Bug 91570

Summary: Upgrading mesa to 10.6 causes segfault in OpenGL applications with GeForce4 MX 440 / AGP 8X
Product: Mesa Reporter: omelette <omelette>
Component: Drivers/DRI/nouveauAssignee: Nouveau Project <nouveau>
Status: RESOLVED FIXED QA Contact: Nouveau Project <nouveau>
Severity: major    
Priority: medium    
Version: 10.6   
Hardware: x86 (IA32)   
OS: Linux (All)   
Whiteboard:
i915 platform: i915 features:
Attachments: dmesg kernel log
full backtrace from a SDL2 test application
initial patch

Description omelette 2015-08-05 20:58:15 UTC 
OpenGL applications work fine with mesa 10.5
Comment 1 Ilia Mirkin 2015-08-05 21:03:20 UTC 
Please supply information.
Comment 2 omelette 2015-08-05 21:21:06 UTC 
(In reply to Ilia Mirkin from comment #1)
> Please supply information.

Which kind of information?
Comment 3 Ilia Mirkin 2015-08-05 21:25:19 UTC 
http://nouveau.freedesktop.org/wiki/Bugs/
Comment 4 omelette 2015-08-05 21:36:22 UTC 
Created attachment 117551 [details]
dmesg kernel log
Comment 5 omelette 2015-08-05 21:37:20 UTC 
(In reply to Ilia Mirkin from comment #3)
> http://nouveau.freedesktop.org/wiki/Bugs/

Thank you, I attached the kernel log to the bug report
Comment 6 Ilia Mirkin 2015-08-05 21:42:06 UTC 
Do applications other than mpv fail? What about glxinfo? Can you get backtraces from gdb?
Comment 7 Ilia Mirkin 2015-08-05 21:42:33 UTC 
Errr, I meant to say "what about glxgears". However glxinfo could also prove instructive.
Comment 8 omelette 2015-08-05 21:54:32 UTC 
UrbanTerror also fails and I assume other applications requiring hardware accelleration.

>$ glxinfo
>name of display: :0
>Segmentation fault (core dumped)

>$ glxgears
>Segmentation fault (core dumped)

>Can you get backtraces from gdb?

#0  0x951bec92 in ?? () from /usr/lib/xorg/modules/dri/nouveau_vieux_dri.so
No symbol table info available.
#1  0x951bed7e in ?? () from /usr/lib/xorg/modules/dri/nouveau_vieux_dri.so
No symbol table info available.
#2  0x95457134 in ?? () from /usr/lib/xorg/modules/dri/nouveau_vieux_dri.so
No symbol table info available.
#3  0x954539b2 in ?? () from /usr/lib/xorg/modules/dri/nouveau_vieux_dri.so
No symbol table info available.
#4  0x9544a2fc in ?? () from /usr/lib/xorg/modules/dri/nouveau_vieux_dri.so
No symbol table info available.
#5  0x95316bf3 in ?? () from /usr/lib/xorg/modules/dri/nouveau_vieux_dri.so
No symbol table info available.
#6  0x95316d5f in ?? () from /usr/lib/xorg/modules/dri/nouveau_vieux_dri.so
No symbol table info available.
#7  0x957ec4ae in ?? () from /usr/lib/libGL.so.1
No symbol table info available.
#8  0x957c1578 in ?? () from /usr/lib/libGL.so.1
No symbol table info available.
#9  0x957c183e in glXCreateContext () from /usr/lib/libGL.so.1
No symbol table info available.
#10 0xb7f4bf3f in ?? () from /usr/lib/libSDL-1.2.so.0
No symbol table info available.
#11 0xb7f51a01 in ?? () from /usr/lib/libSDL-1.2.so.0
No symbol table info available.
#12 0xb7f51fbd in ?? () from /usr/lib/libSDL-1.2.so.0
No symbol table info available.
#13 0xb7f3f3bf in SDL_SetVideoMode () from /usr/lib/libSDL-1.2.so.0
No symbol table info available.
#14 0x0819cec4 in GLW_StartDriverAndSetMode ()
No symbol table info available.

this is the backtrace I get when trying to run urbanterror
Comment 9 Ilia Mirkin 2015-08-05 21:57:11 UTC 
Can you get debug symbols to make that backtrace a bit more interesting? Some distros package them separately.
Comment 10 omelette 2015-08-05 22:47:30 UTC 
I'll have to recompile the packages with debug symbols, but I can do it if it's necessary
Comment 11 omelette 2015-08-06 08:51:44 UTC 
Here's the backtrace from glxgears


(gdb) bt full
#0  0xb74eabc3 in _tnl_InvalidateState (ctx=0xb7fb7008, new_state=4294967295) at tnl/t_context.c:195
        scale = {0, 0, 0.5}
        translate = {0, 0, 0.5}
        tnl = 0x80c1bd8
        vp = 0x0
        fp = 0x0
        i = 2
#1  0xb74eac26 in _tnl_wakeup (ctx=0xb7fb7008) at tnl/t_context.c:205
No locals.
#2  0xb7810015 in nv10_swtnl_init (ctx=0xb7fb7008) at nouveau_swtnl_t.c:341
        tnl = 0x80c1bd8
#3  0xb780d0d5 in nv10_context_create (screen=0x8065b18, api=API_OPENGL_COMPAT, visual=0x80704a8, share_ctx=0x0) at nv10_context.c:487
        nctx = 0xb7fb7008
        ctx = 0xb7fb7008
        celsius_class = 153
        ret = 0
#4  0xb78000ed in nouveau_context_create (api=API_OPENGL_COMPAT, visual=0x80704a8, dri_ctx=0x805acd0, major_version=1, minor_version=0, flags=0, notify_reset=false, 
    error=0xbffff4d8, share_ctx=0x0) at nouveau_context.c:76
        dri_screen = 0x8065a20
        screen = 0x8065b18
        nctx = 0xb7c288cf <calloc+191>
        ctx = 0x80796b8
#5  0xb76acf37 in driCreateContextAttribs (screen=0x8065a20, api=0, config=0x80704a8, shared=0x0, num_attribs=0, attribs=0x0, error=0xbffff4d8, data=0x805abe8) at dri_util.c:433
        context = 0x805acd0
        modes = 0x80704a8
        shareCtx = 0x0
        mesa_api = API_OPENGL_COMPAT
        major_version = 1
        minor_version = 0
        flags = 0
        notify_reset = false
        allowed_flags = 7
#6  0xb76ad025 in driCreateNewContextForAPI (screen=0x8065a20, api=0, config=0x80704a8, shared=0x0, data=0x805abe8) at dri_util.c:462
        error = 96584
#7  0xb76ad061 in driCreateNewContext (screen=0x8065a20, config=0x80704a8, shared=0x0, data=0x805abe8) at dri_util.c:470
No locals.
#8  0xb7f5792e in dri2_create_context (base=0x805ab58, config_base=0x8077788, shareList=0x0, renderType=32788) at dri2_glx.c:223
        pcp = 0x805abe8
        pcp_shared = 0xb7f1112c
        psc = 0x805ab58
        config = 0x8077788
        shared = 0x0
#9  0xb7f1d5cd in CreateContext (dpy=0x804e008, generic_id=225, config=0x8077788, shareList_user=0x0, allowDirect=1, code=3, renderType=32788, screen=0) at glxcmds.c:299
        gc = 0x0
        psc = 0x805ab58
        shareList = 0x0
#10 0xb7f1d9ef in glXCreateContext (dpy=0x804e008, vis=0x805af98, shareList=0x0, allowDirect=1) at glxcmds.c:430
        config = 0x8077788
        renderType = 32788
        psc = 0x805ab58
#11 0x0804b19c in ?? ()
No symbol table info available.
#12 0x0804936e in ?? ()
No symbol table info available.
#13 0xb7bcd637 in __libc_start_main () from /usr/lib/libc.so.6
No symbol table info available.
#14 0x08049cf3 in ?? ()
No symbol table info available.
Comment 12 omelette 2015-08-06 09:09:30 UTC 
Backtrace from urbanterror

#0  0x95151bc3 in _tnl_InvalidateState (ctx=0x95a86008, new_state=4294967295) at tnl/t_context.c:195
        scale = {0, 0, 0.5}
        translate = {0, 0, 0.5}
        tnl = 0x8cc1e48
        vp = 0x0
        fp = 0x0
        i = 2
#1  0x95151c26 in _tnl_wakeup (ctx=0x95a86008) at tnl/t_context.c:205
No locals.
#2  0x95477015 in nv10_swtnl_init (ctx=0x95a86008) at nouveau_swtnl_t.c:341
        tnl = 0x8cc1e48
#3  0x954740d5 in nv10_context_create (screen=0x8c61998, api=API_OPENGL_COMPAT, visual=0x8c66d58, share_ctx=0x0) at nv10_context.c:487
        nctx = 0x95a86008
        ctx = 0x95a86008
        celsius_class = 153
        ret = 0
#4  0x954670ed in nouveau_context_create (api=API_OPENGL_COMPAT, visual=0x8c66d58, dri_ctx=0x8c64da0, major_version=1, minor_version=0, flags=0, notify_reset=false, 
    error=0xbfffdc18, share_ctx=0x0) at nouveau_context.c:76
        dri_screen = 0x8c64dc0
        screen = 0x8c61998
        nctx = 0xb7c068cf <calloc+191>
        ctx = 0x8c78ca8
#5  0x95313f37 in driCreateContextAttribs (screen=0x8c64dc0, api=0, config=0x8c66d58, shared=0x0, num_attribs=0, attribs=0x0, error=0xbfffdc18, data=0x8c5b610) at dri_util.c:433
        context = 0x8c64da0
        modes = 0x8c66d58
        shareCtx = 0x0
        mesa_api = API_OPENGL_COMPAT
        major_version = 1
        minor_version = 0
        flags = 0
        notify_reset = false
        allowed_flags = 7
#6  0x95314025 in driCreateNewContextForAPI (screen=0x8c64dc0, api=0, config=0x8c66d58, shared=0x0, data=0x8c5b610) at dri_util.c:462
        error = 107352
#7  0x95314061 in driCreateNewContext (screen=0x8c64dc0, config=0x8c66d58, shared=0x0, data=0x8c5b610) at dri_util.c:470
No locals.
#8  0x957ed92e in dri2_create_context (base=0x8c30018, config_base=0x8c787a0, shareList=0x0, renderType=32788) at dri2_glx.c:223
        pcp = 0x8c5b610
        pcp_shared = 0x8c17590
        psc = 0x8c30018
        config = 0x8c787a0
        shared = 0x0
#9  0x957b35cd in CreateContext (dpy=0x8c22508, generic_id=256, config=0x8c787a0, shareList_user=0x0, allowDirect=1, code=3, renderType=32788, screen=0) at glxcmds.c:299
        gc = 0x0
        psc = 0x8c30018
        shareList = 0x0
#10 0x957b39ef in glXCreateContext (dpy=0x8c22508, vis=0x8c5ad00, shareList=0x0, allowDirect=1) at glxcmds.c:430
        config = 0x8c787a0
        renderType = 32788
        psc = 0x8c30018
#11 0xb7f4bb5f in X11_GL_CreateContext (this=0x8c17100) at ./src/video/x11/SDL_x11gl.c:268
No locals.
#12 0xb7f51bfd in X11_CreateWindow (this=this@entry=0x8c17100, screen=screen@entry=0x8c32e58, w=w@entry=640, h=480, bpp=32, flags=2147483650) at ./src/video/x11/SDL_x11video.c:1065
        i = <optimized out>
        depth = 24
        vis = <optimized out>
        vis_change = <optimized out>
        Amask = <optimized out>
#13 0xb7f521f0 in X11_SetVideoMode (this=0x8c17100, current=0x8c32e58, width=640, height=480, bpp=32, flags=2147483650) at ./src/video/x11/SDL_x11video.c:1181
        saved_flags = 0
#14 0xb7f3ee20 in SDL_SetVideoMode (width=640, height=480, bpp=32, flags=2147483650) at ./src/video/SDL_video.c:683
        video = <optimized out>
        this = <optimized out>
        prev_mode = 0x8c32e58
        mode = <optimized out>
        video_w = 640
        video_h = 480
        video_bpp = 32
        is_opengl = <optimized out>
#15 0x0819cec4 in GLW_StartDriverAndSetMode ()
No symbol table info available.
Comment 13 omelette 2015-08-06 10:09:57 UTC 
Created attachment 117557 [details]
full backtrace from a SDL2 test application

Attached is a gdb backtrace from a SDL2 hello world application with all debug symbols
Comment 14 Ilia Mirkin 2015-08-06 16:03:11 UTC 
Can you do "p tnl->_WindowMap" and "p ctx->DrawBuffer" in gdb?

I suspect this is due to commit 29e6c7dbc5bacf4f2b741333ac56469a00164e65, which added the code, but I don't see why it would be bad... maybe there's no DrawBuffer bound?
Comment 15 omelette 2015-08-06 18:06:56 UTC 
(gdb) p tnl->_WindowMap
$1 = {m = 0x821dde0, inv = 0x821de50, flags = 0, type = MATRIX_IDENTITY}

(gdb) p ctx->DrawBuffer
$2 = (struct gl_framebuffer *) 0x0
Comment 16 Ilia Mirkin 2015-08-06 18:16:01 UTC 
Created attachment 117570 [details] [review]
initial patch

This patch should help you get going. Not sure if it's the right thing though.
Comment 17 omelette 2015-08-06 20:27:15 UTC 
(In reply to Ilia Mirkin from comment #16)
> Created attachment 117570 [details] [review] [review]
> initial patch
> 
> This patch should help you get going. Not sure if it's the right thing
> though.

Alright, this works. Thank you very much.
Comment 18 Ilia Mirkin 2015-08-15 23:09:06 UTC 
I pushed an alternate version of the patch which just avoids the call to tnl_wakeup entirely, it shouldn't be necessary. The patch should be cherry-picked into the next 10.6.x release.
Comment 19 omelette 2015-08-19 10:32:51 UTC 
(In reply to Ilia Mirkin from comment #18)
> I pushed an alternate version of the patch which just avoids the call to
> tnl_wakeup entirely, it shouldn't be necessary. The patch should be
> cherry-picked into the next 10.6.x release.

Great, thank you again for patching this.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.