Bug 81379

Summary: invalid reads from brw::vec4_visitor
Product: Mesa Reporter: Tapani Pälli <lemody>
Component: Drivers/DRI/i965Assignee: Matt Turner <mattst88>
Status: RESOLVED FIXED QA Contact: Intel 3D Bugs Mailing List <intel-3d-bugs>
Severity: critical    
Priority: medium    
Version: git   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:

Description Tapani Pälli 2014-07-15 10:02:38 UTC 
==20519== Invalid read of size 4
==20519==    at 0x5B7F704: brw::vec4_visitor::opt_cse_local(bblock_t*, exec_list*) (brw_vec4_cse.cpp:229)
==20519==    by 0x5B7FA15: brw::vec4_visitor::opt_cse() (brw_vec4_cse.cpp:265)
==20519==    by 0x5B7E6E3: brw::vec4_visitor::run() (brw_vec4.cpp:1681)
==20519==    by 0x5B7E8A6: brw_vs_emit (brw_vec4.cpp:1757)
==20519==    by 0x5B97088: do_vs_prog (brw_vs.c:293)
==20519==    by 0x5B979AD: brw_vs_precompile (brw_vs.c:542)
==20519==    by 0x5B76E84: brw_link_shader (brw_shader.cpp:79)
==20519==    by 0x5A65045: _mesa_glsl_link_shader (ir_to_mesa.cpp:3082)
==20519==    by 0x596EE49: link_program (shaderapi.c:915)
==20519==    by 0x4047E5: init(gfxinfo_t*, void*) (in /home/tpalli/test_animation)
==20519==    by 0x403A8A: TestApplication::exec(unsigned int) (in /home/tpalli/test_animation)
==20519==    by 0x404B88: main (in /home/tpalli/test_animation)
==20519==  Address 0x69c2408 is 16 bytes after a block of size 40 alloc'd
==20519==    at 0x4A081D4: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==20519==    by 0x5B07781: ralloc_size (ralloc.c:113)
==20519==    by 0x5B27AB5: cfg_t::cfg_t(exec_list*) (brw_cfg.cpp:89)
==20519==    by 0x5B84A80: brw::vec4_visitor::calculate_live_intervals() (brw_vec4_live_variables.cpp:251)
==20519==    by 0x5B7C51A: brw::vec4_visitor::dead_code_eliminate() (brw_vec4.cpp:366)
==20519==    by 0x5B7E6AF: brw::vec4_visitor::run() (brw_vec4.cpp:1677)
==20519==    by 0x5B7E8A6: brw_vs_emit (brw_vec4.cpp:1757)
==20519==    by 0x5B97088: do_vs_prog (brw_vs.c:293)
==20519==    by 0x5B979AD: brw_vs_precompile (brw_vs.c:542)
==20519==    by 0x5B76E84: brw_link_shader (brw_shader.cpp:79)
==20519==    by 0x5A65045: _mesa_glsl_link_shader (ir_to_mesa.cpp:3082)
==20519==    by 0x596EE49: link_program (shaderapi.c:915)
Comment 1 Tapani Pälli 2014-07-15 10:05:51 UTC 
this is easy to reprocude with any app, it looks like cfg_t's destructor is releasing memory that is supposed to be usable later on.
Comment 2 Tapani Pälli 2014-07-15 10:49:21 UTC 
If I leave out 'opt_cse()' valgrind is happy.
Comment 3 Tapani Pälli 2014-07-22 07:08:27 UTC 
Invalid reads are gone, bug got fixed by following commit:

--- 8< ---
commit 680fe0acb3e6569f7b9aab1913e9181d5a7eee2f
Author: Matt Turner <mattst88@gmail.com>
Date:   Fri Jul 11 20:54:52 2014 -0700

    i965: Add cfg to backend_visitor.
    
    Reviewed-by: Topi Pohjolainen <topi.pohjolainen@intel.com>

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.