[Bug 44919] Wayland clients segfault

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Mon Jan 23 17:21:56 PST 2012 

https://bugs.freedesktop.org/show_bug.cgi?id=44919

--- Comment #8 from Ran Benita <ran234 at gmail.com> 2012-01-23 17:21:56 PST ---
Sorry, here are some more details.

ran at ran:~$ uname -sr
Linux 3.2.1-1-ARCH
ran at ran:~$ lspci | grep nVi
01:00.0 VGA compatible controller: nVidia Corporation G94 [GeForce 9600 GT]
(rev a1)
ran at ran:~$ glxinfo | grep nouveau -A3
OpenGL vendor string: nouveau
OpenGL renderer string: Gallium 0.4 on NV94
OpenGL version string: 2.1 Mesa 8.0-devel (git-c25e5300)
OpenGL shading language version string: 1.20

Mesa config:
--with-dri-drivers= --with-gallium-drivers=nouveau
--with-egl-platforms=drm,x11 --enable-gallium-egl
--enable-shared-dricore --enable-shared-glapi --enable-egl
--enable-gles2 --enable-glx-tls --enable-xcb --enable-texture-float

And the backtrace:
Core was generated by `./test_terminal'.
Program terminated with signal 11, Segmentation fault.
#0  st_framebuffer_validate (stfb=0x7f89888e1e60, st=<optimized out>) at
state_tracker/st_manager.c:186
186       int32_t new_stamp = p_atomic_read(&stfb->iface->stamp);
(gdb) bt
#0  st_framebuffer_validate (stfb=0x7f89888e1e60, st=<optimized out>) at
state_tracker/st_manager.c:186
#1  0x00007f8987a5ca28 in st_api_make_current (stapi=<optimized out>,
stctxi=0x1588910, stdrawi=<optimized out>, streadi=<optimized out>)
    at state_tracker/st_manager.c:731
#2  0x00007f89879b47cf in driBindContext (pcp=<optimized out>, pdp=<optimized
out>, prp=<optimized out>)
    at ../../../../src/mesa/drivers/dri/common/dri_util.c:330
#3  0x00007f898c1aba60 in dri2_make_current (drv=0x14a4a70, disp=0x149eb20,
dsurf=0x0, rsurf=0x0, ctx=0x14a5690) at egl_dri2.c:818
#4  0x00007f898c1a4d39 in eglMakeCurrent (dpy=0x149eb20, draw=0x0, read=0x0,
ctx=0x14a5690) at eglapi.c:502
#5  0x00000000004065b2 in context_use (ctx=0x149c700) at
src/output_context.c:589
#6  0x0000000000405206 in compositor_use (comp=0x146cf50) at src/output.c:936
#7  0x00000000004039e0 in setup_app (app=0x7fff094f6440) at
tests/test_terminal.c:224
#8  0x0000000000403b98 in main (argc=1, argv=0x7fff094f6588) at
tests/test_terminal.c:273

This only happens if eglMakeCurrent is called twice, which is the case in my
program and in wayland also (e.g. there's a call to eglMakeCurrent followed by
a call to cairo_egl_device_create, which also calls eglMakeCurrent).

Since we use the surfaceless extension the first call to
st_manager.c:st_api_make_current uses an incomplete buffer as a dummy (I
think?), so then:

(gdb) print stfb == &IncompleteFramebuffer 
$11 = 1

In the next call the following check at st_manager.c:730 :
if (stdraw && stread) {
passes but:

(gdb) print stfb->iface
$28 = (struct st_framebuffer_iface *) 0x0

So there's a null dereference. I'm not familiar with mesa so I can't help with
a (correct) patch.

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the dri-devel mailing list