[Mesa-dev] [Bug 64568] SIGSEGV src/mesa/main/bufferobj.c:291

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Tue May 14 08:21:08 PDT 2013 

https://bugs.freedesktop.org/show_bug.cgi?id=64568

José Fonseca <jfonseca at vmware.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |brianp at vmware.com,
                   |                            |jfonseca at vmware.com

--- Comment #1 from José Fonseca <jfonseca at vmware.com> ---
> Run glxgears on softpipe or llvmpipe.

One needs to exit cleanly, by pressing Escape key.

This is what valgrind says:

$ valgrind glxgears
==3762== Memcheck, a memory error detector
==3762== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==3762== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==3762== Command: glxgears
==3762== 
==3762== Invalid read of size 8
==3762==    at 0x51DB2B6: _mesa_reference_buffer_object (bufferobj.h:88)
==3762==    by 0x51DC028: _mesa_free_buffer_objects (bufferobj.c:651)
==3762==    by 0x50B0009: _mesa_free_context_data (context.c:1159)
==3762==    by 0x51A373C: st_destroy_context (st_context.c:315)
==3762==    by 0x50AC984: st_context_destroy (st_manager.c:596)
==3762==    by 0x508BD45: XMesaDestroyContext (xm_api.c:937)
==3762==    by 0x508F8B3: glXDestroyContext (glx_api.c:1363)
==3762==    by 0x403754: ??? (in /usr/bin/glxgears)
==3762==    by 0x6DF176C: (below main) (libc-start.c:226)
==3762==  Address 0x8838850 is 0 bytes after a block of size 1,152 alloc'd
==3762==    at 0x4C29E46: calloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3762==    by 0x51DBEA4: _mesa_init_buffer_objects (bufferobj.c:622)
==3762==    by 0x50AF313: init_attrib_groups (context.c:744)
==3762==    by 0x50AFBBE: _mesa_initialize_context (context.c:1013)
==3762==    by 0x50AFE54: _mesa_create_context (context.c:1113)
==3762==    by 0x51A340F: st_create_context (st_context.c:232)
==3762==    by 0x50ACAF0: st_api_create_context (st_manager.c:640)
==3762==    by 0x508BC7D: XMesaCreateContext (xm_api.c:909)
==3762==    by 0x508F19F: create_context (glx_api.c:1066)
==3762==    by 0x508F28C: glXCreateContext (glx_api.c:1097)
==3762==    by 0x402E21: ??? (in /usr/bin/glxgears)
==3762==    by 0x6DF176C: (below main) (libc-start.c:226)
==3762== 
==3762== Invalid read of size 8
==3762==    at 0x51DB78C: _mesa_reference_buffer_object_ (bufferobj.c:284)
==3762==    by 0x51DB2D5: _mesa_reference_buffer_object (bufferobj.h:89)
==3762==    by 0x51DC028: _mesa_free_buffer_objects (bufferobj.c:651)
==3762==    by 0x50B0009: _mesa_free_context_data (context.c:1159)
==3762==    by 0x51A373C: st_destroy_context (st_context.c:315)
==3762==    by 0x50AC984: st_context_destroy (st_manager.c:596)
==3762==    by 0x508BD45: XMesaDestroyContext (xm_api.c:937)
==3762==    by 0x508F8B3: glXDestroyContext (glx_api.c:1363)
==3762==    by 0x403754: ??? (in /usr/bin/glxgears)
==3762==    by 0x6DF176C: (below main) (libc-start.c:226)
==3762==  Address 0x8838870 is not stack'd, malloc'd or (recently) free'd
==3762== 
==3762== Invalid read of size 8
==3762==    at 0x51DB7A0: _mesa_reference_buffer_object_ (bufferobj.c:287)
==3762==    by 0x51DB2D5: _mesa_reference_buffer_object (bufferobj.h:89)
==3762==    by 0x51DC028: _mesa_free_buffer_objects (bufferobj.c:651)
==3762==    by 0x50B0009: _mesa_free_context_data (context.c:1159)
==3762==    by 0x51A373C: st_destroy_context (st_context.c:315)
==3762==    by 0x50AC984: st_context_destroy (st_manager.c:596)
==3762==    by 0x508BD45: XMesaDestroyContext (xm_api.c:937)
==3762==    by 0x508F8B3: glXDestroyContext (glx_api.c:1363)
==3762==    by 0x403754: ??? (in /usr/bin/glxgears)
==3762==    by 0x6DF176C: (below main) (libc-start.c:226)
==3762==  Address 0x8838870 is not stack'd, malloc'd or (recently) free'd
==3762== 
==3762== Invalid read of size 4
==3762==    at 0x75B2E84: pthread_mutex_lock (pthread_mutex_lock.c:50)
==3762==    by 0x51DB7B2: _mesa_reference_buffer_object_ (bufferobj.c:289)
==3762==    by 0x51DB2D5: _mesa_reference_buffer_object (bufferobj.h:89)
==3762==    by 0x51DC028: _mesa_free_buffer_objects (bufferobj.c:651)
==3762==    by 0x50B0009: _mesa_free_context_data (context.c:1159)
==3762==    by 0x51A373C: st_destroy_context (st_context.c:315)
==3762==    by 0x50AC984: st_context_destroy (st_manager.c:596)
==3762==    by 0x508BD45: XMesaDestroyContext (xm_api.c:937)
==3762==    by 0x508F8B3: glXDestroyContext (glx_api.c:1363)
==3762==    by 0x403754: ??? (in /usr/bin/glxgears)
==3762==    by 0x6DF176C: (below main) (libc-start.c:226)
==3762==  Address 0x260 is not stack'd, malloc'd or (recently) free'd
==3762== 
==3762== 
==3762== Process terminating with default action of signal 11 (SIGSEGV)
==3762==  Access not within mapped region at address 0x260
==3762==    at 0x75B2E84: pthread_mutex_lock (pthread_mutex_lock.c:50)
==3762==    by 0x51DB7B2: _mesa_reference_buffer_object_ (bufferobj.c:289)
==3762==    by 0x51DB2D5: _mesa_reference_buffer_object (bufferobj.h:89)
==3762==    by 0x51DC028: _mesa_free_buffer_objects (bufferobj.c:651)
==3762==    by 0x50B0009: _mesa_free_context_data (context.c:1159)
==3762==    by 0x51A373C: st_destroy_context (st_context.c:315)
==3762==    by 0x50AC984: st_context_destroy (st_manager.c:596)
==3762==    by 0x508BD45: XMesaDestroyContext (xm_api.c:937)
==3762==    by 0x508F8B3: glXDestroyContext (glx_api.c:1363)
==3762==    by 0x403754: ??? (in /usr/bin/glxgears)
==3762==    by 0x6DF176C: (below main) (libc-start.c:226)
==3762==  If you believe this happened as a result of a stack
==3762==  overflow in your program's main thread (unlikely but
==3762==  possible), you can try to increase the size of the
==3762==  main thread stack using the --main-stacksize= flag.
==3762==  The main thread stack size used in this run was 8388608.
==3762== 
==3762== HEAP SUMMARY:
==3762==     in use at exit: 9,178,298 bytes in 7,756 blocks
==3762==   total heap usage: 78,735 allocs, 70,979 frees, 29,436,940 bytes
allocated
==3762== 
==3762== LEAK SUMMARY:
==3762==    definitely lost: 6,400 bytes in 1 blocks
==3762==    indirectly lost: 0 bytes in 0 blocks
==3762==      possibly lost: 877,234 bytes in 1,626 blocks
==3762==    still reachable: 8,294,664 bytes in 6,129 blocks
==3762==         suppressed: 0 bytes in 0 blocks
==3762== Rerun with --leak-check=full to see details of leaked memory
==3762== 
==3762== For counts of detected and suppressed errors, rerun with: -v
==3762== ERROR SUMMARY: 5 errors from 4 contexts (suppressed: 2 from 2)
Segmentation fault

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/mesa-dev/attachments/20130514/b46e294d/attachment-0001.html>

More information about the mesa-dev mailing list