[Mesa-dev] [Bug 72926] New: Memory corruption (crash) in draw/draw_pt_fetch_shade_pipeline_llvm.c:435

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Fri Dec 20 10:25:59 PST 2013 

https://bugs.freedesktop.org/show_bug.cgi?id=72926

          Priority: medium
            Bug ID: 72926
          Assignee: mesa-dev at lists.freedesktop.org
           Summary: Memory corruption (crash) in
                    draw/draw_pt_fetch_shade_pipeline_llvm.c:435
          Severity: normal
    Classification: Unclassified
                OS: Linux (All)
          Reporter: lekensteyn at gmail.com
          Hardware: x86-64 (AMD64)
            Status: NEW
           Version: unspecified
         Component: Drivers/X11
           Product: Mesa

Created attachment 91053
  --> https://bugs.freedesktop.org/attachment.cgi?id=91053&action=edit
gdb bt full

After upgrading Mesa 9.2.4 to 10.0.1, my Java program using JOGL crashes with a
memory corruption error.

The attached GDB log was generated with Mesa
a3ae5dc7dd5c2f8893f86a920247e690e550ebd4 ("draw: make sure that the stages
setup outputs"), built with --enable-debug.

I enforce software rendering because that gives me in an order of magnitude
better fps than i965 (glReadPixel is slow.):

    LIBGL_ALWAYS_SOFTWARE=1 java -cp ... RobotRace

With some versions of my program (new member variable, no other side-effects),
it immediately crashes. For other versions, it crashes after modifying the
center point in gl.glLookAt(). Let me know if you need more details (source,
etc.).

Bisection leads to:
a3ae5dc7dd5c2f8893f86a920247e690e550ebd4 is the first bad commit
commit a3ae5dc7dd5c2f8893f86a920247e690e550ebd4
Author: Zack Rusin <zackr at vmware.com>
Date:   Fri Aug 9 10:11:31 2013 -0400

    draw: make sure that the stages setup outputs

    Calling the prepare outputs cleans up the slot assignments
    for outputs, unfortunately aapoint and aaline didn't have
    code to reset their slots after the initial setup, this
    was messing up our slot assignments. The unfilled stage
    was just missing the initial assignment of the face slot.
    This fixes all of the reported piglit failures.

    Signed-off-by: Zack Rusin <zackr at vmware.com>
    Reviewed-by: Roland Scheidegger <sroland at vmware.com>

:040000 040000 fb87dfd2039663da7ff0fa6f12a5b0668fecee7f
fc98438608d4df5bd64ff651bf9098aaabc5a262 M      src

LLVM: 3.3
Mesa: 10.0.1 (gdb from a3ae5dc7dd5c2f8893f86a920247e690e550ebd4)
JOGL: 2.1-b1135-20131101
Linux: v3.13-rc2-208-g8ecffd7
Xorg: 1.14.5
OpenJDK: 7.u45_2.4.3

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/mesa-dev/attachments/20131220/e4a6cf20/attachment-0001.html>

More information about the mesa-dev mailing list