Bug 77402

Summary: KWin crash in brw_workaround_depthstencil_alignment on Haswell
Product: Mesa Reporter: Alexander E. Patrakov <patrakov>
Component: Drivers/DRI/i965Assignee: Ian Romanick <idr>
Status: RESOLVED FIXED QA Contact: Intel 3D Bugs Mailing List <intel-3d-bugs>
Severity: major    
Priority: medium CC: kenny, loic.yhuel
Version: 10.1   
Hardware: x86-64 (AMD64)   
OS: Linux (All)   
Whiteboard:
i915 platform: i915 features:
Attachments: valgrind log

Description Alexander E. Patrakov 2014-04-13 15:48:44 UTC 
Created attachment 97312 [details]
valgrind log

This is a clone of https://bugs.kde.org/show_bug.cgi?id=328496

KWin sometimes gets into a mode when it always crashes on start if desktop effects are enabled. This happens on Haswell hardware.

00:02.0 VGA compatible controller [0300]: Intel Corporation Xeon E3-1200 v3/4th Gen Core Processor Integrated Graphics Controller [8086:0412] (rev 06)

The crash looks as follows:

Application: KWin (kwin), signal: Segmentation fault Using host libthread_db library "/lib64/libthread_db.so.1". [Current thread is 1 (Thread 0x7f525dcc3800 (LWP 22941))] Thread 6 (Thread 0x7f523c0b4700 (LWP 22992)): #0 0x00007f5257ef67de in pthread_cond_timedwait () from /lib64/libpthread.so.0 #1 0x00007f5258188624 in QWaitCondition::wait(QMutex*, unsigned long) () from /usr/lib64/qt4/libQtCore.so.4 #2 0x00007f525817bda5 in ?? () from /usr/lib64/qt4/libQtCore.so.4 #3 0x00007f525818816f in ?? () from /usr/lib64/qt4/libQtCore.so.4 #4 0x00007f5257ef2201 in start_thread () from /lib64/libpthread.so.0 #5 0x00007f525d50158d in clone () from /lib64/libc.so.6 Thread 5 (Thread 0x7f523ae18700 (LWP 23018)): #0 0x00007f5257ef67de in pthread_cond_timedwait () from /lib64/libpthread.so.0 #1 0x00007f5258188624 in QWaitCondition::wait(QMutex*, unsigned long) () from /usr/lib64/qt4/libQtCore.so.4 #2 0x00007f525817bda5 in ?? () from /usr/lib64/qt4/libQtCore.so.4 #3 0x00007f525818816f in ?? () from /usr/lib64/qt4/libQtCore.so.4 #4 0x00007f5257ef2201 in start_thread () from /lib64/libpthread.so.0 #5 0x00007f525d50158d in clone () from /lib64/libc.so.6 Thread 4 (Thread 0x7f523a617700 (LWP 23019)): #0 0x00007f525d4fa403 in select () from /lib64/libc.so.6 #1 0x00007f5258264b21 in ?? () from /usr/lib64/qt4/libQtCore.so.4 #2 0x00007f525818816f in ?? () from /usr/lib64/qt4/libQtCore.so.4 #3 0x00007f5257ef2201 in start_thread () from /lib64/libpthread.so.0 #4 0x00007f525d50158d in clone () from /lib64/libc.so.6 Thread 3 (Thread 0x7f5239c87700 (LWP 23024)): #0 0x00007f5257ef640c in pthread_cond_wait () from /lib64/libpthread.so.0 #1 0x00007f525c6fb86b in ?? () from /usr/lib64/qt4/libQtScript.so.4 #2 0x00007f525c6fb8a9 in ?? () from /usr/lib64/qt4/libQtScript.so.4 #3 0x00007f5257ef2201 in start_thread () from /lib64/libpthread.so.0 #4 0x00007f525d50158d in clone () from /lib64/libc.so.6 Thread 2 (Thread 0x7f5238eff700 (LWP 23025)): #0 0x00007f5257ef67de in pthread_cond_timedwait () from /lib64/libpthread.so.0 #1 0x00007f5258188624 in QWaitCondition::wait(QMutex*, unsigned long) () from /usr/lib64/qt4/libQtCore.so.4 #2 0x00007f525817bda5 in ?? () from /usr/lib64/qt4/libQtCore.so.4 #3 0x00007f525818816f in ?? () from /usr/lib64/qt4/libQtCore.so.4 #4 0x00007f5257ef2201 in start_thread () from /lib64/libpthread.so.0 #5 0x00007f525d50158d in clone () from /lib64/libc.so.6 Thread 1 (Thread 0x7f525dcc3800 (LWP 22941)): [KCrash Handler] #5 0x00007f51abbbe758 in get_stencil_miptree (irb=0x27cf660) at brw_misc_state.c:257 #6 brw_workaround_depthstencil_alignment (brw=brw@entry=0x7f5238126038, clear_mask=clear_mask@entry=0) at brw_misc_state.c:273 #7 0x00007f51abb7b72d in brw_try_draw_prims (indirect=0x0, max_index=23, min_index=0, ib=0x0, nr_prims=1, prims=0x7fff99c1b300, arrays=0x28a4730, ctx=0x7f5238126038) at brw_draw.c:415 #8 brw_draw_prims (ctx=0x7f5238126038, prims=0x7fff99c1b300, nr_prims=1, ib=0x0, index_bounds_valid=<optimized out>, min_index=0, max_index=23, unused_tfb_object=0x0, indirect=0x0) at brw_draw.c:569 #9 0x00007f51ab9da23d in vbo_draw_arrays (ctx=0x7f5238126038, mode=4, start=0, count=24, numInstances=1, baseInstance=0) at vbo/vbo_exec_array.c:661 #10 0x00007f5258fb337e in KWin::GLVertexBuffer::draw (this=this@entry=0x2e6b470, region=..., primitiveMode=primitiveMode@entry=4, first=first@entry=0, count=24, hardwareClipping=hardwareClipping@entry=false) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/libkwineffects/kwinglutils.cpp:1949 #11 0x00007f5258fb6359 in KWin::GLVertexBuffer::render (this=0x2e6b470, region=..., primitiveMode=4, hardwareClipping=<optimized out>) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/libkwineffects/kwinglutils.cpp:1902 #12 0x00007f5258fb63bd in KWin::GLVertexBuffer::render (this=0x2e6b470, primitiveMode=4) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/libkwineffects/kwinglutils.cpp:1896 #13 0x00007f525d893115 in KWin::SceneOpenGL::paintBackground (this=this@entry=0x2e70060, region=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene_opengl.cpp:460 #14 0x00007f525d88337e in KWin::Scene::paintSimpleScreen (this=this@entry=0x2e70060, orig_mask=orig_mask@entry=0, region=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene.cpp:367 #15 0x00007f525d8810a5 in KWin::Scene::finalPaintScreen (this=0x2e70060, mask=mask@entry=0, region=..., data=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene.cpp:198 #16 0x00007f525d8a372d in KWin::EffectsHandlerImpl::paintScreen (this=0x2e701e0, mask=0, region=..., data=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/effects.cpp:375 #17 0x00007f525d883563 in KWin::Scene::paintScreen (this=this@entry=0x2e70060, mask=mask@entry=0x7fff99c1b84c, damage=..., repaint=..., updateRegion=updateRegion@entry=0x7fff99c1b860, validRegion=validRegion@entry=0x7fff99c1b870) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene.cpp:148 #18 0x00007f525d89634e in KWin::SceneOpenGL::paint (this=this@entry=0x2e70060, damage=..., toplevels=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene_opengl.cpp:389 #19 0x00007f525d8966b7 in KWin::SceneOpenGL1::paint (this=0x2e70060, damage=..., windows=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene_opengl.cpp:875 #20 0x00007f525d87b223 in KWin::Compositor::performCompositing (this=this@entry=0x26e84c0) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/composite.cpp:618 #21 0x00007f525d87c4e9 in KWin::Compositor::slotCompositingOptionsInitialized (this=0x26e84c0) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/composite.cpp:273 #22 0x00007f525d805865 in KWin::Compositor::qt_static_metacall (_o=<optimized out>, _id=<optimized out>, _a=<optimized out>, _c=<optimized out>) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8_build/kwin/moc_composite.cpp:193 #23 0x00007f525829b2c8 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/qt4/libQtCore.so.4 #24 0x00007f5258178fc8 in QFutureWatcherBase::event(QEvent*) () from /usr/lib64/qt4/libQtCore.so.4 #25 0x00007f525740b47c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #26 0x00007f5257411a40 in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #27 0x00007f525c146a6a in KApplication::notify(QObject*, QEvent*) () from /usr/lib64/libkdeui.so.5 #28 0x00007f525828775d in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/qt4/libQtCore.so.4 #29 0x00007f525828a7af in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib64/qt4/libQtCore.so.4 #30 0x00007f52574a8109 in ?? () from /usr/lib64/qt4/libQtGui.so.4 #31 0x00007f52582863bf in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/qt4/libQtCore.so.4 #32 0x00007f52582866b5 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/qt4/libQtCore.so.4 #33 0x00007f525828b7cb in QCoreApplication::exec() () from /usr/lib64/qt4/libQtCore.so.4 #34 0x00007f525d8352c6 in kdemain (argc=3, argv=0x7fff99c1c518) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/main.cpp:597 #35 0x00007f525d43aa65 in __libc_start_main () from /lib64/libc.so.6 #36 0x000000000040077e in _start ()

Attached valgrind log (that unfortunately complains about all hardware writes as invalid) complains about near-NULL pointer read in brw_workaround_depthstencil_alignment. See line 5316.
Comment 1 Alexander E. Patrakov 2014-04-13 15:52:09 UTC 
Sorry for bad formatting of the crash. Reposting:

Application: KWin (kwin), signal: Segmentation fault
Using host libthread_db library "/lib64/libthread_db.so.1".
[Current thread is 1 (Thread 0x7f525dcc3800 (LWP 22941))]

Thread 6 (Thread 0x7f523c0b4700 (LWP 22992)):
#0  0x00007f5257ef67de in pthread_cond_timedwait () from /lib64/libpthread.so.0
#1  0x00007f5258188624 in QWaitCondition::wait(QMutex*, unsigned long) () from /usr/lib64/qt4/libQtCore.so.4
#2  0x00007f525817bda5 in ?? () from /usr/lib64/qt4/libQtCore.so.4
#3  0x00007f525818816f in ?? () from /usr/lib64/qt4/libQtCore.so.4
#4  0x00007f5257ef2201 in start_thread () from /lib64/libpthread.so.0
#5  0x00007f525d50158d in clone () from /lib64/libc.so.6

Thread 5 (Thread 0x7f523ae18700 (LWP 23018)):
#0  0x00007f5257ef67de in pthread_cond_timedwait () from /lib64/libpthread.so.0
#1  0x00007f5258188624 in QWaitCondition::wait(QMutex*, unsigned long) () from /usr/lib64/qt4/libQtCore.so.4
#2  0x00007f525817bda5 in ?? () from /usr/lib64/qt4/libQtCore.so.4
#3  0x00007f525818816f in ?? () from /usr/lib64/qt4/libQtCore.so.4
#4  0x00007f5257ef2201 in start_thread () from /lib64/libpthread.so.0
#5  0x00007f525d50158d in clone () from /lib64/libc.so.6

Thread 4 (Thread 0x7f523a617700 (LWP 23019)):
#0  0x00007f525d4fa403 in select () from /lib64/libc.so.6
#1  0x00007f5258264b21 in ?? () from /usr/lib64/qt4/libQtCore.so.4
#2  0x00007f525818816f in ?? () from /usr/lib64/qt4/libQtCore.so.4
#3  0x00007f5257ef2201 in start_thread () from /lib64/libpthread.so.0
#4  0x00007f525d50158d in clone () from /lib64/libc.so.6

Thread 3 (Thread 0x7f5239c87700 (LWP 23024)):
#0  0x00007f5257ef640c in pthread_cond_wait () from /lib64/libpthread.so.0
#1  0x00007f525c6fb86b in ?? () from /usr/lib64/qt4/libQtScript.so.4
#2  0x00007f525c6fb8a9 in ?? () from /usr/lib64/qt4/libQtScript.so.4
#3  0x00007f5257ef2201 in start_thread () from /lib64/libpthread.so.0
#4  0x00007f525d50158d in clone () from /lib64/libc.so.6

Thread 2 (Thread 0x7f5238eff700 (LWP 23025)):
#0  0x00007f5257ef67de in pthread_cond_timedwait () from /lib64/libpthread.so.0
#1  0x00007f5258188624 in QWaitCondition::wait(QMutex*, unsigned long) () from /usr/lib64/qt4/libQtCore.so.4
#2  0x00007f525817bda5 in ?? () from /usr/lib64/qt4/libQtCore.so.4
#3  0x00007f525818816f in ?? () from /usr/lib64/qt4/libQtCore.so.4
#4  0x00007f5257ef2201 in start_thread () from /lib64/libpthread.so.0
#5  0x00007f525d50158d in clone () from /lib64/libc.so.6

Thread 1 (Thread 0x7f525dcc3800 (LWP 22941)):
[KCrash Handler]
#5  0x00007f51abbbe758 in get_stencil_miptree (irb=0x27cf660) at brw_misc_state.c:257
#6  brw_workaround_depthstencil_alignment (brw=brw@entry=0x7f5238126038, clear_mask=clear_mask@entry=0) at brw_misc_state.c:273
#7  0x00007f51abb7b72d in brw_try_draw_prims (indirect=0x0, max_index=23, min_index=0, ib=0x0, nr_prims=1, prims=0x7fff99c1b300, arrays=0x28a4730, ctx=0x7f5238126038) at brw_draw.c:415
#8  brw_draw_prims (ctx=0x7f5238126038, prims=0x7fff99c1b300, nr_prims=1, ib=0x0, index_bounds_valid=&lt;optimized out&gt;, min_index=0, max_index=23, unused_tfb_object=0x0, indirect=0x0) at brw_draw.c:569
#9  0x00007f51ab9da23d in vbo_draw_arrays (ctx=0x7f5238126038, mode=4, start=0, count=24, numInstances=1, baseInstance=0) at vbo/vbo_exec_array.c:661
#10 0x00007f5258fb337e in KWin::GLVertexBuffer::draw (this=this@entry=0x2e6b470, region=..., primitiveMode=primitiveMode@entry=4, first=first@entry=0, count=24, hardwareClipping=hardwareClipping@entry=false) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/libkwineffects/kwinglutils.cpp:1949
#11 0x00007f5258fb6359 in KWin::GLVertexBuffer::render (this=0x2e6b470, region=..., primitiveMode=4, hardwareClipping=&lt;optimized out&gt;) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/libkwineffects/kwinglutils.cpp:1902
#12 0x00007f5258fb63bd in KWin::GLVertexBuffer::render (this=0x2e6b470, primitiveMode=4) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/libkwineffects/kwinglutils.cpp:1896
#13 0x00007f525d893115 in KWin::SceneOpenGL::paintBackground (this=this@entry=0x2e70060, region=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene_opengl.cpp:460
#14 0x00007f525d88337e in KWin::Scene::paintSimpleScreen (this=this@entry=0x2e70060, orig_mask=orig_mask@entry=0, region=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene.cpp:367
#15 0x00007f525d8810a5 in KWin::Scene::finalPaintScreen (this=0x2e70060, mask=mask@entry=0, region=..., data=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene.cpp:198
#16 0x00007f525d8a372d in KWin::EffectsHandlerImpl::paintScreen (this=0x2e701e0, mask=0, region=..., data=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/effects.cpp:375
#17 0x00007f525d883563 in KWin::Scene::paintScreen (this=this@entry=0x2e70060, mask=mask@entry=0x7fff99c1b84c, damage=..., repaint=..., updateRegion=updateRegion@entry=0x7fff99c1b860, validRegion=validRegion@entry=0x7fff99c1b870) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene.cpp:148
#18 0x00007f525d89634e in KWin::SceneOpenGL::paint (this=this@entry=0x2e70060, damage=..., toplevels=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene_opengl.cpp:389
#19 0x00007f525d8966b7 in KWin::SceneOpenGL1::paint (this=0x2e70060, damage=..., windows=...) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/scene_opengl.cpp:875
#20 0x00007f525d87b223 in KWin::Compositor::performCompositing (this=this@entry=0x26e84c0) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/composite.cpp:618
#21 0x00007f525d87c4e9 in KWin::Compositor::slotCompositingOptionsInitialized (this=0x26e84c0) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/composite.cpp:273
#22 0x00007f525d805865 in KWin::Compositor::qt_static_metacall (_o=&lt;optimized out&gt;, _id=&lt;optimized out&gt;, _a=&lt;optimized out&gt;, _c=&lt;optimized out&gt;) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8_build/kwin/moc_composite.cpp:193
#23 0x00007f525829b2c8 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/qt4/libQtCore.so.4
#24 0x00007f5258178fc8 in QFutureWatcherBase::event(QEvent*) () from /usr/lib64/qt4/libQtCore.so.4
#25 0x00007f525740b47c in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/qt4/libQtGui.so.4
#26 0x00007f5257411a40 in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/qt4/libQtGui.so.4
#27 0x00007f525c146a6a in KApplication::notify(QObject*, QEvent*) () from /usr/lib64/libkdeui.so.5
#28 0x00007f525828775d in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/qt4/libQtCore.so.4
#29 0x00007f525828a7af in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib64/qt4/libQtCore.so.4
#30 0x00007f52574a8109 in ?? () from /usr/lib64/qt4/libQtGui.so.4
#31 0x00007f52582863bf in QEventLoop::processEvents(QFlags&lt;QEventLoop::ProcessEventsFlag&gt;) () from /usr/lib64/qt4/libQtCore.so.4
#32 0x00007f52582866b5 in QEventLoop::exec(QFlags&lt;QEventLoop::ProcessEventsFlag&gt;) () from /usr/lib64/qt4/libQtCore.so.4
#33 0x00007f525828b7cb in QCoreApplication::exec() () from /usr/lib64/qt4/libQtCore.so.4
#34 0x00007f525d8352c6 in kdemain (argc=3, argv=0x7fff99c1c518) at /usr/portage/packages/portage/kde-base/kwin-4.11.8/work/kwin-4.11.8/kwin/main.cpp:597
#35 0x00007f525d43aa65 in __libc_start_main () from /lib64/libc.so.6
#36 0x000000000040077e in _start ()
Comment 2 Kenneth Graunke 2014-04-13 17:15:51 UTC 
Huh, I've never seen this failure mode.  But it sounds entirely plausible.

The X server's GLX code has a bug where it may randomly return a bogus visual/fbconfig; perhaps it ended up not having stencil, and we crashed?

That bug is fixed in X server git, and the upcoming 1.15.1 and 1.14.6 releases (due any day now).  Alternatively, you could try asking KWin to use EGL:

   KWIN_OPENGL_INTERFACE=egl kwin --replace &

Does either of those fix this issue for you?
Comment 3 Alexander E. Patrakov 2014-04-13 17:32:25 UTC 
Tested by applying eec04d76a39a7334de4e00ef9f0f6e44c92b3d91 on top of 1.15.0. Cannot reproduce the bug anymore.
Comment 4 Chris Bainbridge 2014-12-06 15:26:35 UTC 
*** Bug 82793 has been marked as a duplicate of this bug. ***
Comment 5 Chris Bainbridge 2014-12-06 15:28:27 UTC 
*** Bug 85077 has been marked as a duplicate of this bug. ***

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.