Ubuntu
mythtv package

mythfrontend.real crashed with SIGSEGV in QGLWidget::resizeEvent()

Bug #355242 reported by Paul Broadhead
58
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Mesa
Fix Released
Medium
mesa (Ubuntu)
Fix Released
High
Mario Limonciello
Ubuntu ubuntu-9.04
Jaunty
Fix Released
High
Mario Limonciello
Ubuntu ubuntu-9.04
mythtv (Ubuntu)
Invalid
Medium
Unassigned
Jaunty
Invalid
Medium
Unassigned

Bug Description

Binary package hint: mythtv-frontend

Description: Ubuntu jaunty (development branch)
Release: 9.04

mythtv-frontend:
  Installed: 0.21.0+fixes19961-0ubuntu8
  Candidate: 0.21.0+fixes19961-0ubuntu8
  Version table:
 *** 0.21.0+fixes19961-0ubuntu8 0
        500 http://gb.archive.ubuntu.com jaunty/multiverse Packages
        100 /var/lib/dpkg/status

When I start mythtv front end, I expect the application to start. Instead it crashes before anything appears on screen.

I have been experiencing problems with fonts not displaying (bug #341898). The work around previously had been to disable dri in my xorg.conf file (attached). After the latest jaunty updates, this workaround often results in this crash. The crash does not happen all the time but most times.

This machine is a thinkpad X31 using "ATI Technologies Inc Radeon Mobility M6 LY" graphics.

ProblemType: Crash
Architecture: i386
DistroRelease: Ubuntu 9.04
ExecutablePath: /usr/bin/mythfrontend.real
Package: mythtv-frontend 0.21.0+fixes19961-0ubuntu8
ProcCmdline: /usr/bin/mythfrontend.real --logfile /var/log/mythtv/mythfrontend.log
ProcEnviron:
 LANG=en_GB.UTF-8
 SHELL=/bin/bash
Signal: 11
SourcePackage: mythtv
StacktraceTop:
 ?? ()
 QGLWidget::resizeEvent () from /usr/lib/libqt-mt.so.3
 QWidget::event () from /usr/lib/libqt-mt.so.3
 QApplication::internalNotify () from /usr/lib/libqt-mt.so.3
 QApplication::notify () from /usr/lib/libqt-mt.so.3
Title: mythfrontend.real crashed with SIGSEGV in QGLWidget::resizeEvent()
Uname: Linux 2.6.28-11-generic i686
UserGroups: adm admin cdrom dialout lpadmin mythtv plugdev sambashare

See original description

Related branches

lp:ubuntu/karmic/mesa
Revision history for this message
Paul Broadhead (pjbroad) wrote :

Binary package hint: mythtv-frontend

Description: Ubuntu jaunty (development branch)
Release: 9.04

mythtv-frontend:
  Installed: 0.21.0+fixes19961-0ubuntu8
  Candidate: 0.21.0+fixes19961-0ubuntu8
  Version table:
 *** 0.21.0+fixes19961-0ubuntu8 0
        500 http://gb.archive.ubuntu.com jaunty/multiverse Packages
        100 /var/lib/dpkg/status

When I start mythtv front end, I expect the application to start. Instead it crashes before anything appears on screen.

I have been experiencing problems with fonts not displaying (bug #341898). The work around previously had been to disable dri in my xorg.conf file (attached). After the latest jaunty updates, this workaround often results in this crash. The crash does not happen all the time but most times.

This machine is a thinkpad X31 using "ATI Technologies Inc Radeon Mobility M6 LY" graphics.

ProblemType: Crash
Architecture: i386
DistroRelease: Ubuntu 9.04
ExecutablePath: /usr/bin/mythfrontend.real
Package: mythtv-frontend 0.21.0+fixes19961-0ubuntu8
ProcCmdline: /usr/bin/mythfrontend.real --logfile /var/log/mythtv/mythfrontend.log
ProcEnviron:
 LANG=en_GB.UTF-8
 SHELL=/bin/bash
Signal: 11
SourcePackage: mythtv
StacktraceTop:
 ?? ()
 QGLWidget::resizeEvent () from /usr/lib/libqt-mt.so.3
 QWidget::event () from /usr/lib/libqt-mt.so.3
 QApplication::internalNotify () from /usr/lib/libqt-mt.so.3
 QApplication::notify () from /usr/lib/libqt-mt.so.3
Title: mythfrontend.real crashed with SIGSEGV in QGLWidget::resizeEvent()
Uname: Linux 2.6.28-11-generic i686
UserGroups: adm admin cdrom dialout lpadmin mythtv plugdev sambashare

Revision history for this message
Paul Broadhead (pjbroad) wrote :
Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt (retraced)

StacktraceTop:?? ()
QGLWidget::resizeEvent (this=0x8d2bf50)
QWidget::event (this=0x8d7ae40, e=0x8d7a978)
QApplication::internalNotify (this=0xbfa608a0,
QApplication::notify (this=0xbfa608a0, receiver=0x8d7ae40,

Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt (retraced)
Changed in mythtv (Ubuntu):
importance: Undecided → Medium
tags: removed: need-i386-retrace
Paul Broadhead (pjbroad)
visibility: private → public
Revision history for this message
Paul Broadhead (pjbroad) wrote :

One further comment. If I run "gdb mythfrontend.real" the program terminates with a SIGILL rather than SIGSEGV as reported by apport. The stacktrace is the same as for apport.

Revision history for this message
Mario Limonciello (superm1) wrote :

OK, so this is *again* caused by a mesa problem. Downgrading to mesa 7.3-1ubuntu4 makes it go away for me. Something happened in the latest mesa release to break this.

Revision history for this message
Mario Limonciello (superm1) wrote :

Marking this confirmed since i've now reproduced it too

Changed in mesa (Ubuntu):
status: New → Confirmed
Mario Limonciello (superm1)
Changed in mythtv (Ubuntu):
status: New → Invalid
Revision history for this message
Bryce Harrington (bryce) wrote :

Attach Xorg.0.log and lspci -vvnn output please.

mesa 7.4 has a lot of i965 updates, so it would be useful to determine if this bug is more likely to be caused by something in those changes, or to one of the other drivers, or to the general mesa code changes.

Revision history for this message
Mario Limonciello (superm1) wrote :

i can actually reproduce it with vesa in virtualbox. here's virtualbox's lspci

Revision history for this message
Mario Limonciello (superm1) wrote :
Revision history for this message
Mario Limonciello (superm1) wrote :

So I went through a bisect session today, i'm attaching my bisect log. It claims that fe5328bfad063f2ccbcafa2cebe6971d7e8e1db7 is the first bad commit in mesa, but simply reverting that commit doesn't do the trick. There appears to be other (possibly related) commits that are causing problems.

Bug Watch Updater (bug-watch-updater)
Changed in mesa:
status: Unknown → Confirmed
Mario Limonciello (superm1)
tags: added: regression-potential
Changed in mesa (Ubuntu):
assignee: nobody → Timo Aaltonen (tjaalton)
Revision history for this message
Mario Limonciello (superm1) wrote :

I redid my bisection skipping that commit (it was a comment change only), and actually the first bad commit is d2fe466ef3141cf32ecdb474a964e22a1a330638

Reverting this also doesn't help, but this is where the problems started.

Revision history for this message
Mario Limonciello (superm1) wrote :

I've also tested the mesa_7_4 branch as late as commit 49e0c74ddd91900fc4effb6d305d56e0563b456d but the problem still occurs there.

Revision history for this message
Mario Limonciello (superm1) wrote :

To try to narrow down affected hardware for this bug:

This fails w/ mesa 7.4 on the following hardware that i've tested:
 - r300 w/o DRI
 - VESA
 - NV

Bryce Harrington (bryce)
Changed in mesa (Ubuntu):
importance: Undecided → High
milestone: none → ubuntu-9.04
status: Confirmed → In Progress
Revision history for this message
Jack Wasey (jackwasey) wrote :

also affects ATI Technologies Inc RV380 0x3e50 [Radeon X600]

Revision history for this message
Paul Broadhead (pjbroad) wrote :

affects by "ATI Technologies Inc Radeon Mobility M6 LY" (DRI off).
I'm ashamed to say I do not know which driver that is, how can I find out?

Revision history for this message
In , Mario Limonciello (superm1) wrote :

*** Bug 21131 has been marked as a duplicate of this bug. ***

Mario Limonciello (superm1)
Changed in mesa (Ubuntu):
assignee: Timo Aaltonen (tjaalton) → Mario Limonciello (superm1)
status: In Progress → Fix Committed
Revision history for this message
Mario Limonciello (superm1) wrote :

Until this is on the archive, you can use my ppa at https://edge.launchpad.net/~superm1/+archive/ppa

Note this is still broke for radeon w/ DRI (thats bug 341898) but i am still investigating that.

Revision history for this message
Paul Broadhead (pjbroad) wrote :

> Until this is on the archive, you can use my ppa at https://edge.launchpad.net/~superm1/+archive/ppa

Your package has fixed the bug for me. Thanks for all your hard work Mario.

Bug Watch Updater (bug-watch-updater)
Changed in mesa:
status: Confirmed → Invalid
Mario Limonciello (superm1)
Changed in mesa:
status: Invalid → Unknown
Bug Watch Updater (bug-watch-updater)
Changed in mesa:
status: Unknown → Confirmed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mesa - 7.4-0ubuntu2

---------------
mesa (7.4-0ubuntu2) jaunty; urgency=low

  * Add 105_glXWaitX_segfaults.patch. Resolves segfaults from unitialized
    variables when using swrast based drivers. (LP: #355242)

 -- Mario Limonciello <email address hidden> Wed, 15 Apr 2009 01:03:30 -0500

Changed in mesa (Ubuntu Jaunty):
status: Fix Committed → Fix Released
Revision history for this message
In , Alf-mypals (alf-mypals) wrote :

(In reply to comment #0)
> I'm using Mesa 7.4, which isn't in the list of versions for some reason. I'm
> also using Gentoo, with xorg-server 1.5.3, and was seeing the crash when
> starting mythfrontend from MythTV 0.21.something.

I saw the same problem in a system based on Linux From Scratch. In my case the problem was reproducible 100% of the time with Mesa 7.4 and 7.4.1. The patch, however, fixed the problem.

Even though I am a "me too" player in this project, may I recommend the patch be added to the next release (7.4.2 and/or 7.5)?

Revision history for this message
In , Shi-minjue (shi-minjue) wrote :
Download full text (3.9 KiB)

the bug exists in mesa 7.4.2, 7.5, 7.6 and the git checkout on May 14, here is the debug info from valgrind, and the crash can be reproduced by the gears.cc program which is an example file of gtkglextmm.
-----------------------------------------------------------------------------------------
==3503== ERROR SUMMARY: 3 errors from 2 contexts (suppressed: 275 from 5)
==3503==
==3503== 1 errors in context 1 of 2:
==3503== Conditional jump or move depends on uninitialised value(s)
==3503== at 0x5F8BF98: glXWaitGL (glxcmds.c:620)
==3503== by 0x5AD6730: _gdk_gl_context_destroy (gdkglcontext-x11.c:95)
==3503== by 0x5ABA8B1: gdk_gl_context_destroy (gdkglcontext.c:118)
==3503== by 0x5243BC1: gtk_gl_widget_unrealize (gtkglwidget.c:149)
==3503== by 0x9CB211C: g_closure_invoke (gclosure.c:767)
==3503== by 0x9CC5C2A: signal_emit_unlocked_R (gsignal.c:3247)
==3503== by 0x9CC7021: g_signal_emit_valist (gsignal.c:2980)
==3503== by 0x9CC74F2: g_signal_emit (gsignal.c:3037)
==3503== by 0x792ED61: gtk_widget_unrealize (in
/usr/lib/libgtk-x11-2.0.so.0.1600.1)
==3503== by 0x7934ABC: gtk_widget_unparent (in
/usr/lib/libgtk-x11-2.0.so.0.1600.1)
==3503== by 0x783C257: (within /usr/lib/libgtk-x11-2.0.so.0.1600.1)
==3503== by 0x9CB211C: g_closure_invoke (gclosure.c:767)
==3503== Uninitialised value was created by a heap allocation
==3503== at 0x4C2391E: malloc (vg_replace_malloc.c:207)
==3503== by 0x5FACEFD: driCreateScreen (drisw_glx.c:362)
==3503== by 0x5F8DDEE: __glXInitialize (glxext.c:622)
==3503== by 0x5F8918C: GetGLXPrivScreenConfig (glxcmds.c:183)
==3503== by 0x5F8A00E: glXChooseVisual (glxcmds.c:1304)
==3503== by 0x5AD60CB: gdk_gl_config_new_common (gdkglconfig-x11.c:519)
==3503== by 0x5ABA1EE: gdk_gl_config_new_rgb (gdkglconfig.c:193)
==3503== by 0x5ABA316: gdk_gl_config_new_by_mode_common (gdkglconfig.c:210)
==3503== by 0x503A75A: Gdk::GL::Config::create(Gdk::GL::ConfigMode)
(in /usr/lib/libgdkglextmm-x11-1.2.so.0.0.0)
==3503== by 0x4149FB: SurfaceView::SurfaceView(bool) (SurfaceView.cc:81)
==3503== by 0x415171: MechanicalSystemUi::MechanicalSystemUi() (Ui.cc:19)
==3503== by 0x40E1D0: main (main.cc:66)
==3503==
==3503== 2 errors in context 2 of 2:
==3503== Conditional jump or move depends on uninitialised value(s)
==3503== at 0x5F8BE57: glXWaitX (glxcmds.c:659)
==3503== by 0x9CB211C: g_closure_invoke (gclosure.c:767)
==3503== by 0x9CC5C2A: signal_emit_unlocked_R (gsignal.c:3247)
==3503== by 0x9CC7021: g_signal_emit_valist (gsignal.c:2980)
==3503== by 0x9CC74F2: g_signal_emit (gsignal.c:3037)
==3503== by 0x792D269: gtk_widget_size_allocate (in
/usr/lib/libgtk-x11-2.0.so.0.1600.1)
==3503== by 0x783F157: (within /usr/lib/libgtk-x11-2.0.so.0.1600.1)
==3503== by 0x9CB206E: g_closure_invoke (gclosure.c:767)
==3503== by 0x9CC5512: signal_emit_unlocked_R (gsignal.c:3177)
==3503== by 0x9CC7021: g_signal_emit_valist (gsignal.c:2980)
==3503== by 0x9CC74F2: g_signal_emit (gsignal.c:3037)
==3503== by 0x792D269: gtk_widget_size_allocate (in
/usr/lib/libgtk-x11-2.0.so.0.1600.1)
==3503== Uninitialised value was created by a heap allocation
==3503== at 0x4C2391...

Read more...

Revision history for this message
In , Michel Dänzer (michel-daenzer) wrote :

Fix pushed to the 7.5 and 7.4 branches, thanks.

Bug Watch Updater (bug-watch-updater)
Changed in mesa:
status: Confirmed → Fix Released
Ubuntu QA Website (ubuntuqa)
tags: added: iso-testing
Bug Watch Updater (bug-watch-updater)
Changed in mesa:
importance: Unknown → Medium
Bug Watch Updater (bug-watch-updater)
Changed in mesa:
importance: Medium → Unknown
Bug Watch Updater (bug-watch-updater)
Changed in mesa:
importance: Unknown → Medium
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.