$ ASAN_OPTIONS=abort_on_error=1 LD_PRELOAD=libasan.so LD_LIBRARY_PATH=/tmp/mesa-root-git/lib LIBGL_ALWAYS_SOFTWARE=1 gdb -q --args glretrace ./robot.trace
Reading symbols from /usr/bin/glretrace...(no debugging symbols found)...done.
(gdb) watch *0x605200001b80
Hardware watchpoint 1: *0x605200001b80
(gdb) break draw/draw_pipe_vbuf.c:163 if prim->v[i]->vertex_id != 65535 && prim->v[i]->vertex_id > 100
No symbol table is loaded.  Use the "file" command.
Make breakpoint pending on future shared library load? (y or [n]) y
Breakpoint 2 (draw/draw_pipe_vbuf.c:163 if prim->v[i]->vertex_id != 65535 && prim->v[i]->vertex_id > 100) pending.
(gdb) watch *0x603600010f10
Hardware watchpoint 3: *0x603600010f10
(gdb) r
Starting program: /usr/bin/glretrace ./robot.trace
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
[New Thread 0x7fffed58c700 (LWP 9646)]
[New Thread 0x7fffeca85700 (LWP 9647)]
[New Thread 0x7fffebf7e700 (LWP 9648)]
[New Thread 0x7fffeb477700 (LWP 9649)]
Hardware watchpoint 1: *0x605200001b80

Old value = 0
New value = 65536
vbuf_tri (stage=stage@entry=0x601e00009730, prim=prim@entry=0x7fffffffd1a0) at draw/draw_pipe_vbuf.c:162
162        for (i = 0; i < 3; i++) {
(gdb) c
Continuing.
Hardware watchpoint 3: *0x603600010f10

Old value = 0
New value = -1089586972
0x00007fffea52d74e in ?? ()
(gdb) bt
#0  0x00007fffea52d74e in ?? ()
#1  0x0000000000000007 in ?? ()
#2  0x0000000000000006 in ?? ()
#3  0x0000000000000005 in ?? ()
#4  0x000010007fff7ace in ?? ()
#5  0x0000000000000006 in ?? ()
#6  0x000060680001b1e8 in ?? ()
#7  0x0000000000000000 in ?? ()


[ snip ]
(gdb) c
Continuing.

Breakpoint 2, vbuf_tri (stage=stage@entry=0x601e00009730, prim=prim@entry=0x7fffffffcfb0) at draw/draw_pipe_vbuf.c:163
163           vbuf->indices[vbuf->nr_indices++] = emit_vertex( vbuf, prim->v[i] );
(gdb) bt
#0  vbuf_tri (stage=stage@entry=0x601e00009730, prim=prim@entry=0x7fffffffcfb0) at draw/draw_pipe_vbuf.c:163
#1  0x00007ffff05ff8df in vbuf_first_tri (stage=0x601e00009730, prim=0x7fffffffcfb0) at draw/draw_pipe_vbuf.c:284
#2  0x00007ffff05fc5d9 in draw_pipe_passthrough_tri (stage=0x60360000e200, header=0x7fffffffcfb0) at draw/draw_pipe_util.c:54
#3  0x00007ffff05ea237 in emit_poly (stage=stage@entry=0x602a0001f9a0, inlist=inlist@entry=0x7fffffffd290, edgeflags=edgeflags@entry=0x7fffffffd130 "\001\001\001\001\066`", n=n@entry=3, 
    origPrim=origPrim@entry=0x7fffffffd450) at draw/draw_pipe_clip.c:324
#4  0x00007ffff05eb786 in do_clip_tri (stage=stage@entry=0x602a0001f9a0, header=header@entry=0x7fffffffd450, clipmask=0, clipmask@entry=14564) at draw/draw_pipe_clip.c:545
#5  0x00007ffff05ec46c in clip_tri (stage=0x602a0001f9a0, header=0x7fffffffd450) at draw/draw_pipe_clip.c:653
#6  0x00007ffff05d1fc3 in do_triangle (draw=draw@entry=0x60680001b100, flags=flags@entry=15, v0=<optimized out>, v1=<optimized out>, v2=v2@entry=0x603600010f54 "\344\070\016\277") at draw/draw_pipe.c:166
#7  0x00007ffff05d7008 in pipe_run_linear (draw=draw@entry=0x60680001b100, prim=<optimized out>, prim_flags=<optimized out>, vertices=vertices@entry=0x603600010e00, stride=<optimized out>, count=count@entry=6)
    at draw/draw_decompose_tmp.h:103
#8  0x00007ffff05d9eab in draw_pipeline_run_linear (draw=0x60680001b100, vert_info=vert_info@entry=0x7fffffffd690, prim_info=prim_info@entry=0x7fffffffd8d0) at draw/draw_pipe.c:333
#9  0x00007ffff0949436 in pipeline (llvm=llvm@entry=0x601a0000cd00, vert_info=vert_info@entry=0x7fffffffd690, prim_info=prim_info@entry=0x7fffffffd8d0) at draw/draw_pt_fetch_shade_pipeline_llvm.c:286
#10 0x00007ffff094a486 in llvm_pipeline_generic (middle=middle@entry=0x601a0000cd00, fetch_info=0x0, fetch_info@entry=0x7fffffffd890, in_prim_info=in_prim_info@entry=0x7fffffffd8d0)
    at draw/draw_pt_fetch_shade_pipeline_llvm.c:429
#11 0x00007ffff094ad49 in llvm_middle_end_linear_run (middle=<optimized out>, start=<optimized out>, count=<optimized out>, prim_flags=<optimized out>) at draw/draw_pt_fetch_shade_pipeline_llvm.c:494
#12 0x00007ffff0637c9c in vsplit_segment_simple_linear (vsplit=vsplit@entry=0x60740000c900, flags=flags@entry=0, istart=istart@entry=4, icount=icount@entry=6) at draw/draw_pt_vsplit_tmp.h:240
#13 0x00007ffff06383ad in vsplit_run_linear (frontend=<optimized out>, start=<optimized out>, count=6) at draw/draw_split_tmp.h:60
#14 0x00007ffff060f451 in draw_pt_arrays (draw=draw@entry=0x60680001b100, prim=<optimized out>, start=<optimized out>, count=count@entry=6) at draw/draw_pt.c:149
#15 0x00007ffff0611c41 in draw_vbo (draw=draw@entry=0x60680001b100, info=0x7fffffffdbe0, info@entry=0x7fffffffdda0) at draw/draw_pt.c:562
#16 0x00007ffff09fc859 in llvmpipe_draw_vbo (pipe=0x606e0001c300, info=0x7fffffffdda0) at lp_draw_arrays.c:126
#17 0x00007ffff05bb1e8 in cso_draw_vbo (cso=0x60640001a500, info=info@entry=0x7fffffffdda0) at cso_cache/cso_context.c:1400
#18 0x00007ffff02dc6bb in st_draw_vbo (ctx=<optimized out>, prims=<optimized out>, nr_prims=<optimized out>, ib=<optimized out>, index_bounds_valid=<optimized out>, min_index=<optimized out>, max_index=<optimized out>, 
    tfb_vertcount=<optimized out>, indirect=<optimized out>) at state_tracker/st_draw.c:290
#19 0x00007ffff021e418 in vbo_exec_vtx_flush (exec=exec@entry=0x608800012e48, keepUnmapped=keepUnmapped@entry=0 '\000') at vbo/vbo_exec_draw.c:399
#20 0x00007ffff01acb3e in vbo_exec_wrap_buffers (exec=exec@entry=0x608800012e48) at vbo/vbo_exec_api.c:89
#21 0x00007ffff01ae159 in vbo_exec_wrap_upgrade_vertex (exec=exec@entry=0x608800012e48, attr=attr@entry=3, newSize=newSize@entry=4) at vbo/vbo_exec_api.c:251
#22 0x00007ffff01af67e in vbo_exec_fixup_vertex (ctx=ctx@entry=0x7fffea7bb800, attr=attr@entry=3, newSize=newSize@entry=4) at vbo/vbo_exec_api.c:375
#23 0x00007ffff01b4ebb in vbo_Color4f (x=0.00392156886, y=0.00392156886, z=0.00392156886, w=1) at vbo/vbo_attrib_tmp.h:379
#24 0x00007fffefe8ad14 in _mesa_Color3b (red=red@entry=0 '\000', green=green@entry=0 '\000', blue=blue@entry=0 '\000') at main/api_loopback.c:92
#25 0x00007ffff309749b in glColor3b (red=0 '\000', green=<optimized out>, blue=<optimized out>) at ../../../src/mapi/glapi/glapi_mapi_tmp.h:1512
#26 0x00000000004e3ad0 in ?? ()
#27 0x000000000040d087 in ?? ()
#28 0x000000000040a912 in ?? ()
#29 0x000000000040b157 in ?? ()
#30 0x0000000000406f35 in ?? ()
#31 0x00007ffff3944b05 in __libc_start_main () from /usr/lib/libc.so.6
#32 0x0000000000408099 in _start ()
(gdb) p prim->v[0][0]
$1 = {clipmask = 14564, edgeflag = 0, have_clipdist = 0, vertex_id = 48910, clip = {-0.826086998, 0, 1, 199.999985}, pre_clip_pos = {12.0000076, 0.5, 1, 1}, data = 0x603600010f34}


[ snip]

(gdb) up
#4  0x00007ffff05d9eab in draw_pipeline_run_linear (draw=0x60680001b100, vert_info=vert_info@entry=0x7fffffffd690, prim_info=prim_info@entry=0x7fffffffd8d0) at draw/draw_pipe.c:333
333           pipe_run_linear(draw,
(gdb) p vert_info
$33 = (const struct draw_vertex_info *) 0x7fffffffd690
(gdb) p *vert_info
$34 = {verts = 0x603600010e00, vertex_size = 68, stride = 68, count = 6}
(gdb) down
#3  0x00007ffff05d7008 in pipe_run_linear (draw=draw@entry=0x60680001b100, prim=<optimized out>, prim_flags=<optimized out>, vertices=vertices@entry=0x603600010e00, stride=<optimized out>, count=count@entry=6)
    at draw/draw_decompose_tmp.h:103
103              TRIANGLE(flags, idx[0], idx[1], idx[2]);
(gdb) p *(struct vertex_header *)(verts + 272)
$40 = {clipmask = 14564, edgeflag = 0, have_clipdist = 0, vertex_id = 48910, clip = {-0.826086998, 0, 1, 199.999985}, pre_clip_pos = {12.0000076, 0.5, 1, 1}, data = 0x603600010f34}


(gdb) p *(struct vertex_header*) ((char[68]*)verts)[0]
$53 = {clipmask = 2, edgeflag = 1, have_clipdist = 0, vertex_id = 65535, clip = {-1.02222228, 0.826086879, 0, 1}, pre_clip_pos = {-1.02222228, 0.826086879, 0, 1}, data = 0x603600010e24}
(gdb) p *(struct vertex_header*) ((char[68]*)verts)[1]
$54 = {clipmask = 0, edgeflag = 0, have_clipdist = 0, vertex_id = 0, clip = {0, 0, 0, -nan(0x7f4000)}, pre_clip_pos = {-0.977777779, 0.826086879, 0, 1}, data = 0x603600010e68}
(gdb) p *(struct vertex_header*) ((char[68]*)verts)[2]
$55 = {clipmask = 0, edgeflag = 0, have_clipdist = 0, vertex_id = 0, clip = {1, 0, 1, 0}, pre_clip_pos = {0, 0, 0, -nan(0x7f4000)}, data = 0x603600010eac}
(gdb) p *(struct vertex_header*) ((char[68]*)verts)[3]
$56 = {clipmask = 0, edgeflag = 0, have_clipdist = 0, vertex_id = 0, clip = {-197.999985, 0.5, 1, 0}, pre_clip_pos = {1, 0, 1, 0}, data = 0x603600010ef0}
(gdb) p *(struct vertex_header*) ((char[68]*)verts)[4]
$57 = {clipmask = 14564, edgeflag = 0, have_clipdist = 0, vertex_id = 48910, clip = {-0.826086998, 0, 1, 199.999985}, pre_clip_pos = {12.0000076, 0.5, 1, 1}, data = 0x603600010f34}
(gdb) p *(struct vertex_header*) ((char[68]*)verts)[5]
$58 = {clipmask = 14564, edgeflag = 0, have_clipdist = 0, vertex_id = 48910, clip = {-1, 0, 1, -0.555555582}, pre_clip_pos = {-1, 0, 1, 199.999985}, data = 0x603600010f78}
(gdb) p *(struct vertex_header*) ((char[68]*)verts)[6]
$59 = {clipmask = 0, edgeflag = 0, have_clipdist = 0, vertex_id = 0, clip = {0, 0, -nan(0x7f4000), -0.51111114}, pre_clip_pos = {-0.913043499, 0, 1, -0.51111114}, data = 0x603600010fbc}
(gdb) p *(struct vertex_header*) ((char[68]*)verts)[7]
$60 = {clipmask = 0, edgeflag = 0, have_clipdist = 0, vertex_id = 0, clip = {0, 1, 0, 0}, pre_clip_pos = {0, 0, -nan(0x7f4000), -0.51111114}, data = 0x603600011000}



[ snip ]

#6  0x00007ffff094a486 in llvm_pipeline_generic (middle=middle@entry=0x601a0000cd00, fetch_info=0x0, fetch_info@entry=0x7fffffffd890, in_prim_info=in_prim_info@entry=0x7fffffffd8d0)
    at draw/draw_pt_fetch_shade_pipeline_llvm.c:429
429              pipeline( fpme, vert_info, prim_info );
(gdb) p ((struct vertex_header*) ((char[68]*)vert_info->verts))[1]
$74 = {
  clipmask = 32, 
  edgeflag = 0, 
  have_clipdist = 0, 
  vertex_id = 49440, 
  clip = {-178, 0.5, 1, 0}, 
  pre_clip_pos = {1, 0, 1, 0}, 
  data = 0x603600010e48
}


[ snip ]

(gdb) c
Continuing.

Breakpoint 2, vbuf_tri (stage=stage@entry=0x601e00009730, prim=prim@entry=0x7fffffffcfb0) at draw/draw_pipe_vbuf.c:163
163           vbuf->indices[vbuf->nr_indices++] = emit_vertex( vbuf, prim->v[i] );
(gdb) c
Continuing.
Hardware watchpoint 1: *0x605200001b80

Old value = 65536
New value = 114446
vbuf_tri (stage=stage@entry=0x601e00009730, prim=prim@entry=0x7fffffffcfb0) at draw/draw_pipe_vbuf.c:162
162        for (i = 0; i < 3; i++) {
(gdb) c
Continuing.
Hardware watchpoint 1: *0x605200001b80

Old value = 114446
New value = 48910
vbuf_tri (stage=stage@entry=0x601e00009730, prim=prim@entry=0x7fffffffcfb0) at draw/draw_pipe_vbuf.c:162
162        for (i = 0; i < 3; i++) {
(gdb) 
Continuing.

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff0a491de in calc_fixed_position (setup=setup@entry=0x60740000a100, position=position@entry=0x7fffffffda30, v0=v0@entry=0x6062005022c0, v1=v1@entry=0x606200384100, v2=v2@entry=0x606200384120) at lp_setup_tri.c:851
851        position->x[0] = subpixel_snap(v0[0][0] - setup->pixel_offset);
(gdb) 
Continuing.
ASAN:SIGSEGV
=================================================================
==9787== ERROR: AddressSanitizer: SEGV on unknown address 0x6062005022c0 (pc 0x7ffff0a491de sp 0x7fffffffd9a0 bp 0x7fffffffd9d0 T0)
AddressSanitizer can not provide additional info.
    #0 0x7ffff0a491dd (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0xd171dd)
    #1 0x7ffff0a4a501 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0xd18501)
    #2 0x7ffff0a2eeb7 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0xcfceb7)
    #3 0x7ffff0a4b76a (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0xd1976a)
    #4 0x7ffff05ffbd5 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x8cdbd5)
    #5 0x7ffff06002a8 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x8ce2a8)
    #6 0x7ffff05e0ab0 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x8aeab0)
    #7 0x7ffff05ed279 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x8bb279)
    #8 0x7ffff05da063 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x8a8063)
    #9 0x7ffff05c16a7 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x88f6a7)
    #10 0x7ffff05bf570 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x88d570)
    #11 0x7ffff09fca09 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0xccaa09)
    #12 0x7ffff05bb1e7 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x8891e7)
    #13 0x7ffff02dc6ba (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x5aa6ba)
    #14 0x7ffff021e417 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x4ec417)
    #15 0x7ffff01acb3d (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x47ab3d)
    #16 0x7ffff01ae158 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x47c158)
    #17 0x7ffff01af67d (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x47d67d)
    #18 0x7ffff01b4eba (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x482eba)
    #19 0x7fffefe8ad13 (/tmp/mesa-root-git/lib/dri/swrast_dri.so+0x158d13)
    #20 0x7ffff309749a (/tmp/mesa-root-git/lib/libGL.so.1.2.0+0x10e49a)
    #21 0x4e3acf (/usr/bin/glretrace+0x4e3acf)
    #22 0x40d086 (/usr/bin/glretrace+0x40d086)
    #23 0x40a911 (/usr/bin/glretrace+0x40a911)
    #24 0x40b156 (/usr/bin/glretrace+0x40b156)
    #25 0x406f34 (/usr/bin/glretrace+0x406f34)
    #26 0x7ffff3944b04 (/usr/lib/libc-2.18.so+0x21b04)
    #27 0x408098 (/usr/bin/glretrace+0x408098)
==9787== ABORTING