[Bug 97225] [i965 on HD4600 Haswell] xcom switch to ingame cinematics cause segmentation fault

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Mon Aug 22 20:57:18 UTC 2016


--- Comment #3 from Matt Turner <mattst88 at gmail.com> ---
(In reply to _archuser_ from comment #2)
> I created a new trace via the apitrace wrapper library to run while running
> gdb using latest mesa-git, the new trace and backtrace can be found here
> (glretrace still crashes randomly on replay though):
> https://drive.google.com/open?id=0B_oUaHk11vY2T2t5X1lVUEdLNDg


I have run this trace in valgrind on my Haswell, master and 12.0.1 and I cannot
reproduce same backtrace as you.

However, I do see

==26838== Thread 4:
==26838== Invalid read of size 2
==26838==    at 0x4C30D78: memcpy@@GLIBC_2.14 (in
==26838==    by 0xA75A1BD: memcpy (string3.h:53)
==26838==    by 0xA75A1BD: copy_array_to_vbo_array.isra.1
==26838==    by 0xA75AB98: brw_prepare_vertices (brw_draw_upload.c:663)
==26838==    by 0xA75B1C8: brw_emit_vertices (brw_draw_upload.c:779)
==26838==    by 0xA76FACC: check_and_emit_atom (brw_state_upload.c:761)
==26838==    by 0xA76FACC: brw_upload_pipeline_state (brw_state_upload.c:874)
==26838==    by 0xA76FACC: brw_upload_render_state (brw_state_upload.c:896)
==26838==    by 0xA75941B: brw_try_draw_prims (brw_draw.c:582)
==26838==    by 0xA75941B: brw_draw_prims (brw_draw.c:673)
==26838==    by 0xA57B837: vbo_validated_drawrangeelements
==26838==    by 0xA57BB77: vbo_exec_DrawRangeElementsBaseVertex
==26838==    by 0x4AC5A5: ??? (in /usr/bin/glretrace)
==26838==    by 0x40CDA8: ??? (in /usr/bin/glretrace)
==26838==    by 0x40D3E7: ??? (in /usr/bin/glretrace)
==26838==    by 0x40D7B1: ??? (in /usr/bin/glretrace)

I also see 

==26838== Invalid read of size 4
==26838==    at 0xA83D002: brw::vec4_visitor::var_range_end(unsigned int,
unsigned int) const (brw_vec4_live_variables.cpp:335)
==26838==    by 0xA82AFE9: brw::vec4_visitor::opt_register_coalesce()
==26838==    by 0xA82F18D: brw::vec4_visitor::run() [clone .part.18] [clone
.constprop.19] (brw_vec4.cpp:1992)
==26838==    by 0xA82FE5F: brw_compile_vs (brw_vec4.cpp:2175)
==26838==    by 0xA774E99: brw_codegen_vs_prog (brw_vs.c:194)
==26838==    by 0xA7754F2: brw_vs_precompile (brw_vs.c:405)
==26838==    by 0xA75F93A: brw_shader_precompile (brw_link.cpp:65)
==26838==    by 0xA75F93A: brw_link_shader (brw_link.cpp:283)
==26838==    by 0xA6012BA: _mesa_glsl_link_shader (ir_to_mesa.cpp:3070)
==26838==    by 0xA51534B: _mesa_link_program.part.20 (shaderapi.c:1093)
==26838==    by 0x5816AD: ??? (in /usr/bin/glretrace)
==26838==    by 0x40CDA8: ??? (in /usr/bin/glretrace)
==26838==    by 0x40D3E7: ??? (in /usr/bin/glretrace)

which I've fixed with commit

commit e7c376adfdecd4c1333997c8be8bb066a87c67b4
Author: Matt Turner <mattst88 at gmail.com>
Date:   Thu Aug 18 15:54:47 2016 -0700

    i965/vec4: Ignore swizzle of VGRF for use by var_range_end().

I'll investigate the problem in copy_array_to_vbo_array now.

I've tried Mesa master and 12.0.1 compiled with and without debugging (-O0
-ggdb3) with gcc 4.9.3 and gcc 5.4.0. A co-worker tried on Haswell and Arch,
with the default Arch packages, as well as mesa master compiled with gcc 6.1.1.
He could only reproduce the same problems I've noted in this comment.

I wouldn't think the problem in copy_array_to_vbo_array was related to the
crash you're seeing, but I guess we won't know for sure until it's fixed.

You are receiving this mail because:
You are the QA Contact for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/intel-3d-bugs/attachments/20160822/c89b3487/attachment.html>

More information about the intel-3d-bugs mailing list