: disabled
dpms: On
modes:
edid-base64:
DistUpgraded: Yes, recently upgraded Log time: 2010-11-25 10:04:35.555639
DistroCodename: natty
DistroRelease: Ubuntu 11.04
DistroVariant: ubuntu
GraphicsCard: Subsystem: Lenovo ThinkPad T60p [17aa:2007]
MachineType: LENOVO 200783U
Package: mesa (not installed)
PackageArchitec
PccardctlIdent:
Socket 0:
no product info available
PccardctlStatus:
Socket 0:
no card
PciDisplay: 01:00.0 VGA compatible controller [0300]: ATI Technologies Inc M56GL [Mobility FireGL V5200] [1002:71c4] (prog-if 00 [VGA controller])
ProcEnviron:
LANGUAGE=
PATH=(custom, user)
LANG=en_US.UTF-8
LC_MESSAGES=
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=
ProcKernelCmdLine_: BOOT_IMAGE=
ProcVersionSign
ProcVersionSign
RelatedPackageV
xserver-xorg 1:7.5+6ubuntu6
libgl1-mesa-glx 7.9+repack-1ubuntu3
libdrm2 2.4.22-2ubuntu1
xserver-
xserver-
Renderer: Hardware acceleration
Tags: natty running-unity natty running-unity natty ubuntu
Uname: Linux 2.6.37-11-generic i686
UnitySupportTest:
UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare
XorgConf: Error: [Errno 2] No such file or directory: '/etc/X11/
dmi.bios.date: 09/12/2008
dmi.bios.vendor: LENOVO
dmi.bios.version: 79ETE3WW (2.23 )
dmi.board.name: 200783U
dmi.board.vendor: LENOVO
dmi.board.version: Not Available
dmi.chassis.
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.
dmi.modalias: dmi:bvnLENOVO:
dmi.product.name: 200783U
dmi.product.
dmi.sys.vendor: LENOVO
system: distro = Ubuntu, architecture = i686, kernel = 2.6.37-11-generic
version.libdrm2: libdrm2 2.4.22-2ubuntu1
version.
version.
version.
version.
version.
Related branches
| Bryce Harrington (bryce) wrote : | #1 |
| tags: | added: natty |
| Changed in mesa (Ubuntu): | |
| status: | New → Incomplete |
| David Barth (dbarth) wrote : BootDmesg.txt | #2 |
apport information
| tags: | added: apport-collected running-unity ubuntu |
| description: | updated |
| David Barth (dbarth) wrote : CurrentDmesg.txt | #3 |
apport information
apport information
| David Barth (dbarth) wrote : Dependencies.txt | #5 |
apport information
| David Barth (dbarth) wrote : GconfCompiz.txt | #6 |
apport information
| David Barth (dbarth) wrote : GdmLog.txt | #7 |
apport information
| David Barth (dbarth) wrote : GdmLog1.txt | #8 |
apport information
| David Barth (dbarth) wrote : GdmLog2.txt | #9 |
apport information
| David Barth (dbarth) wrote : Lspci.txt | #10 |
apport information
| David Barth (dbarth) wrote : Lsusb.txt | #11 |
apport information
| David Barth (dbarth) wrote : ProcCpuinfo.txt | #12 |
apport information
| David Barth (dbarth) wrote : ProcCpuinfo_.txt | #13 |
apport information
apport information
apport information
| David Barth (dbarth) wrote : ProcModules.txt | #16 |
apport information
| David Barth (dbarth) wrote : ProcModules_.txt | #17 |
apport information
| David Barth (dbarth) wrote : UdevDb.txt | #18 |
apport information
| David Barth (dbarth) wrote : UdevLog.txt | #19 |
apport information
| David Barth (dbarth) wrote : UdevLog_.txt | #20 |
apport information
| David Barth (dbarth) wrote : XorgLog.txt | #21 |
apport information
| David Barth (dbarth) wrote : XorgLogOld.txt | #22 |
apport information
| David Barth (dbarth) wrote : XorgLogOld_.txt | #23 |
apport information
| David Barth (dbarth) wrote : XorgLog_.txt | #24 |
apport information
| David Barth (dbarth) wrote : Xrandr.txt | #25 |
apport information
apport information
| David Barth (dbarth) wrote : glxinfo.txt | #27 |
apport information
| David Barth (dbarth) wrote : monitors.xml.txt | #28 |
apport information
| David Barth (dbarth) wrote : monitors.xml_.txt | #29 |
apport information
| David Barth (dbarth) wrote : peripherals.txt | #30 |
apport information
| David Barth (dbarth) wrote : xdpyinfo.txt | #31 |
apport information
| David Barth (dbarth) wrote : | #32 |
I can't get a full trace again, and i don't have the last core handy. I'll keep trying today.
| Bryce Harrington (bryce) wrote : | #33 |
This appears to be a more complete backtrace, found via Google:
https:/
| Bryce Harrington (bryce) wrote : | #34 |
Ok, that backtrace makes it pretty plain what's gone wrong:
Code:
_buf = radeon_
if (stride)
*stride = whandle->stride;
if (size)
*size = _buf->base.size;
State:
#0 radeon_
ws = <value optimized out>
_buf = 0x0
So, it's a simple null pointer dereference. Now we have two questions:
* How/why did radeon_
* If that is a permissible return value, the code should check for it. Should it still call radeon_
| Bryce Harrington (bryce) wrote : | #35 |
Well, this is a pretty simpleminded check, but it looks like it might prevent it from crashing at least.
Still doesn't answer why the null pointer got in there to begin with.
We've got a new mesa release coming soon. I poked through the git tree looking for an obvious fix for this issue but didn't spot it. Still, I think the next step would be to test a newer mesa to verify it still has this bug, and then test out if this patch solves it, or just shifts the issue to some other bit of code. (Guessing the latter).
| Bryce Harrington (bryce) wrote : | #36 |
Browsed through the last month's worth of changes to the 7.10 branch for mesa and didn't spot an obvious fix for this issue, however there were several buffer validation patches for radeon, so it wouldn't surprise me if the bug goes away in newer mesa.
If you'd like to test it now, you could install xorg-edgers, which has a packaged snapshot of today's mesa:
https:/
After testing, you can use ppa-purge to restore your system to its pre-edgers state.
Or if you'd prefer, we anticipate the 7.10 final release immanently and expect to have it in natty within the next couple weeks or so.
| Changed in mesa (Ubuntu): | |
| status: | Incomplete → In Progress |
| tags: | added: patch |
| David Barth (dbarth) wrote : | #37 |
I've installed the new mesa packages from xorg-edgers but got a similar crash. Unfortunately, even with the -dbg packages installed i still wasn't able to get correct line numbers.
For reference, here is what i have installed:
dbarth@thinkpad:~$ apt-cache policy libgl1-mesa-dri libgl1-mesa-dri-dbg libgl1-mesa-glx
libgl1-mesa-glx:
Installed: 7.10.0+
Candidate: 7.10.0+
Version table:
*** 7.10.0+
500 http://
100 /var/lib/
7.
500 http://
libgl1-mesa-dri:
Installed: 7.10.0+
Candidate: 7.10.0+
Version table:
*** 7.10.0+
500 http://
100 /var/lib/
7.
500 http://
libgl1-
Installed: 7.10.0+
Candidate: 7.10.0+
Version table:
*** 7.10.0+
500 http://
100 /var/lib/
7.
500 http://
| David Barth (dbarth) wrote : | #38 |
And so the band aid nullptr patch sounds like a good option to me ;)
| David Barth (dbarth) wrote : | #39 |
Not a Unity issue anyway, it's a dri driver crashing us.
| Changed in unity: | |
| status: | New → Invalid |
| David Barth (dbarth) wrote : | #40 |
Not compiz's fault either, though we're all affected.
| Changed in compiz (Ubuntu): | |
| status: | New → Invalid |
| tags: | added: driver unity |
| David Barth (dbarth) wrote : | #41 |
Just adding ubuntu/xorg per the workflow defined with Bryce.
| affects: | xorg (Ubuntu) → xserver-xorg-video-ati (Ubuntu) |
| Bryce Harrington (bryce) wrote : | #42 |
Actually since it's already targeted to mesa, which is an xorg subcomponent, no need to also target xorg or -ati. It's on our radar.
| Changed in xserver-xorg-video-ati (Ubuntu): | |
| status: | New → Invalid |
| Bryce Harrington (bryce) wrote : | #43 |
David, thanks for testing xorg edgers. How's testing of the patch going?
If you need need the patch built into a package, I've stuck it in a PPA for you:
https:/
It usually takes several hours for mesa builds to complete in the PPAs, so check back later.
| David Barth (dbarth) wrote : Re: [Bug 691653] Re: compiz crashes when using alt-tab (the radeon driver kills it) | #44 |
On 01/06/2011 09:43 PM, Bryce Harrington wrote:
> David, thanks for testing xorg edgers. How's testing of the patch
> going?
>
> If you need need the patch built into a package, I've stuck it in a PPA for you:
> https:/
>
> It usually takes several hours for mesa builds to complete in the PPAs,
> so check back later.
Awesome, thanks! I've switched the glx and dri packages to those new
builds (along with the dbg ones). So far so good...
David
| Bryce Harrington (bryce) wrote : | #45 |
Heya David, how's the testing coming along? If you have the laptop here at the rally bring it by the desktop room and I can take a look at it directly for you.
| Bryce Harrington (bryce) wrote : | #46 |
RAOF suggests that re-running the current updates to xorg-edgers (which has a new mesa 7.10) it should still crash but in a different way (in the mipmap code, which will be bug #684745 / FDO #32246).
| Launchpad Janitor (janitor) wrote : | #47 |
This bug was fixed in the package mesa - 7.9+repack-1ubuntu4
---------------
mesa (7.9+repack-
* debian/
winsys buffer.
(LP: #691653)
-- Bryce Harrington <email address hidden> Thu, 06 Jan 2011 14:44:43 -0800
| Changed in mesa (Ubuntu): | |
| status: | In Progress → Fix Released |
| Bryce Harrington (bryce) wrote : | #48 |
I spoke with David in person yesterday and he indicated that after updating to my patched version of mesa, he has no longer seen the crash in several days. So I think we can consider that patch to be a fix for this issue for now. I'll forward this upstream as well.
| Changed in xserver-xorg-video-ati (Ubuntu): | |
| status: | Invalid → New |
| Bryce Harrington (bryce) wrote : | #49 |
I've uploaded the patch to upstream:
https:/
Possibly upstream will prefer fixing this bug some other way, but I think the null pointer check makes the most sense for now.
| Changed in xserver-xorg-video-ati (Ubuntu): | |
| status: | New → Fix Released |
| Changed in mesa: | |
| status: | Unknown → Confirmed |
| Changed in mesa: | |
| importance: | Unknown → High |
| Changed in mesa: | |
| status: | Confirmed → Fix Released |
Please run 'apport-collect 691653', so that it captures your X logs and pci ids and so on.
Also, collect another backtrace using 'bt full' in gdb. That should list out line numbers for the GL calls.
Offhand I wonder if this might be an r300 vs. r300g issue...