[Bug 103948] SIGSEGV when using 0 for YUV values

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Tue Nov 28 02:33:54 UTC 2017


https://bugs.freedesktop.org/show_bug.cgi?id=103948

            Bug ID: 103948
           Summary: SIGSEGV when using 0 for YUV values
           Product: Mesa
           Version: 17.0
          Hardware: x86-64 (AMD64)
                OS: Linux (All)
            Status: NEW
          Severity: normal
          Priority: medium
         Component: Drivers/DRI/i965
          Assignee: intel-3d-bugs at lists.freedesktop.org
          Reporter: pauldotknopf at gmail.com
        QA Contact: intel-3d-bugs at lists.freedesktop.org

I am using mesa 17.0.2. I am using Qt to render YV12 buffers.

If I set all Y values to "1", it renders correctly.

int index = 0;
for(int width=1;width<currentStatus->width;width++) {
    for(int height=1;height<currentStatus->height;height++) {
        data[index] = 0x00;
        index++;
    }
}

If I set all Y values to "0", I get a SIGSEGV.

int index = 0;
for(int width=1;width<currentStatus->width;width++) {
    for(int height=1;height<currentStatus->height;height++) {
        data[index] = 0x00;
        index++;
    }
}

Here is the crash backtrace.

#0  0x00007fffe970a980 in linear_to_ytiled_faster (x0=<optimized out>,
x1=<optimized out>, x2=<optimized out>, x3=<optimized out>, y0=y0 at entry=0,
y1=y1 at entry=32, dst=0x7fff82c59000 "", src=0x25a5448 "", src_pitch=3840,
swizzle_bit=0, mem_copy=0x33e6727670 <__memmove_avx_unaligned_erms>)
    at
/usr/src/debug/mesa/2_17.0.2-r0/mesa-17.0.2/src/mesa/drivers/dri/i965/intel_tiled_memcpy.c:509
#1  0x00007fffe970bb74 in linear_to_tiled (xt1=0, xt2=3840, yt1=0, yt2=2160,
dst=0x7fff82bff000 "", src=0x254b448 "", dst_pitch=3840, src_pitch=3840,
has_swizzling=false, tiling=2, mem_copy=0x33e6727670
<__memmove_avx_unaligned_erms>)
    at
/usr/src/debug/mesa/2_17.0.2-r0/mesa-17.0.2/src/mesa/drivers/dri/i965/intel_tiled_memcpy.c:699
#2  0x00007fffe9709fc7 in intel_texsubimage_tiled_memcpy
(ctx=ctx at entry=0xb8f070, dims=dims at entry=2, texImage=texImage at entry=0x256a7a0,
xoffset=<optimized out>, xoffset at entry=0, yoffset=<optimized out>,
    yoffset at entry=0, zoffset=zoffset at entry=0, width=3840, height=2160, depth=1,
format=6409, type=5121, pixels=0x254b448, packing=0xbaa2e0,
for_glTexImage=false) at
/usr/src/debug/mesa/2_17.0.2-r0/mesa-17.0.2/src/mesa/drivers/dri/i965/intel_tex_subimage.c:177
#3  0x00007fffe9709130 in intelTexImage (ctx=0xb8f070, dims=2,
texImage=0x256a7a0, format=6409, type=5121, pixels=0x254b448, unpack=0xbaa2e0)
    at
/usr/src/debug/mesa/2_17.0.2-r0/mesa-17.0.2/src/mesa/drivers/dri/i965/intel_tex_image.c:158
#4  0x00007fffe946e5b7 in teximage (ctx=0xb8f070, compressed=compressed at entry=0
'\000', dims=dims at entry=2, target=3553, level=<optimized out>,
internalFormat=<optimized out>, width=3840, height=2160, depth=1, border=0,
format=6409, type=5121, imageSize=0, pixels=0x254b448)
    at
/usr/src/debug/mesa/2_17.0.2-r0/mesa-17.0.2/src/mesa/main/teximage.c:3066
#5  0x00007fffe946f3ad in _mesa_TexImage2D (target=<optimized out>,
level=<optimized out>, internalFormat=<optimized out>, width=<optimized out>,
height=<optimized out>, border=<optimized out>, format=6409, type=5121,
pixels=0x254b448)
---Type <return> to continue, or q <return> to quit---
    at
/usr/src/debug/mesa/2_17.0.2-r0/mesa-17.0.2/src/mesa/main/teximage.c:3105
#6  0x00007fffea06b041 in QOpenGLFunctions::glTexImage2D(unsigned int, int,
int, int, int, int, unsigned int, unsigned int, void const*) (pixels=0x254b448,
type=5121, format=6409, border=0, height=2160, width=3840, internalformat=6409,
level=0, target=3553, this=0xa587f0)
    at /usr/include/qt5/QtGui/qopenglfunctions.h:1019
#7  0x00007fffea06b041 in QSGVideoMaterial_YUV::bindTexture(int, int, int,
unsigned char const*, unsigned int) (this=<optimized out>, id=1, w=3840,
h=2160, bits=0x254b448 "", format=6409) at
/usr/src/debug/qtmultimedia/5.8.0+gitAUTOINC+544a8a4251-r0/git/src/qtmultimediaquicktools/qsgvideonode_yuv.cpp:410
#8  0x00007fffea06b3f7 in QSGVideoMaterial_YUV::bind()
(this=this at entry=0x20e8840)
    at
/usr/src/debug/qtmultimedia/5.8.0+gitAUTOINC+544a8a4251-r0/git/src/qtmultimediaquicktools/qsgvideonode_yuv.cpp:389
#9  0x00007fffea06b57c in
QSGVideoMaterialShader_YUV_BiPlanar::updateState(QSGMaterialShader::RenderState
const&, QSGMaterial*, QSGMaterial*) (this=this at entry=0x609e50, state=...,
newMaterial=newMaterial at entry=0x20e8840, oldMaterial=<optimized out>)
    at
/usr/src/debug/qtmultimedia/5.8.0+gitAUTOINC+544a8a4251-r0/git/src/qtmultimediaquicktools/qsgvideonode_yuv.cpp:445
#10 0x00007fffea06b61f in
QSGVideoMaterialShader_YUV_TriPlanar::updateState(QSGMaterialShader::RenderState
const&, QSGMaterial*, QSGMaterial*) (this=0x609e50, state=...,
newMaterial=0x20e8840, oldMaterial=<optimized out>)
    at
/usr/src/debug/qtmultimedia/5.8.0+gitAUTOINC+544a8a4251-r0/git/src/qtmultimediaquicktools/qsgvideonode_yuv.cpp:462
#11 0x00007ffff7897ea8 in
QSGBatchRenderer::Renderer::renderMergedBatch(QSGBatchRenderer::Batch const*)
(this=0xa20000, batch=0xa23600)
    at
/usr/src/debug/qtdeclarative/5.8.0+gitAUTOINC+fffb997e19-r0/git/src/quick/scenegraph/coreapi/qsgbatchrenderer.cpp:2282
#12 0x00007ffff789926d in QSGBatchRenderer::Renderer::renderBatches()
(this=this at entry=0xa20000)
---Type <return> to continue, or q <return> to quit---
    at
/usr/src/debug/qtdeclarative/5.8.0+gitAUTOINC+fffb997e19-r0/git/src/quick/scenegraph/coreapi/qsgbatchrenderer.cpp:2510
#13 0x00007ffff789e895 in QSGBatchRenderer::Renderer::render() (this=<optimized
out>)
    at
/usr/src/debug/qtdeclarative/5.8.0+gitAUTOINC+fffb997e19-r0/git/src/quick/scenegraph/coreapi/qsgbatchrenderer.cpp:2719
#14 0x00007ffff788f9cf in QSGRenderer::renderScene(QSGBindable const&)
(this=0xa20000, bindable=...)
    at
/usr/src/debug/qtdeclarative/5.8.0+gitAUTOINC+fffb997e19-r0/git/src/quick/scenegraph/coreapi/qsgrenderer.cpp:241
#15 0x00007ffff788feab in QSGRenderer::renderScene(unsigned int)
(this=<optimized out>, fboId=<optimized out>)
    at
/usr/src/debug/qtdeclarative/5.8.0+gitAUTOINC+fffb997e19-r0/git/src/quick/scenegraph/coreapi/qsgrenderer.cpp:194
#16 0x00007ffff78c6efe in
QSGDefaultRenderContext::renderNextFrame(QSGRenderer*, unsigned int)
(this=0x968dd0, renderer=0xa20000, fboId=<optimized out>)
    at
/usr/src/debug/qtdeclarative/5.8.0+gitAUTOINC+fffb997e19-r0/git/src/quick/scenegraph/qsgdefaultrendercontext.cpp:181
#17 0x00007ffff791a3d5 in QQuickWindowPrivate::renderSceneGraph(QSize const&)
(this=this at entry=0x698250, size=...)
    at
/usr/src/debug/qtdeclarative/5.8.0+gitAUTOINC+fffb997e19-r0/git/src/quick/items/qquickwindow.cpp:465
#18 0x00007ffff78ba3cf in QSGGuiThreadRenderLoop::renderWindow(QQuickWindow*)
(this=0x7c1000, window=<optimized out>)
    at
/usr/src/debug/qtdeclarative/5.8.0+gitAUTOINC+fffb997e19-r0/git/src/quick/scenegraph/qsgrenderloop.cpp:416
#19 0x00007ffff7923bde in QQuickWindow::event(QEvent*) (this=0x698180,
e=0x7fffffffe600)
    at
/usr/src/debug/qtdeclarative/5.8.0+gitAUTOINC+fffb997e19-r0/git/src/quick/items/qquickwindow.cpp:1577
#20 0x00007ffff5e905be in doNotify (event=<optimized out>, receiver=<optimized
out>)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qcoreapplication.cpp:1063
---Type <return> to continue, or q <return> to quit---
#21 0x00007ffff5e905be in QCoreApplication::notify(QObject*, QEvent*)
(this=<optimized out>, receiver=<optimized out>, event=<optimized out>)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qcoreapplication.cpp:1049
#22 0x00007ffff5e90718 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
(receiver=receiver at entry=0x698180, event=event at entry=0x7fffffffe600)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qcoreapplication.cpp:988
#23 0x00007ffff6e2cafe in QCoreApplication::sendEvent(QObject*, QEvent*)
(event=0x7fffffffe600, receiver=<optimized out>)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qcoreapplication.h:231
#24 0x00007ffff6e2cafe in QWindowPrivate::deliverUpdateRequest()
(this=this at entry=0x698250)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/gui/kernel/qwindow.cpp:2171
#25 0x00007ffff6e2cfd9 in QWindow::event(QEvent*) (this=this at entry=0x698180,
ev=ev at entry=0x7fffffffe7b0)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/gui/kernel/qwindow.cpp:2142
#26 0x00007ffff7923b95 in QQuickWindow::event(QEvent*) (this=0x698180,
e=0x7fffffffe7b0)
    at
/usr/src/debug/qtdeclarative/5.8.0+gitAUTOINC+fffb997e19-r0/git/src/quick/items/qquickwindow.cpp:1596
#27 0x00007ffff5e905be in doNotify (event=<optimized out>, receiver=<optimized
out>)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qcoreapplication.cpp:1063
#28 0x00007ffff5e905be in QCoreApplication::notify(QObject*, QEvent*)
(this=<optimized out>, receiver=<optimized out>, event=<optimized out>)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qcoreapplication.cpp:1049
#29 0x00007ffff5e90718 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
(receiver=0x698180, event=event at entry=0x7fffffffe7b0)
---Type <return> to continue, or q <return> to quit---
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qcoreapplication.cpp:988
#30 0x00007ffff5ee0fbe in QCoreApplication::sendEvent(QObject*, QEvent*)
(event=0x7fffffffe7b0, receiver=<optimized out>)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qcoreapplication.h:231
#31 0x00007ffff5ee0fbe in QTimerInfoList::activateTimers() (this=0x65a260)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qtimerinfo_unix.cpp:643
#32 0x00007ffff5ee1781 in timerSourceDispatch(GSource*, GSourceFunc, gpointer)
(source=<optimized out>)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qeventdispatcher_glib.cpp:182
#33 0x00000033e9648ff7 in g_main_dispatch (context=0x7fffec0016f0) at
/usr/src/debug/glib-2.0/1_2.50.3-r0/glib-2.50.3/glib/gmain.c:3203
#34 0x00000033e9648ff7 in g_main_context_dispatch
(context=context at entry=0x7fffec0016f0)
    at /usr/src/debug/glib-2.0/1_2.50.3-r0/glib-2.50.3/glib/gmain.c:3856
#35 0x00000033e9649228 in g_main_context_iterate
(context=context at entry=0x7fffec0016f0, block=block at entry=1,
dispatch=dispatch at entry=1, self=<optimized out>) at
/usr/src/debug/glib-2.0/1_2.50.3-r0/glib-2.50.3/glib/gmain.c:3929
#36 0x00000033e96492cc in g_main_context_iteration (context=0x7fffec0016f0,
may_block=may_block at entry=1)
    at /usr/src/debug/glib-2.0/1_2.50.3-r0/glib-2.50.3/glib/gmain.c:3990
#37 0x00007ffff5ee223f in
QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
(this=0x654120, flags=...)
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qeventdispatcher_glib.cpp:423
#38 0x00007ffff5e8ec9a in
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>)
(this=this at entry=0x7fffffffe9e0, flags=..., flags at entry=...)
---Type <return> to continue, or q <return> to quit---
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qeventloop.cpp:212
#39 0x00007ffff5e96e04 in QCoreApplication::exec() ()
    at
/usr/src/debug/qtbase/5.8.0+gitAUTOINC+49dc9aa409-r0/git/src/corelib/kernel/qcoreapplication.cpp:1261
#40 0x0000000000402595 in main(int, char**) (argc=1, argv=0x7fffffffec48) at
../../encoder/mxencoder-test-ui/main.cpp:38

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/intel-3d-bugs/attachments/20171128/efe86ffe/attachment-0001.html>


More information about the intel-3d-bugs mailing list