Setup: * GEN7+ HW * Ubuntu 16.04 LTS (Unity/compiz) * Latest Mesa from git Test-case: 1. log in to Unity 2. log in to non-compositing desktop 3. run glxgears Expected outcome: * Desktop and glxgears run fine Actual outcome: * Unity crashes, so one cannot log in * even glxgears crashes Gdb backtrace: ------------------------------------------ Program received signal SIGSEGV, Segmentation fault. intel_alloc_aux_buffer (name=name@entry=0x7ffff47398d1 "hiz-miptree", aux_surf=aux_surf@entry=0x7fffffffe4a0, alloc_flags=alloc_flags@entry=1, mt=0x781a70, brw=0x7ffff7faa040) at ../../../../../../src/mesa/drivers/dri/i965/intel_mipmap_tree.c:1634 1634 buf->qpitch = isl_surf_get_array_pitch_sa_rows(aux_surf); (gdb) bt #0 intel_alloc_aux_buffer (name=name@entry=0x7ffff47398d1 "hiz-miptree", aux_surf=aux_surf@entry=0x7fffffffe4a0, alloc_flags=alloc_flags@entry=1, mt=0x781a70, brw=0x7ffff7faa040) at ../../../../../../src/mesa/drivers/dri/i965/intel_mipmap_tree.c:1634 #1 0x00007ffff4564f3e in intel_miptree_alloc_hiz (brw=brw@entry=0x7ffff7faa040, mt=0x781a70) at ../../../../../../src/mesa/drivers/dri/i965/intel_mipmap_tree.c:1839 #2 0x00007ffff456511b in intel_miptree_create_for_renderbuffer (brw=brw@entry=0x7ffff7faa040, format=<optimized out>, width=width@entry=300, height=height@entry=300, num_samples=<optimized out>) at ../../../../../../src/mesa/drivers/dri/i965/intel_mipmap_tree.c:1046 #3 0x00007ffff455e555 in intel_alloc_private_renderbuffer_storage (ctx=0x7ffff7faa040, rb=0x781430, internalFormat=6402, width=300, height=300) at ../../../../../../src/mesa/drivers/dri/i965/intel_fbo.c:304 #4 0x00007ffff42a4848 in _mesa_resize_framebuffer (ctx=ctx@entry=0x7ffff7faa040, fb=0x780f10, width=300, height=300) at ../../../src/mesa/main/framebuffer.c:298 #5 0x00007ffff452d893 in driUpdateFramebufferSize (ctx=ctx@entry=0x7ffff7faa040, dPriv=dPriv@entry=0x615b10) at ../../../../../../src/mesa/drivers/dri/common/dri_util.c:833 #6 0x00007ffff4539431 in intel_update_renderbuffers (context=context@entry=0x6d1bf0, drawable=drawable@entry=0x615b10) at ../../../../../../src/mesa/drivers/dri/i965/brw_context.c:1430 #7 0x00007ffff4539ab1 in intel_prepare_render (brw=brw@entry=0x7ffff7faa040) at ../../../../../../src/mesa/drivers/dri/i965/brw_context.c:1447 #8 0x00007ffff453a16b in intelMakeCurrent (driContextPriv=0x6d1bf0, driDrawPriv=<optimized out>, driReadPriv=0x615b10) at ../../../../../../src/mesa/drivers/dri/i965/brw_context.c:1287 #9 0x00007ffff452cd26 in driBindContext (pcp=<optimized out>, pdp=<optimized out>, prp=<optimized out>) at ../../../../../../src/mesa/drivers/dri/common/dri_util.c:555 #10 0x00007ffff7bae5f6 in dri3_bind_context (context=0x6152b0, old=<optimized out>, draw=16777218, read=16777218) at ../../../src/glx/dri3_glx.c:235 #11 0x00007ffff7b814c5 in MakeContextCurrent (dpy=0x606010, draw=16777218, read=16777218, gc_user=0x6152b0) at ../../../src/glx/glxcurrent.c:228 #12 0x0000000000401a06 in ?? () #13 0x00007ffff7177830 in __libc_start_main (main=0x401890, argc=1, argv=0x7fffffffea18, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffea08) at ../csu/libc-start.c:291 #14 0x00000000004022f9 in ?? () (gdb) print *aux_surf $1 = {dim = (ISL_SURF_DIM_2D | unknown: 2365440), dim_layout = ISL_DIM_LAYOUT_GEN4_2D, msaa_layout = (unknown: 300), tiling = ISL_TILING_LINEAR, format = 7870240, image_alignment_el = {{w = 0, width = 0}, {h = 4160397376, height = 4160397376}, {d = 32767, depth = 32767}}, logical_level0_px = {{w = 0, width = 0}, {h = 0, height = 0}, {d = 6, depth = 6}, {a = 0, array_len = 0}}, phys_level0_sa = {{w = 300, width = 300}, {h = 0, height = 0}, {d = 2841341952, depth = 2841341952}, { a = 1617732783, array_len = 1617732783}}, levels = 300, samples = 0, size = 140737353785408, alignment = 300, row_pitch = 0, array_pitch_el_rows = 300, array_pitch_span = ISL_ARRAY_PITCH_SPAN_FULL, usage = 140737353785408} ------------------------------------------ Valgrind output: ------------------------------------------ ==11774== Use of uninitialised value of size 8 ==11774== at 0x899F357: intel_alloc_aux_buffer.isra.8 (intel_mipmap_tree.c:1634) ==11774== by 0x89A3F3D: intel_miptree_alloc_hiz (intel_mipmap_tree.c:1839) ==11774== by 0x89A411A: intel_miptree_create_for_renderbuffer (intel_mipmap_tree.c:1046) ==11774== by 0x899D554: intel_alloc_private_renderbuffer_storage (intel_fbo.c:304) ==11774== by 0x86E3847: _mesa_resize_framebuffer (framebuffer.c:298) ==11774== by 0x8978430: intel_update_renderbuffers (brw_context.c:1430) ==11774== by 0x8978AB0: intel_prepare_render (brw_context.c:1447) ==11774== by 0x897916A: intelMakeCurrent (brw_context.c:1287) ==11774== by 0x896BD25: driBindContext (dri_util.c:555) ==11774== by 0x4E845F5: dri3_bind_context (dri3_glx.c:235) ==11774== by 0x4E574C4: MakeContextCurrent (glxcurrent.c:228) ==11774== by 0x401A05: ??? (in /usr/bin/glxgears) ==11774== ==11774== Invalid read of size 1 ==11774== at 0x899F357: intel_alloc_aux_buffer.isra.8 (intel_mipmap_tree.c:1634) ==11774== by 0x89A3F3D: intel_miptree_alloc_hiz (intel_mipmap_tree.c:1839) ==11774== by 0x89A411A: intel_miptree_create_for_renderbuffer (intel_mipmap_tree.c:1046) ==11774== by 0x899D554: intel_alloc_private_renderbuffer_storage (intel_fbo.c:304) ==11774== by 0x86E3847: _mesa_resize_framebuffer (framebuffer.c:298) ==11774== by 0x8978430: intel_update_renderbuffers (brw_context.c:1430) ==11774== by 0x8978AB0: intel_prepare_render (brw_context.c:1447) ==11774== by 0x897916A: intelMakeCurrent (brw_context.c:1287) ==11774== by 0x896BD25: driBindContext (dri_util.c:555) ==11774== by 0x4E845F5: dri3_bind_context (dri3_glx.c:235) ==11774== by 0x4E574C4: MakeContextCurrent (glxcurrent.c:228) ==11774== by 0x401A05: ??? (in /usr/bin/glxgears) ==11774== Address 0x2e80607b3 is not stack'd, malloc'd or (recently) free'd ==11774== ==11774== ==11774== Process terminating with default action of signal 11 (SIGSEGV) ==11774== Access not within mapped region at address 0x2E80607B3 ==11774== at 0x899F357: intel_alloc_aux_buffer.isra.8 (intel_mipmap_tree.c:1634) ------------------------------------------ Git bisected this to: ------------------------------------------ commit f60e23cb57724f001bfafdb577cedf660d6917e1 Author: Topi Pohjolainen <topi.pohjolainen@intel.com> AuthorDate: Thu Dec 22 17:22:39 2016 +0200 Commit: Topi Pohjolainen <topi.pohjolainen@intel.com> CommitDate: Mon Jun 19 22:57:57 2017 +0300 i965/miptree/gen7+: Use isl for hiz layouts v2: Use better assert by checking isl_surf_get_hiz_surf() Reviewed-by: Jason Ekstrand <jason@jlekstrand.net> Signed-off-by: Topi Pohjolainen <topi.pohjolainen@intel.com> ------------------------------------------ Reverting that commit and following blorb & wm commits (which depend on that), will get Mesa again to working state.
This should be fixed by the following commit: commit 17918a037242d04b1a455a2f7a0b869e7a568456 Author: Jason Ekstrand <jason.ekstrand@intel.com> Date: Wed Jun 21 11:15:25 2017 -0700 i965/miptree: Move isl_surf_get_(hiz|mcs)_surf out of the assert Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=101535 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=101538 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=101539 Reviewed-by: Topi Pohjolainen <topi.pohjolainen@intel.com>
Verified, checked that everything from SNB to KBL works again.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.