Bug 181467 - kudzu Segmentation fault [x86_64/x86emu]
kudzu Segmentation fault [x86_64/x86emu]
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: kudzu (Show other bugs)
rawhide
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: Bill Nottingham
David Lawrence
:
: 182353 183128 184397 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-02-14 09:14 EST by Ronald Warsow
Modified: 2014-03-16 22:58 EDT (History)
7 users (show)

See Also:
Fixed In Version: 1.2.31-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-21 14:36:45 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
output from gdb kudzu (1.10 KB, text/plain)
2006-02-14 09:16 EST, Ronald Warsow
no flags Details
strace for 1.2.29 (26.97 KB, text/plain)
2006-02-15 10:25 EST, Sammy
no flags Details
strace for 1.2.25 (56.58 KB, text/plain)
2006-02-15 10:25 EST, Sammy
no flags Details
test program (1.28 MB, application/octet-stream)
2006-02-20 15:21 EST, Bill Nottingham
no flags Details

  None (edit)
Description Ronald Warsow 2006-02-14 09:14:26 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.0.1) Gecko/20060210 Fedora/1.5.0.1-3 Firefox/1.5.0.1

Description of problem:
kudzu Segmentation fault on startup or if you do service kudzu start

Version-Release number of selected component (if applicable):
kudzu-1.2.28-1 kernel-2.6.15-1.1948_FC5

How reproducible:
Always

Steps to Reproduce:
1.service kudzu start
2.
3.
  

Actual Results:  Checking for hardware changes/etc/init.d/kudzu: line 23:  3377 Segmentation fault      /sbin/kudzu $KUDZU_ARGS
                                                           [FAILED]


Expected Results:  find new hardware, if there one. if not exits normal. maybe writes hwconf, modprobe.conf if exists

Additional info:

searching bugzilla gives some hints running gdb kudzu
s. attachement for output
Comment 1 Ronald Warsow 2006-02-14 09:16:49 EST
Created attachment 124615 [details]
output from gdb kudzu

maybe it's usefull
Comment 2 Sammy 2006-02-14 09:57:26 EST
I can confirm this on my x86_64 as well. Going back to yesterday fixes the
problem.
Comment 3 Bill Nottingham 2006-02-14 12:07:28 EST
Can you get a backtrace with kudzu-debuginfo installed? That one looks odd.
Comment 4 Ronald Warsow 2006-02-15 06:17:17 EST
yes, I can get a backtrace, but how do I do this ?
Comment 5 Sammy 2006-02-15 10:23:58 EST
I have some additional info. kudzu-1.2.29 is also segfaulting. I rebuilt the
rpms using today's gcc-4.1.0-0.27 and it still segfaults. The gdb output sais:

===================================================
Program received signal SIGSEGV, Segmentation fault.

rdb (addr=13610) at sys.c: 232
232          HALT_SYS();
====================================================

I rebuilt kudzu 1.2.25 using the same compiler and it works fine, so it does
not seem to be gcc.

I also did two straces of "strace -o file ./kudzu start" in /etc/rc.d/init.d.
There are some differences, may be it will make sense to you.
Comment 6 Sammy 2006-02-15 10:25:07 EST
Created attachment 124686 [details]
strace for 1.2.29
Comment 7 Sammy 2006-02-15 10:25:40 EST
Created attachment 124687 [details]
strace for 1.2.25
Comment 8 Bill Nottingham 2006-02-15 12:46:40 EST
I'm assuming downloading and running http://people.redhat.com/notting/ddc-fu
also segfaults?

For getting a stack trace, please see http://fedoraproject.org/wiki/StackTraces
Comment 9 Sammy 2006-02-15 14:06:01 EST
Yes ddc-fu segfaults AND both ddc-fu and running ./kudzu start in init.d
result in the whole screen filled with some garbled image. Doing ctrl+alt+f1
and back ctrl+alt+f7 clears the screen.
Comment 10 Bill Nottingham 2006-02-15 17:03:10 EST
For those seeing this, what sort of video hardware do you have?
Comment 11 Sammy 2006-02-15 20:17:18 EST
Happens on x86_64 only. Hardware:

Graphics card: NVIDIA Quadro FX 1400
=====================================================================
Monitor: Dell 2405FP (24 inch LCD, connected to dvi, mouse and keyboard 
                      connected to monitor usb ports)

    HorizSync       30.0 - 81.0
    VertRefresh     56.0 - 76.0
    ModeLine       "1920x1200" 154.0 1920 1968 2000 2080 1200 1203 1209 1235
+hsync -vsync
    ModeLine       "1600x1200" 161.0 1600 1704 1880 2160 1200 1201 1204 1242
-hsync +vsync
    ModeLine       "1280x1024" 138.5 1280 1368 1504 1728 1024 1025 1028 1069
-hsync +vsync
============================================================================

lspci -vvv output for video
01:00.0 VGA compatible controller: nVidia Corporation NV41GL [Quadro FX 1400]
(rev a2) (prog-if 00 [VGA])
        Subsystem: nVidia Corporation Unknown device 0243
        Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B-
        Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR-
        Latency: 0
        Interrupt: pin A routed to IRQ 169
        Region 0: Memory at fc000000 (32-bit, non-prefetchable) [size=16M]
        Region 1: Memory at f0000000 (64-bit, prefetchable) [size=128M]
        Region 3: Memory at fd000000 (64-bit, non-prefetchable) [size=16M]
        [virtual] Expansion ROM at fea00000 [disabled] [size=128K]
        Capabilities: [60] Power Management version 2
                Flags: PMEClk- DSI- D1- D2- AuxCurrent=0mA
PME(D0-,D1-,D2-,D3hot-,D3cold-)
                Status: D0 PME-Enable- DSel=0 DScale=0 PME-
        Capabilities: [68] Message Signalled Interrupts: 64bit+ Queue=0/0 Enable-
                Address: 0000000000000000  Data: 0000
        Capabilities: [78] Express Endpoint IRQ 0
                Device: Supported: MaxPayload 128 bytes, PhantFunc 0, ExtTag-
                Device: Latency L0s <512ns, L1 <4us
                Device: AtnBtn- AtnInd- PwrInd-
                Device: Errors: Correctable- Non-Fatal+ Fatal+ Unsupported-
                Device: RlxdOrd+ ExtTag- PhantFunc- AuxPwr- NoSnoop+
                Device: MaxPayload 128 bytes, MaxReadReq 512 bytes
                Link: Supported Speed 2.5Gb/s, Width x16, ASPM L0s, Port 0
                Link: Latency L0s <256ns, L1 <16us
                Link: ASPM Disabled RCB 128 bytes CommClk+ ExtSynch-
                Link: Speed 2.5Gb/s, Width x16
        Capabilities: [100] Virtual Channel
        Capabilities: [128] Power Budgeting

Comment 12 Alexandre Oliva 2006-02-16 01:09:08 EST
NV17 [nVidia Geforce4 420 Go 32M (rev a3)], 1280x800 notebook display.
Comment 13 Ronald Warsow 2006-02-16 06:19:42 EST
here is my trace:
(gdb) run
Starting program: /sbin/kudzu

Program received signal SIGSEGV, Segmentation fault.
rdb (addr=12288) at sys.c:232
232                     HALT_SYS();


my video hardware is (lspci -vvv): 
01:00.0 VGA compatible controller: nVidia Corporation NV34 [GeForce FX 5200]
(rev a1) (prog-if 00 [VGA])
        Subsystem: ASUSTeK Computer Inc. Unknown device 8180
        Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop+ ParErr-
Stepping- SERR- FastB2B-
        Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort-
<TAbort- <MAbort- >SERR- <PERR-
        Latency: 64 (1250ns min, 250ns max)
        Interrupt: pin A routed to IRQ 11
        Region 0: Memory at fb000000 (32-bit, non-prefetchable) [size=16M]
        Region 1: Memory at f0000000 (32-bit, prefetchable) [size=128M]
        Expansion ROM at faf00000 [disabled] [size=128K]
        Capabilities: [60] Power Management version 2
                Flags: PMEClk- DSI- D1- D2- AuxCurrent=0mA
PME(D0-,D1-,D2-,D3hot-,D3cold-)
                Status: D0 PME-Enable- DSel=0 DScale=0 PME-
        Capabilities: [44] AGP version 3.0
                Status: RQ=32 Iso- ArqSz=0 Cal=3 SBA+ ITACoh- GART64- HTrans-
64bit- FW+ AGP3+ Rate=x4,x8
                Command: RQ=1 ArqSz=0 Cal=0 SBA- AGP- GART64- 64bit- FW- Rate=<none>
Comment 14 Sammy 2006-02-16 15:25:19 EST
I am not sure whether 1.2.30 was expected to resolve this but it is still
segfaulting.
Comment 15 Ville Skyttä 2006-02-17 11:24:50 EST
Reproduced here too.  Hardware is MSI K8NGM2-FID motherboard (nForce 6150/430)
with integrated video, HP f2105 connected via DVI:

00:05.0 VGA compatible controller: nVidia Corporation C51 PCI Express Bridge
(rev a2) (prog-if 00 [VGA])
	Subsystem: Micro-Star International Co., Ltd. Unknown device 7207
	Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping-
SERR- FastB2B-
	Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR-
	Latency: 0
	Interrupt: pin A routed to IRQ 18
	Region 0: Memory at fd000000 (32-bit, non-prefetchable) [size=16M]
	Region 1: Memory at d0000000 (64-bit, prefetchable) [size=256M]
	Region 3: Memory at fc000000 (64-bit, non-prefetchable) [size=16M]
	[virtual] Expansion ROM at feae0000 [disabled] [size=128K]
	Capabilities: [48] Power Management version 2
		Flags: PMEClk- DSI- D1- D2- AuxCurrent=0mA PME(D0-,D1-,D2-,D3hot-,D3cold-)
		Status: D0 PME-Enable- DSel=0 DScale=0 PME-
	Capabilities: [50] Message Signalled Interrupts: 64bit+ Queue=0/0 Enable-
		Address: 0000000000000000  Data: 0000
Comment 16 Ville Skyttä 2006-02-17 18:22:39 EST
By the way, ddcprobe (unsurprisingly?) crashes the same way in _kudzumodule.so.
Comment 17 Alexandre Oliva 2006-02-17 18:39:16 EST
backtrace from ddcprobe:

#0  rdw (addr=12288) at sys.c:257
#1  0x00002aacaa09f9ca in fetch_data_word (offset=Variable "offset" is not
available.
) at decode.c:327
#2  0x00002aacaa0a71ac in x86emuOp_sbb_word_RM_R (op1=Variable "op1" is not
available.
) at ops.c:1498
#3  0x00002aacaa0a0421 in X86EMU_exec () at decode.c:123
#4  0x00002aacaa09f40e in real_call (registers=0x7fffffe01e70) at thunk.c:200
#5  0x00002aacaa09e920 in get_edid_supported () at vbe.c:262
#6  0x00002aacaa09c517 in ddcProbe (probeClass=CLASS_MONITOR,
probeFlags=Variable "probeFlags" is not available.
)
    at ddc.c:423
#7  0x00002aacaa093d8e in probeDevices (probeClass=CLASS_MONITOR,
    probeBus=BUS_DDC, probeFlags=1) at kudzu.c:806
#8  0x00002aacaa091441 in doProbe (self=Variable "self" is not available.
) at kudzumodule.c:461
#9  0x0000003748d950c8 in PyEval_EvalFrame ()
   from /usr/lib64/libpython2.4.so.1.0

get_data_offset(), called from fetch_data_word(), returns 0.  registers->ds is
indeed zero in X86EMU_exec().
Comment 18 Bill Nottingham 2006-02-20 15:21:25 EST
Created attachment 124905 [details]
test program

Here's a new test program build - does this a) segfault b) print useful
information about your monitor?
Comment 19 Ville Skyttä 2006-02-20 15:59:05 EST
Doesn't segfault, and prints some useful info, but not about the monitor.

# ./ddc-fu
-
class: VIDEO
bus: DDC
detached: 0
desc: "NVIDIA Corporation Crush50 Board - c51pv0"
mem: 65536
Comment 20 Ivan Gyurdiev 2006-02-20 20:51:13 EST
[root@cobra downloads]# ./ddc-fu
-
class: VIDEO
bus: DDC
detached: 0
desc: "NVIDIA Corporation nv41 Board - p317h20"
mem: 262144
Comment 21 Alexandre Oliva 2006-02-20 22:37:20 EST
[root@livre ~]# /l/tmp/build/ddc-fu
-
class: VIDEO
bus: DDC
detached: 0
desc: "NVIDIA Corporation NV17 Board - m17refnz"
mem: 65536
[root@livre ~]#
Comment 22 Bill Nottingham 2006-02-21 14:36:45 EST
Shouldn't crash any more in 1.2.31-1.
Comment 23 Ivan Gyurdiev 2006-02-21 14:51:36 EST
Why isn't monitor information displayed?
My monitor wasn't properly detected during -test*.
Is this relevant?
Comment 24 Bill Nottingham 2006-02-21 14:53:23 EST
It's not displayed because the EDID block returned isn't valid.
Comment 25 Ville Skyttä 2006-02-21 15:28:41 EST
FWIW, a few weeks ago I was able to grab an EDID block using the NVIDIA
proprietary nvidia-settings tool, feed it to a perl script found in Mandriva and
get useful data out of it (in order to verify the HP f2105 entry I was about to
submit for inclusion in MonitorsDB).
Comment 26 Bill Nottingham 2006-02-21 15:30:09 EST
Interesting. What does the tool do? ioctl? vm86 code? Something else? (You
should be able to get an idea with strace).
Comment 27 Ville Skyttä 2006-02-21 15:50:26 EST
strace output and the grabbed edid are at http://koti.welho.com/vskytta/edid/ ,
I clicked the "Acquire EDID" button in the app around line 3330 in the strace
file.  Quite a few ioctl's there it seems.
Comment 28 Bill Nottingham 2006-02-21 15:54:41 EST
Hm, yeah, but that looks like mainly X noise. strace -f any more enlightening?
Comment 29 Ville Skyttä 2006-02-21 16:19:51 EST
strace-f.txt uploaded to the same place, and the aqcuire edid click again around
line 3300 through it.
Comment 30 Bill Nottingham 2006-02-22 13:00:20 EST
*** Bug 182353 has been marked as a duplicate of this bug. ***
Comment 31 Orion Poplawski 2006-02-22 13:13:03 EST
-
class: VIDEO
bus: DDC
detached: 0
desc: "NVIDIA Corporation Crush50 Board - c51pv0"
mem: 65536
-
class: MONITOR
bus: DDC
detached: 0
desc: "Radius"
id: RDS1546
horizSyncMin: 30
horizSyncMax: 63
vertRefreshMin: 50
vertRefreshMax: 75
Comment 32 Orion Poplawski 2006-02-22 13:15:46 EST
Sorry, the above is the output of ddc-fu.2
Comment 33 Alexandre Oliva 2006-02-23 13:12:22 EST
Confirmed not crashing any more.  ddcprobe still fails to detect the LCD
monitor, but I guess that's still expected :-(
Comment 34 Bill Nottingham 2006-02-24 11:35:54 EST
Well, it would be interesting to know if a 32-bit install can probe it, as that
would show a difference between the LRMI-using real-mode code, as opposed to the
code run through x86emu. However, not-crashing is the main goal. :)
Comment 35 Alexandre Oliva 2006-02-24 13:00:03 EST
That I can easily tell, but from a different notebook (PIII) with a different
nvidia card:

[root@vapaa ~]# ddcprobe

Videocard autoprobe results
Description:  NVidia Corporation NV10 Reference Board
Memory (MB):  32

Monitor autoprobe results
Monitor autoprobe failed.
Comment 36 Bill Nottingham 2006-02-27 14:12:23 EST
*** Bug 183128 has been marked as a duplicate of this bug. ***
Comment 37 Bill Nottingham 2006-03-09 11:25:26 EST
*** Bug 184397 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.