<html>
<head>
<base href="https://bugs.freedesktop.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - From "Use isl for hiz layouts" commit onwards, everything crashes with Mesa"
href="https://bugs.freedesktop.org/show_bug.cgi?id=101538">101538</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>From "Use isl for hiz layouts" commit onwards, everything crashes with Mesa
</td>
</tr>
<tr>
<th>Product</th>
<td>Mesa
</td>
</tr>
<tr>
<th>Version</th>
<td>git
</td>
</tr>
<tr>
<th>Hardware</th>
<td>Other
</td>
</tr>
<tr>
<th>OS</th>
<td>All
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>blocker
</td>
</tr>
<tr>
<th>Priority</th>
<td>highest
</td>
</tr>
<tr>
<th>Component</th>
<td>Drivers/DRI/i965
</td>
</tr>
<tr>
<th>Assignee</th>
<td>topi.pohjolainen@intel.com
</td>
</tr>
<tr>
<th>Reporter</th>
<td>eero.t.tamminen@intel.com
</td>
</tr>
<tr>
<th>QA Contact</th>
<td>intel-3d-bugs@lists.freedesktop.org
</td>
</tr></table>
<p>
<div>
<pre>Setup:
* GEN7+ HW
* Ubuntu 16.04 LTS (Unity/compiz)
* Latest Mesa from git
Test-case:
1. log in to Unity
2. log in to non-compositing desktop
3. run glxgears
Expected outcome:
* Desktop and glxgears run fine
Actual outcome:
* Unity crashes, so one cannot log in
* even glxgears crashes
Gdb backtrace:
------------------------------------------
Program received signal SIGSEGV, Segmentation fault.
intel_alloc_aux_buffer (name=name@entry=0x7ffff47398d1 "hiz-miptree",
aux_surf=aux_surf@entry=0x7fffffffe4a0, alloc_flags=alloc_flags@entry=1,
mt=0x781a70,
brw=0x7ffff7faa040) at
../../../../../../src/mesa/drivers/dri/i965/intel_mipmap_tree.c:1634
1634 buf->qpitch = isl_surf_get_array_pitch_sa_rows(aux_surf);
(gdb) bt
#0 intel_alloc_aux_buffer (name=name@entry=0x7ffff47398d1 "hiz-miptree",
aux_surf=aux_surf@entry=0x7fffffffe4a0, alloc_flags=alloc_flags@entry=1,
mt=0x781a70,
brw=0x7ffff7faa040) at
../../../../../../src/mesa/drivers/dri/i965/intel_mipmap_tree.c:1634
#1 0x00007ffff4564f3e in intel_miptree_alloc_hiz
(brw=brw@entry=0x7ffff7faa040, mt=0x781a70) at
../../../../../../src/mesa/drivers/dri/i965/intel_mipmap_tree.c:1839
#2 0x00007ffff456511b in intel_miptree_create_for_renderbuffer
(brw=brw@entry=0x7ffff7faa040, format=<optimized out>, width=width@entry=300,
height=height@entry=300,
num_samples=<optimized out>) at
../../../../../../src/mesa/drivers/dri/i965/intel_mipmap_tree.c:1046
#3 0x00007ffff455e555 in intel_alloc_private_renderbuffer_storage
(ctx=0x7ffff7faa040, rb=0x781430, internalFormat=6402, width=300, height=300)
at ../../../../../../src/mesa/drivers/dri/i965/intel_fbo.c:304
#4 0x00007ffff42a4848 in _mesa_resize_framebuffer
(ctx=ctx@entry=0x7ffff7faa040, fb=0x780f10, width=300, height=300) at
../../../src/mesa/main/framebuffer.c:298
#5 0x00007ffff452d893 in driUpdateFramebufferSize
(ctx=ctx@entry=0x7ffff7faa040, dPriv=dPriv@entry=0x615b10)
at ../../../../../../src/mesa/drivers/dri/common/dri_util.c:833
#6 0x00007ffff4539431 in intel_update_renderbuffers
(context=context@entry=0x6d1bf0, drawable=drawable@entry=0x615b10)
at ../../../../../../src/mesa/drivers/dri/i965/brw_context.c:1430
#7 0x00007ffff4539ab1 in intel_prepare_render (brw=brw@entry=0x7ffff7faa040)
at ../../../../../../src/mesa/drivers/dri/i965/brw_context.c:1447
#8 0x00007ffff453a16b in intelMakeCurrent (driContextPriv=0x6d1bf0,
driDrawPriv=<optimized out>, driReadPriv=0x615b10)
at ../../../../../../src/mesa/drivers/dri/i965/brw_context.c:1287
#9 0x00007ffff452cd26 in driBindContext (pcp=<optimized out>, pdp=<optimized
out>, prp=<optimized out>)
at ../../../../../../src/mesa/drivers/dri/common/dri_util.c:555
#10 0x00007ffff7bae5f6 in dri3_bind_context (context=0x6152b0, old=<optimized
out>, draw=16777218, read=16777218) at ../../../src/glx/dri3_glx.c:235
#11 0x00007ffff7b814c5 in MakeContextCurrent (dpy=0x606010, draw=16777218,
read=16777218, gc_user=0x6152b0) at ../../../src/glx/glxcurrent.c:228
#12 0x0000000000401a06 in ?? ()
#13 0x00007ffff7177830 in __libc_start_main (main=0x401890, argc=1,
argv=0x7fffffffea18, init=<optimized out>, fini=<optimized out>,
rtld_fini=<optimized out>,
stack_end=0x7fffffffea08) at ../csu/libc-start.c:291
#14 0x00000000004022f9 in ?? ()
(gdb) print *aux_surf
$1 = {dim = (ISL_SURF_DIM_2D | unknown: 2365440), dim_layout =
ISL_DIM_LAYOUT_GEN4_2D, msaa_layout = (unknown: 300), tiling =
ISL_TILING_LINEAR, format = 7870240,
image_alignment_el = {{w = 0, width = 0}, {h = 4160397376, height =
4160397376}, {d = 32767, depth = 32767}}, logical_level0_px = {{w = 0, width =
0}, {h = 0,
height = 0}, {d = 6, depth = 6}, {a = 0, array_len = 0}}, phys_level0_sa
= {{w = 300, width = 300}, {h = 0, height = 0}, {d = 2841341952, depth =
2841341952}, {
a = 1617732783, array_len = 1617732783}}, levels = 300, samples = 0, size
= 140737353785408, alignment = 300, row_pitch = 0, array_pitch_el_rows = 300,
array_pitch_span = ISL_ARRAY_PITCH_SPAN_FULL, usage = 140737353785408}
------------------------------------------
Valgrind output:
------------------------------------------
==11774== Use of uninitialised value of size 8
==11774== at 0x899F357: intel_alloc_aux_buffer.isra.8
(intel_mipmap_tree.c:1634)
==11774== by 0x89A3F3D: intel_miptree_alloc_hiz (intel_mipmap_tree.c:1839)
==11774== by 0x89A411A: intel_miptree_create_for_renderbuffer
(intel_mipmap_tree.c:1046)
==11774== by 0x899D554: intel_alloc_private_renderbuffer_storage
(intel_fbo.c:304)
==11774== by 0x86E3847: _mesa_resize_framebuffer (framebuffer.c:298)
==11774== by 0x8978430: intel_update_renderbuffers (brw_context.c:1430)
==11774== by 0x8978AB0: intel_prepare_render (brw_context.c:1447)
==11774== by 0x897916A: intelMakeCurrent (brw_context.c:1287)
==11774== by 0x896BD25: driBindContext (dri_util.c:555)
==11774== by 0x4E845F5: dri3_bind_context (dri3_glx.c:235)
==11774== by 0x4E574C4: MakeContextCurrent (glxcurrent.c:228)
==11774== by 0x401A05: ??? (in /usr/bin/glxgears)
==11774==
==11774== Invalid read of size 1
==11774== at 0x899F357: intel_alloc_aux_buffer.isra.8
(intel_mipmap_tree.c:1634)
==11774== by 0x89A3F3D: intel_miptree_alloc_hiz (intel_mipmap_tree.c:1839)
==11774== by 0x89A411A: intel_miptree_create_for_renderbuffer
(intel_mipmap_tree.c:1046)
==11774== by 0x899D554: intel_alloc_private_renderbuffer_storage
(intel_fbo.c:304)
==11774== by 0x86E3847: _mesa_resize_framebuffer (framebuffer.c:298)
==11774== by 0x8978430: intel_update_renderbuffers (brw_context.c:1430)
==11774== by 0x8978AB0: intel_prepare_render (brw_context.c:1447)
==11774== by 0x897916A: intelMakeCurrent (brw_context.c:1287)
==11774== by 0x896BD25: driBindContext (dri_util.c:555)
==11774== by 0x4E845F5: dri3_bind_context (dri3_glx.c:235)
==11774== by 0x4E574C4: MakeContextCurrent (glxcurrent.c:228)
==11774== by 0x401A05: ??? (in /usr/bin/glxgears)
==11774== Address 0x2e80607b3 is not stack'd, malloc'd or (recently) free'd
==11774==
==11774==
==11774== Process terminating with default action of signal 11 (SIGSEGV)
==11774== Access not within mapped region at address 0x2E80607B3
==11774== at 0x899F357: intel_alloc_aux_buffer.isra.8
(intel_mipmap_tree.c:1634)
------------------------------------------
Git bisected this to:
------------------------------------------
commit f60e23cb57724f001bfafdb577cedf660d6917e1
Author: Topi Pohjolainen <<a href="mailto:topi.pohjolainen@intel.com">topi.pohjolainen@intel.com</a>>
AuthorDate: Thu Dec 22 17:22:39 2016 +0200
Commit: Topi Pohjolainen <<a href="mailto:topi.pohjolainen@intel.com">topi.pohjolainen@intel.com</a>>
CommitDate: Mon Jun 19 22:57:57 2017 +0300
i965/miptree/gen7+: Use isl for hiz layouts
v2: Use better assert by checking isl_surf_get_hiz_surf()
Reviewed-by: Jason Ekstrand <<a href="mailto:jason@jlekstrand.net">jason@jlekstrand.net</a>>
Signed-off-by: Topi Pohjolainen <<a href="mailto:topi.pohjolainen@intel.com">topi.pohjolainen@intel.com</a>>
------------------------------------------
Reverting that commit and following blorb & wm commits (which depend on that),
will get Mesa again to working state.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the QA Contact for the bug.</li>
</ul>
</body>
</html>