Bug 37274 - Crash in draw_llvm_shader23 (r300g, rs690, in warzone2100)
Summary: Crash in draw_llvm_shader23 (r300g, rs690, in warzone2100)
Status: RESOLVED MOVED
Alias: None
Product: Mesa
Classification: Unclassified
Component: Drivers/Gallium/r300 (show other bugs)
Version: git
Hardware: x86-64 (AMD64) Linux (All)
: medium normal
Assignee: Default DRI bug account
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-05-16 18:48 UTC by David Heidelberg (okias)
Modified: 2019-09-18 18:50 UTC (History)
1 user (show)

See Also:
i915 platform:
i915 features:


Attachments
RS740 debug info (14.87 KB, application/octet-stream)
2012-03-08 18:22 UTC, rodrigo2kpereira
Details

Description David Heidelberg (okias) 2011-05-16 18:48:16 UTC
I played this game about 1-2 hours and then it crashed. Not sure if it's easily reproducible.

I can test patches if is needed.

Here is console output:

~ $ cat /tmp/warzone2100.gdmp-ZfjND9 
Program: /usr/games/bin/warzone2100(warzone2100)
Command line: "warzone2100" 
Version: Version 2.3.7
Distributor: Gentoo warzone2100-2.3.7
Compiled on: May 17 2011 00:04:04
Compiled by: GCC 4.5.2
Compiled mode: Release build
Executed on: Tue May 17 02:08:08 2011
Operating system: Linux
Node name: darussia-amd
Release: 2.6.39-rc7-dirty
Version: #1 SMP Tue May 10 14:39:07 CEST 2011
Machine: x86_64

Pointers: 64bit

Compiled against PhysicsFS version: 2.0.2
Running with PhysicsFS version: 2.0.2

Misc Data:
[02:08:09]OpenGL Vendor : X.Org R300 Project
[02:08:09]OpenGL Renderer : Gallium 0.4 on ATI RS690
[02:08:09]OpenGL Version : 2.1 Mesa 7.11-devel (git-a3ac28a)
[02:08:09]OpenGL GLSL Version : 1.20
[02:08:09]Video Mode 1280 x 800 (32 bpp) (fullscreen)
[02:08:10]OpenAL Vendor: OpenAL Community
[02:08:10]OpenAL Version: 1.1 ALSOFT 1.13
[02:08:10]OpenAL Renderer: OpenAL Soft
[02:08:10]OpenAL Extensions: AL_EXT_DOUBLE AL_EXT_EXPONENT_DISTANCE AL_EXT_FLOAT32 AL_EXT_IMA4 AL_EXT_LINEAR_DISTANCE AL_EXT_MCFORMATS AL_EXT_MULAW AL_EXT_MULAW_MCFORMATS AL_EXT_OFFSET AL_EXT_source_distance_model AL_LOKI_quadriphonic AL_SOFT_buffer_sub_data AL_SOF
[02:08:10]Using language: System locale
[02:08:19]Current Level/map is SUB_1_1S
[02:19:39]Current Level/map is SUB_1_1
[02:30:19]Current Level/map is SUB_1_2S
[02:31:51]Current Level/map is SUB_1_2
[02:34:46]Current Level/map is SUB_1_2S
[02:36:03]Current Level/map is SUB_1_2
[02:37:13]Current Level/map is SUB_1_2S
[02:37:38]Current Level/map is SUB_1_2
[02:50:26]Current Level/map is SUB_1_3S
[02:59:57]Current Level/map is SUB_1_3
[03:09:42]Current Level/map is SUB_1_3S
[03:22:01]Current Level/map is SUB_1_3

Dump caused by signal: SIGSEGV: Invalid memory reference: Address not mapped to object

Log message: info    |03:03:03: [seq_Play] unable to open 'sequences/cam1/sub13np1.ogg' for playback
Log message: info    |03:03:03: [seq_Play] unable to open 'sequences/npend.ogg' for playback
Log message: info    |03:03:17: [seq_Play] unable to open 'sequences/cam1/sub13np1.ogg' for playback
Log message: info    |03:03:17: [seq_Play] unable to open 'sequences/npend.ogg' for playback
Log message: info    |03:03:19: [seq_Play] unable to open 'sequences/cam1/sub13np1.ogg' for playback
Log message: info    |03:03:19: [seq_Play] unable to open 'sequences/npend.ogg' for playback
Log message: info    |03:09:10: [seq_Play] unable to open 'sequences/cam1/sub13np2.ogg' for playback
Log message: info    |03:09:10: [seq_Play] unable to open 'sequences/npend.ogg' for playback
Log message: info    |03:09:42: [seq_Play] unable to open 'sequences/cam1/sub1_3p1.ogg' for playback
Log message: info    |03:09:42: [seq_Play] unable to open 'sequences/cam1/sub13bet.ogg' for playback
Log message: info    |03:09:42: [seq_Play] unable to open 'sequences/cam1/sub13gam.ogg' for playback
Log message: info    |03:09:42: [seq_Play] unable to open 'sequences/cam1/sub1_3.ogg' for playback
Log message: info    |03:16:02: [seq_Play] unable to open 'sequences/res_droid.ogg' for playback
Log message: info    |03:16:07: [seq_Play] unable to open 'sequences/res_weapons.ogg' for playback
Log message: info    |03:17:52: [seq_Play] unable to open 'sequences/brfcom.ogg' for playback
Log message: info    |03:17:52: [seq_Play] unable to open 'sequences/cam1/sub1_3.ogg' for playback
Log message: info    |03:22:06: [seq_Play] unable to open 'sequences/cam1/sub13np1.ogg' for playback
Log message: info    |03:22:06: [seq_Play] unable to open 'sequences/npend.ogg' for playback
Log message: info    |03:27:55: [seq_Play] unable to open 'sequences/cam1/sub13np2.ogg' for playback
Log message: info    |03:27:55: [seq_Play] unable to open 'sequences/npend.ogg' for playback

GLIBC raw backtrace:
warzone2100[0x616010]
/lib64/libpthread.so.0(+0xf320)[0x7f5f51cc0320]
[0x7f5f522374ba]

GDB extended backtrace:
GNU gdb (Gentoo 7.2 p1) 7.2
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.gentoo.org/>...
Reading symbols from /usr/games/bin/warzone2100...(no debugging symbols found)...done.
Attaching to program: /usr/games/bin/warzone2100, process 30895
Reading symbols from /usr/lib64/libSDL-1.2.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libSDL-1.2.so.0
Reading symbols from /lib64/libpthread.so.0...(no debugging symbols found)...done.
[Thread debugging using libthread_db enabled]
[New Thread 0x7f5f49053700 (LWP 30901)]
[New Thread 0x7f5f49854700 (LWP 30900)]
[New Thread 0x7f5f4c7d8700 (LWP 30899)]
Loaded symbols for /lib64/libpthread.so.0
Reading symbols from /usr/lib64/libphysfs.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libphysfs.so.1
Reading symbols from /usr/lib64/libpng14.so.14...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libpng14.so.14
Reading symbols from /usr/lib64/libvorbisfile.so.3...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libvorbisfile.so.3
Reading symbols from /usr/lib64/libvorbis.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libvorbis.so.0
Reading symbols from /usr/lib64/libogg.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libogg.so.0
Reading symbols from /usr/lib64/libtheora.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libtheora.so.0
Reading symbols from /usr/lib64/libopenal.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libopenal.so.1
Reading symbols from /usr/lib64/libGLC.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libGLC.so.0
Reading symbols from //usr/lib64/opengl/xorg-x11/lib/libGL.so.1...done.
Loaded symbols for //usr/lib64/opengl/xorg-x11/lib/libGL.so.1
Reading symbols from /usr/lib64/libGLU.so.1...done.
Loaded symbols for /usr/lib64/libGLU.so.1
Reading symbols from /usr/lib64/libpopt.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libpopt.so.0
Reading symbols from /usr/lib64/libX11.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libX11.so.6
Reading symbols from /usr/lib/gcc/x86_64-pc-linux-gnu/4.5.2/libstdc++.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/gcc/x86_64-pc-linux-gnu/4.5.2/libstdc++.so.6
Reading symbols from /lib64/libm.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib64/libm.so.6
Reading symbols from /lib64/libgcc_s.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib64/libgcc_s.so.1
Reading symbols from /lib64/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /usr/lib64/libasound.so.2...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libasound.so.2
Reading symbols from /lib64/libdl.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /lib64/libz.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib64/libz.so.1
Reading symbols from /lib64/librt.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib64/librt.so.1
Reading symbols from /usr/lib64/libfontconfig.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libfontconfig.so.1
Reading symbols from /usr/lib64/libexpat.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libexpat.so.1
Reading symbols from /usr/lib64/libfreetype.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libfreetype.so.6
Reading symbols from /usr/lib64/libfribidi.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libfribidi.so.0
Reading symbols from /usr/lib64/libXext.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libXext.so.6
Reading symbols from /usr/lib64/libXdamage.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libXdamage.so.1
Reading symbols from /usr/lib64/libXfixes.so.3...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libXfixes.so.3
Reading symbols from /usr/lib64/libXxf86vm.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libXxf86vm.so.1
Reading symbols from /usr/lib64/libX11-xcb.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libX11-xcb.so.1
Reading symbols from /usr/lib64/libxcb-glx.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libxcb-glx.so.0
Reading symbols from /usr/lib64/libxcb.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libxcb.so.1
Reading symbols from /usr/lib64/libdrm.so.2...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libdrm.so.2
Reading symbols from /usr/lib64/libXau.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libXau.so.6
Reading symbols from /usr/lib64/libXdmcp.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libXdmcp.so.6
Reading symbols from /usr/lib64/libXrender.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libXrender.so.1
Reading symbols from /usr/lib64/libXrandr.so.2...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libXrandr.so.2
Reading symbols from /usr/lib64/libXcursor.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libXcursor.so.1
Reading symbols from /usr/lib64/dri/r300_dri.so...done.
Loaded symbols for /usr/lib64/dri/r300_dri.so
Reading symbols from /usr/lib64/libtxc_dxtn.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libtxc_dxtn.so
Reading symbols from /lib64/libnss_compat.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libnss_compat.so.2
Reading symbols from /lib64/libnsl.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib64/libnsl.so.1
Reading symbols from /lib64/libnss_nis.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libnss_nis.so.2
Reading symbols from /lib64/libnss_files.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libnss_files.so.2
0x00007f5f51cbfeed in waitpid () from /lib64/libpthread.so.0
(gdb) #0  0x00007f5f51cbfeed in waitpid () from /lib64/libpthread.so.0
No symbol table info available.
#1  0x0000000000616577 in ?? ()
No symbol table info available.
#2  <signal handler called>
No symbol table info available.
#3  0x00007f5f522374ba in draw_llvm_shader23 ()
No symbol table info available.
#4  0x00007f5f4b223c49 in llvm_pipeline_generic (middle=0x29c3bf0, fetch_info=<value optimized out>, prim_info=0x7fffa92d4bf0) at draw/draw_pt_fetch_shade_pipeline_llvm.c:246
        fpme = 0x29c3bf0
        draw = 0x2949cf0
        gshader = 0x0
        gs_prim_info = {linear = 208 '\320', start = 32767, elts = 0x7f5f4f6e2554, count = 43335776, prim = 0, flags = 0, primitive_lengths = 0x2, primitive_count = 52181280}
        llvm_vert_info = {verts = 0x31ca340, vertex_size = 100, stride = 100, count = 3}
        gs_vert_info = {verts = 0x29655f0, vertex_size = 44152832, stride = 0, count = 12}
        vert_info = <value optimized out>
        opt = 7
        clipped = 0
        __FUNCTION__ = "llvm_pipeline_generic"
#5  0x00007f5f4b223dee in llvm_middle_end_linear_run (middle=<value optimized out>, start=<value optimized out>, count=3, prim_flags=<value optimized out>) at draw/draw_pt_fetch_shade_pipeline_llvm.c:364
        fpme = <value optimized out>
        fetch_info = {linear = 1 '\001', start = 136, elts = 0x0, count = 3}
        prim_info = {linear = 1 '\001', start = 0, elts = 0x0, count = 3, prim = 6, flags = 0, primitive_lengths = 0x7fffa92d4bec, primitive_count = 1}
#6  0x00007f5f4b1c8697 in vsplit_run_linear (frontend=0x29c0da0, start=136, count=3) at draw/draw_split_tmp.h:61
        first = 3
        incr = 1
        vsplit = 0x29c0da0
        prim = 6
        max_count_simple = 4096
        max_count_loop = <value optimized out>
        max_count_fan = <value optimized out>
        __FUNCTION__ = "vsplit_run_linear"
#7  0x00007f5f4b1c3bec in draw_pt_arrays (draw=<value optimized out>, prim=6, start=136, count=3) at draw/draw_pt.c:113
        frontend = 0x29c0da0
        middle = <value optimized out>
        opt = <value optimized out>
#8  0x00007f5f4b1c3f7d in draw_vbo (draw=0x2949cf0, info=0x7fffa92d4f20) at draw/draw_pt.c:491
        reduced_prim = 4
        instance = <value optimized out>
        __FUNCTION__ = "draw_vbo"
#9  0x00007f5f4b016bf2 in r300_swtcl_draw_vbo (pipe=0x2958b10, info=0x7fffa92d4f20) at r300_render.c:870
        vb_transfer = {0x2a85c60, 0x1, 0x2958b10, 0x2a73668, 0x7fffa92d4e00, 0x7f5f4f6e2554, 0x294aad0, 0xffffffff, 0x7fffa92d4e30, 0x7f5f4f6e2554, 0x2954290, 0x20, 0x7fffa92d4e60, 0x7f5f4f6e2554, 0x7f5f4b2181e0, 0x1, 0xffffffff, 0x2a1b560, 0x2954358, 0xffffffff, 0x3f800000, 0x7f5f4b2181fa, 0x2a730a0, 0x2a730a0, 0x7fffa92d4ee0, 0x7f5f4f6e2554, 0x7fffa92d4ee0, 0x7f5f4f6e2554, 0x7f5f4b0cc660, 0x1, 0x3, 0x7fffa92d4f20}
        ib_transfer = 0x0
        count = <value optimized out>
        i = <value optimized out>
        indices = <value optimized out>
        indexed = 0 '\000'
#10 0x00007f5f4b0cc5af in st_draw_vbo (ctx=0x2a25820, arrays=<value optimized out>, prims=<value optimized out>, nr_prims=35, ib=0x0, index_bounds_valid=<value optimized out>, min_index=0, max_index=138) at state_tracker/st_draw.c:756
        st = 0x7fffa92d4f20
        pipe = 0x2958b10
        ibuffer = {index_size = 0, offset = 0, buffer = 0x0}
        info = {indexed = 0 '\000', mode = 6, start = 136, count = 3, start_instance = 0, instance_count = 1, index_bias = 0, min_index = 136, max_index = 138, primitive_restart = 0 '\000', restart_index = 0}
        i = <value optimized out>
        num_instances = <value optimized out>Mesa
        new_array = <value optimized out>
        __FUNCTION__ = "st_draw_vbo"
#11 0x00007f5f4b17bb18 in vbo_exec_vtx_flush (exec=<value optimized out>, keepUnmapped=<value optimized out>) at vbo/vbo_exec_draw.c:390
        ctx = 0x2a25820
#12 0x00007f5f4b174bba in vbo_exec_wrap_buffers (exec=0x2a74c30) at vbo/vbo_exec_api.c:88
        last_begin = 1
        last_count = 3
#13 vbo_exec_vtx_wrap (exec=0x2a74c30) at vbo/vbo_exec_api.c:123
        data = 0x2a756f4
        i = <value optimized out>
#14 0x00000000005c644d in ?? ()
No symbol table info available.
#15 0x00000000005c7383 in pie_Draw3DShape ()
No symbol table info available.
#16 0x00000000004a15fa in renderStructure ()
No symbol table info available.
#17 0x00000000004a189d in displayStaticObjects ()
No symbol table info available.
#18 0x00000000004a3790 in ?? ()
No symbol table info available.
#19 0x00000000004a54c6 in draw3DScene ()
No symbol table info available.
#20 0x00000000004a8d3c in displayWorld ()
No symbol table info available.
#21 0x00000000005015f6 in gameLoop ()
No symbol table info available.
#22 0x0000000000504647 in main ()
No symbol table info available.
(gdb) #4  0x00007f5f4b223c49 in llvm_pipeline_generic (middle=0x29c3bf0, fetch_info=<value optimized out>, prim_info=0x7fffa92d4bf0) at draw/draw_pt_fetch_shade_pipeline_llvm.c:246
        in draw/draw_pt_fetch_shade_pipeline_llvm.c
(gdb) Dump of assembler code for function llvm_pipeline_generic:
   0x00007f5f4b223ac0 <+0>:     push   %rbp
   0x00007f5f4b223ac1 <+1>:     mov    %rsp,%rbp
   0x00007f5f4b223ac4 <+4>:     mov    %rbx,-0x28(%rbp)
   0x00007f5f4b223ac8 <+8>:     mov    %r12,-0x20(%rbp)
   0x00007f5f4b223acc <+12>:    mov    %r13,-0x18(%rbp)
   0x00007f5f4b223ad0 <+16>:    mov    %r14,-0x10(%rbp)
   0x00007f5f4b223ad4 <+20>:    mov    %r15,-0x8(%rbp)
   0x00007f5f4b223ad8 <+24>:    sub    $0xd0,%rsp
   0x00007f5f4b223adf <+31>:    callq  *0xd24c8b(%rip)        # 0x7f5f4bf48770
   0x00007f5f4b223ae5 <+37>:    mov    0x10(%rsi),%r15d
   0x00007f5f4b223ae9 <+41>:    mov    0x64(%rdi),%r9d
   0x00007f5f4b223aed <+45>:    mov    0x38(%rdi),%r12
   0x00007f5f4b223af1 <+49>:    mov    0x6c(%rdi),%r13d
   0x00007f5f4b223af5 <+53>:    mov    %rdi,%rbx
   0x00007f5f4b223af8 <+56>:    mov    %rdx,%r14
   0x00007f5f4b223afb <+59>:    lea    0x3(%r15),%edi
   0x00007f5f4b223aff <+63>:    mov    %r9d,-0x48(%rbp)
   0x00007f5f4b223b03 <+67>:    mov    %r9d,-0x44(%rbp)
   0x00007f5f4b223b07 <+71>:    mov    0xc60(%r12),%rax
   0x00007f5f4b223b0f <+79>:    mov    %r15d,-0x40(%rbp)
   0x00007f5f4b223b13 <+83>:    and    $0xfffffffffffffffc,%edi
   0x00007f5f4b223b16 <+86>:    mov    %rsi,-0xb8(%rbp)
   0x00007f5f4b223b1d <+93>:    mov    %r9d,-0xb0(%rbp)
   0x00007f5f4b223b24 <+100>:   imul   %r9d,%edi
   0x00007f5f4b223b28 <+104>:   mov    %rax,-0xa8(%rbp)
   0x00007f5f4b223b2f <+111>:   mov    %edi,%edi
   0x00007f5f4b223b31 <+113>:   callq  0x7f5f4aff0590 <malloc@plt>
   0x00007f5f4b223b36 <+118>:   test   %rax,%rax
   0x00007f5f4b223b39 <+121>:   mov    %rax,-0x50(%rbp)
   0x00007f5f4b223b3d <+125>:   mov    -0xb8(%rbp),%rsi
   0x00007f5f4b223b44 <+132>:   mov    -0xb0(%rbp),%r9d
   0x00007f5f4b223b4b <+139>:   je     0x7f5f4b223cf8 <llvm_pipeline_generic+568>
   0x00007f5f4b223b51 <+145>:   cmpb   $0x0,(%rsi)
   0x00007f5f4b223b54 <+148>:   jne    0x7f5f4b223c10 <llvm_pipeline_generic+336>
   0x00007f5f4b223b5a <+154>:   mov    0x8(%rsi),%rcx
   0x00007f5f4b223b5e <+158>:   mov    0xf28(%r12),%esi
   0x00007f5f4b223b66 <+166>:   lea    0x508(%r12),%rdx
   0x00007f5f4b223b6e <+174>:   mov    0x70(%rbx),%rdi
   0x00007f5f4b223b72 <+178>:   mov    0x78(%rbx),%r10
   0x00007f5f4b223b76 <+182>:   mov    %r15d,%r8d
   0x00007f5f4b223b79 <+185>:   mov    %esi,0x8(%rsp)
   0x00007f5f4b223b7d <+189>:   lea    0xd0(%r12),%rsi
   0x00007f5f4b223b85 <+197>:   add    $0x8,%rdi
   0x00007f5f4b223b89 <+201>:   mov    %rsi,(%rsp)
   0x00007f5f4b223b8d <+205>:   mov    %rax,%rsi
   0x00007f5f4b223b90 <+208>:   callq  *0x18(%r10)
   0x00007f5f4b223b94 <+212>:   test   $0x1,%r13b
   0x00007f5f4b223b98 <+216>:   jne    0x7f5f4b223c53 <llvm_pipeline_generic+403>
   0x00007f5f4b223b9e <+222>:   lea    -0x50(%rbp),%r15
   0x00007f5f4b223ba2 <+226>:   mov    0x48(%rbx),%rdi
   0x00007f5f4b223ba6 <+230>:   mov    %r14,%rdx
   0x00007f5f4b223ba9 <+233>:   mov    %r15,%rsi
   0x00007f5f4b223bac <+236>:   mov    %eax,-0xb0(%rbp)
   0x00007f5f4b223bb2 <+242>:   callq  0x7f5f4b1c70a0 <draw_pt_so_emit>
   0x00007f5f4b223bb7 <+247>:   mov    -0xb0(%rbp),%eax
   0x00007f5f4b223bbd <+253>:   mov    %r13d,%edx
   0x00007f5f4b223bc0 <+256>:   or     $0x4,%edx
   0x00007f5f4b223bc3 <+259>:   test   %eax,%eax
   0x00007f5f4b223bc5 <+261>:   cmovne %edx,%r13d
   0x00007f5f4b223bc9 <+265>:   and    $0x4,%r13d
   0x00007f5f4b223bcd <+269>:   je     0x7f5f4b223cb8 <llvm_pipeline_generic+504>
   0x00007f5f4b223bd3 <+275>:   cmpb   $0x0,(%r14)
   0x00007f5f4b223bd7 <+279>:   mov    0x38(%rbx),%rdi
   0x00007f5f4b223bdb <+283>:   je     0x7f5f4b223ce8 <llvm_pipeline_generic+552>
   0x00007f5f4b223be1 <+289>:   mov    %r14,%rdx
   0x00007f5f4b223be4 <+292>:   mov    %r15,%rsi
   0x00007f5f4b223be7 <+295>:   callq  0x7f5f4b1bed60 <draw_pipeline_run_linear>
   0x00007f5f4b223bec <+300>:   mov    (%r15),%rdi
   0x00007f5f4b223bef <+303>:   callq  0x7f5f4aff0430 <free@plt>
   0x00007f5f4b223bf4 <+308>:   mov    -0x28(%rbp),%rbx
   0x00007f5f4b223bf8 <+312>:   mov    -0x20(%rbp),%r12
   0x00007f5f4b223bfc <+316>:   mov    -0x18(%rbp),%r13
   0x00007f5f4b223c00 <+320>:   mov    -0x10(%rbp),%r14
   0x00007f5f4b223c04 <+324>:   mov    -0x8(%rbp),%r15
   0x00007f5f4b223c08 <+328>:   leaveq 
   0x00007f5f4b223c09 <+329>:   retq   
   0x00007f5f4b223c0a <+330>:   nopw   0x0(%rax,%rax,1)
   0x00007f5f4b223c10 <+336>:   mov    0x4(%rsi),%ecx
   0x00007f5f4b223c13 <+339>:   mov    0xf28(%r12),%esi
   0x00007f5f4b223c1b <+347>:   lea    0x508(%r12),%rdx
   0x00007f5f4b223c23 <+355>:   mov    0x70(%rbx),%rdi
   0x00007f5f4b223c27 <+359>:   mov    0x78(%rbx),%r10
   0x00007f5f4b223c2b <+363>:   mov    %r15d,%r8d
   0x00007f5f4b223c2e <+366>:   mov    %esi,0x8(%rsp)
   0x00007f5f4b223c32 <+370>:   lea    0xd0(%r12),%rsi
   0x00007f5f4b223c3a <+378>:   add    $0x8,%rdi
   0x00007f5f4b223c3e <+382>:   mov    %rsi,(%rsp)
   0x00007f5f4b223c42 <+386>:   mov    %rax,%rsi
   0x00007f5f4b223c45 <+389>:   callq  *0x10(%r10)
=> 0x00007f5f4b223c49 <+393>:   test   $0x1,%r13b
   0x00007f5f4b223c4d <+397>:   je     0x7f5f4b223b9e <llvm_pipeline_generic+222>
   0x00007f5f4b223c53 <+403>:   cmpq   $0x0,-0xa8(%rbp)
   0x00007f5f4b223c5b <+411>:   je     0x7f5f4b223b9e <llvm_pipeline_generic+222>
   0x00007f5f4b223c61 <+417>:   lea    -0x70(%rbp),%r15
   0x00007f5f4b223c65 <+421>:   mov    -0xa8(%rbp),%rdi
   0x00007f5f4b223c6c <+428>:   lea    0x888(%r12),%rdx
   0x00007f5f4b223c74 <+436>:   lea    0x788(%r12),%rsi
   0x00007f5f4b223c7c <+444>:   lea    -0x50(%rbp),%rcx
   0x00007f5f4b223c80 <+448>:   lea    -0xa0(%rbp),%r12
   0x00007f5f4b223c87 <+455>:   mov    %r14,%r8
   0x00007f5f4b223c8a <+458>:   mov    %r15,%r9
   0x00007f5f4b223c8d <+461>:   mov    %r12,(%rsp)
   0x00007f5f4b223c91 <+465>:   mov    %r12,%r14
   0x00007f5f4b223c94 <+468>:   callq  0x7f5f4b1bb950 <draw_geometry_shader_run>
   0x00007f5f4b223c99 <+473>:   mov    -0x50(%rbp),%rdi
   0x00007f5f4b223c9d <+477>:   callq  0x7f5f4aff0430 <free@plt>
   0x00007f5f4b223ca2 <+482>:   mov    0x58(%rbx),%rdi
   0x00007f5f4b223ca6 <+486>:   mov    %r15,%rsi
   0x00007f5f4b223ca9 <+489>:   callq  0x7f5f4b1c6920 <draw_pt_post_vs_run>
   0x00007f5f4b223cae <+494>:   movzbl %al,%eax
   0x00007f5f4b223cb1 <+497>:   jmpq   0x7f5f4b223ba2 <llvm_pipeline_generic+226>
   0x00007f5f4b223cb6 <+502>:   xchg   %ax,%ax
   0x00007f5f4b223cb8 <+504>:   cmpb   $0x0,(%r14)
   0x00007f5f4b223cbc <+508>:   mov    0x40(%rbx),%rdi
   0x00007f5f4b223cc0 <+512>:   je     0x7f5f4b223cd8 <llvm_pipeline_generic+536>
   0x00007f5f4b223cc2 <+514>:   mov    %r14,%rdx
   0x00007f5f4b223cc5 <+517>:   mov    %r15,%rsi
   0x00007f5f4b223cc8 <+520>:   callq  0x7f5f4b225f10 <draw_pt_emit_linear>
   0x00007f5f4b223ccd <+525>:   jmpq   0x7f5f4b223bec <llvm_pipeline_generic+300>
   0x00007f5f4b223cd2 <+530>:   nopw   0x0(%rax,%rax,1)
   0x00007f5f4b223cd8 <+536>:   mov    %r14,%rdx
   0x00007f5f4b223cdb <+539>:   mov    %r15,%rsi
   0x00007f5f4b223cde <+542>:   callq  0x7f5f4b225d30 <draw_pt_emit>
   0x00007f5f4b223ce3 <+547>:   jmpq   0x7f5f4b223bec <llvm_pipeline_generic+300>
   0x00007f5f4b223ce8 <+552>:   mov    %r14,%rdx
   0x00007f5f4b223ceb <+555>:   mov    %r15,%rsi
   0x00007f5f4b223cee <+558>:   callq  0x7f5f4b1bec20 <draw_pipeline_run>
   0x00007f5f4b223cf3 <+563>:   jmpq   0x7f5f4b223bec <llvm_pipeline_generic+300>
   0x00007f5f4b223cf8 <+568>:   lea    0x87d841(%rip),%rcx        # 0x7f5f4baa1540 <__FUNCTION__.9649>
   0x00007f5f4b223cff <+575>:   lea    0x87d802(%rip),%rsi        # 0x7f5f4baa1508
   0x00007f5f4b223d06 <+582>:   lea    0x876369(%rip),%rdi        # 0x7f5f4ba9a076
   0x00007f5f4b223d0d <+589>:   mov    $0xf1,%edx
   0x00007f5f4b223d12 <+594>:   callq  0x7f5f4b1e7430 <_debug_assert_fail>
   0x00007f5f4b223d17 <+599>:   jmpq   0x7f5f4b223bf4 <llvm_pipeline_generic+308>
End of assembler dump.
(gdb) rax            0x0        0
rbx            0x29c3bf0        43793392
rcx            0x0      0
rdx            0x7f5f116d8000   140046291009536
rsi            0x31ca340        52208448
rdi            0xffc4   65476
rbp            0x7fffa92d4bd0   0x7fffa92d4bd0
rsp            0x7fffa92d4b00   0x7fffa92d4b00
r8             0xf524   62756
r9             0x14     20
r10            0xffcc   65484
r11            0xffd8   65496
r12            0x2949cf0        43293936
r13            0x7      7
r14            0x7fffa92d4bf0   140736031706096
r15            0x3      3
rip            0x7f5f4b223c49   0x7f5f4b223c49 <llvm_pipeline_generic+393>
eflags         0x246    [ PF ZF IF ]
cs             0x33     51
ss             0x2b     43
ds             0x0      0
es             0x0      0
fs             0x0      0
gs             0x0      0
(gdb) A debugging session is active.

        Inferior 1 [process 30895] will be detached.

Quit anyway? (y or n) [answered Y; input not from terminal]
Detaching from program: /usr/games/bin/warzone2100, process 30895
Comment 1 Marek Olšák 2011-06-07 15:44:51 UTC
Reassigning to Mesa core. I can't reproduce this bug with r300g and the Draw path enabled (forcing HWTCL off).

Could you please test latest Mesa git?
Comment 2 David Heidelberg (okias) 2011-06-09 18:32:12 UTC
crash is still present :-( (few days old git)
Comment 3 Jose Fonseca 2011-06-10 07:10:50 UTC
(In reply to comment #2)
> crash is still present :-( (few days old git)

Please past the disassembly of the draw_llvm_shader??? JIT function where the crash happend (not llvm_pipeline_generic, which is its caller). That is, if 'bt' shows:

  #3  0x00007f5f522374ba in 0x00007f5f522374ba ()

then type in 'disassemble 0x00007f5f52237400,0x00007f5f522374ff', i.e., a few tenths bytes before/after the crashin IP address.

Also paste the 'info registers' again.
Comment 4 Brian Paul 2011-06-10 07:25:33 UTC
This might be a CPU-caps-dependent issue.  Can you do "export GALLIUM_DUMP_CPU=1" then run any GL test/app?  That'll print your CPU's features.

BTW, a short-hand for disassembling in gdb is "x/Ni ADDR".  For example, "x/20i 0x00007f5f52237400" will print 20 instructions starting at the given address.
Comment 5 David Heidelberg (okias) 2011-06-14 10:41:48 UTC
~ $ GALLIUM_DUMP_CPU=1 glxgears
util_cpu_caps.nr_cpus = 2
util_cpu_caps.x86_cpu_type = 8
util_cpu_caps.cacheline = 64
util_cpu_caps.has_tsc = 1
util_cpu_caps.has_mmx = 1
util_cpu_caps.has_mmx2 = 1
util_cpu_caps.has_sse = 1
util_cpu_caps.has_sse2 = 1
util_cpu_caps.has_sse3 = 1
util_cpu_caps.has_ssse3 = 0
util_cpu_caps.has_sse4_1 = 0
util_cpu_caps.has_sse4_2 = 0
util_cpu_caps.has_avx = 0
util_cpu_caps.has_3dnow = 1
util_cpu_caps.has_3dnow_ext = 1
util_cpu_caps.has_altivec = 0
r300: DRM version: 2.10.0, Name: ATI RS690, ID: 0x791f, GB: 1, Z: 1
r300: GART size: 509 MB, VRAM size: 128 MB
r300: AA compression RAM: YES, Z compression RAM: NO, HiZ RAM: NO
Running synchronized to the vertical refresh.  The framerate should be
approximately the same as the monitor refresh rate.
^C
Comment 6 rodrigo2kpereira 2012-03-08 18:22:09 UTC
Created attachment 58214 [details]
RS740 debug info

Same bug on radeon 2100 integrated video (RS740). I don't know how I can help sending debug info, hope this helps. Ask me for more debug information if you want. Warzone 2100 crashes when scenario begin moving on the screen if "shadows" in video options are enable. Or crashes without "shadows" generally when you switch between "design mode" or "breefing mode" screens clicking on icons of this modes.    

$ export GALLIUM_DUMP_CPU=1
$ glxinfo 
name of display: :0
display: :0  screen: 0
direct rendering: Yes
server glx vendor string: SGI
server glx version string: 1.4
server glx extensions:
    GLX_ARB_multisample, GLX_EXT_import_context, GLX_EXT_texture_from_pixmap, 
    GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_MESA_copy_sub_buffer, 
    GLX_OML_swap_method, GLX_SGI_make_current_read, GLX_SGI_swap_control, 
    GLX_SGIS_multisample, GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, 
    GLX_SGIX_visual_select_group, GLX_INTEL_swap_event
client glx vendor string: Mesa Project and SGI
client glx version string: 1.4
client glx extensions:
    GLX_ARB_get_proc_address, GLX_ARB_multisample, GLX_EXT_import_context, 
    GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_EXT_framebuffer_sRGB, 
    GLX_MESA_copy_sub_buffer, GLX_MESA_multithread_makecurrent, 
    GLX_MESA_swap_control, GLX_OML_swap_method, GLX_OML_sync_control, 
    GLX_SGI_make_current_read, GLX_SGI_swap_control, GLX_SGI_video_sync, 
    GLX_SGIS_multisample, GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, 
    GLX_SGIX_visual_select_group, GLX_EXT_texture_from_pixmap, 
    GLX_INTEL_swap_event
GLX version: 1.4
GLX extensions:
    GLX_ARB_get_proc_address, GLX_ARB_multisample, GLX_EXT_import_context, 
    GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_MESA_copy_sub_buffer, 
    GLX_MESA_multithread_makecurrent, GLX_MESA_swap_control, 
    GLX_OML_swap_method, GLX_OML_sync_control, GLX_SGI_make_current_read, 
    GLX_SGI_swap_control, GLX_SGI_video_sync, GLX_SGIS_multisample, 
    GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, GLX_SGIX_visual_select_group, 
    GLX_EXT_texture_from_pixmap
OpenGL vendor string: X.Org R300 Project
OpenGL renderer string: Gallium 0.4 on ATI RS740
OpenGL version string: 2.1 Mesa 7.11.2
OpenGL shading language version string: 1.20
OpenGL extensions:
    GL_ARB_multisample, GL_EXT_abgr, GL_EXT_bgra, GL_EXT_blend_color, 
    GL_EXT_blend_logic_op, GL_EXT_blend_minmax, GL_EXT_blend_subtract, 
    GL_EXT_copy_texture, GL_EXT_polygon_offset, GL_EXT_subtexture, 
    GL_EXT_texture_object, GL_EXT_vertex_array, GL_EXT_compiled_vertex_array, 
    GL_EXT_texture, GL_EXT_texture3D, GL_IBM_rasterpos_clip, 
    GL_ARB_point_parameters, GL_EXT_draw_range_elements, GL_EXT_packed_pixels, 
    GL_EXT_point_parameters, GL_EXT_rescale_normal, 
    GL_EXT_separate_specular_color, GL_EXT_texture_edge_clamp, 
    GL_SGIS_generate_mipmap, GL_SGIS_texture_border_clamp, 
    GL_SGIS_texture_edge_clamp, GL_SGIS_texture_lod, GL_ARB_multitexture, 
    GL_IBM_multimode_draw_arrays, GL_IBM_texture_mirrored_repeat, 
    GL_ARB_texture_cube_map, GL_ARB_texture_env_add, GL_ARB_transpose_matrix, 
    GL_EXT_blend_func_separate, GL_EXT_fog_coord, GL_EXT_multi_draw_arrays, 
    GL_EXT_secondary_color, GL_EXT_texture_env_add, 
    GL_EXT_texture_filter_anisotropic, GL_EXT_texture_lod_bias, 
    GL_INGR_blend_func_separate, GL_NV_blend_square, GL_NV_light_max_exponent, 
    GL_NV_texgen_reflection, GL_NV_texture_env_combine4, 
    GL_SUN_multi_draw_arrays, GL_ARB_texture_border_clamp, 
    GL_ARB_texture_compression, GL_EXT_framebuffer_object, 
    GL_EXT_texture_env_dot3, GL_MESA_window_pos, GL_NV_packed_depth_stencil, 
    GL_NV_texture_rectangle, GL_ARB_depth_texture, GL_ARB_occlusion_query, 
    GL_ARB_shadow, GL_ARB_texture_env_combine, GL_ARB_texture_env_crossbar, 
    GL_ARB_texture_env_dot3, GL_ARB_texture_mirrored_repeat, 
    GL_ARB_window_pos, GL_EXT_stencil_two_side, GL_EXT_texture_cube_map, 
    GL_APPLE_packed_pixels, GL_APPLE_vertex_array_object, GL_ARB_draw_buffers, 
    GL_ARB_fragment_program, GL_ARB_fragment_shader, GL_ARB_shader_objects, 
    GL_ARB_vertex_program, GL_ARB_vertex_shader, GL_ATI_draw_buffers, 
    GL_ATI_texture_env_combine3, GL_ATI_texture_float, GL_EXT_shadow_funcs, 
    GL_EXT_stencil_wrap, GL_MESA_pack_invert, GL_MESA_ycbcr_texture, 
    GL_NV_primitive_restart, GL_ARB_fragment_program_shadow, 
    GL_ARB_half_float_pixel, GL_ARB_occlusion_query2, GL_ARB_point_sprite, 
    GL_ARB_shading_language_100, GL_ARB_sync, GL_ARB_texture_non_power_of_two, 
    GL_ARB_vertex_buffer_object, GL_ATI_blend_equation_separate, 
    GL_EXT_blend_equation_separate, GL_OES_read_format, 
    GL_ARB_pixel_buffer_object, GL_ARB_texture_float, 
    GL_ARB_texture_rectangle, GL_ATI_texture_compression_3dc, 
    GL_EXT_pixel_buffer_object, GL_EXT_texture_mirror_clamp, 
    GL_EXT_texture_rectangle, GL_EXT_texture_sRGB, GL_ARB_framebuffer_object, 
    GL_EXT_framebuffer_blit, GL_EXT_framebuffer_multisample, 
    GL_EXT_packed_depth_stencil, GL_ARB_vertex_array_object, 
    GL_ATI_separate_stencil, GL_ATI_texture_mirror_once, 
    GL_EXT_gpu_program_parameters, GL_EXT_texture_env_combine, 
    GL_EXT_texture_sRGB_decode, GL_OES_EGL_image, GL_ARB_copy_buffer, 
    GL_ARB_half_float_vertex, GL_ARB_instanced_arrays, 
    GL_ARB_map_buffer_range, GL_ARB_texture_rg, GL_ARB_texture_swizzle, 
    GL_ARB_vertex_array_bgra, GL_EXT_separate_shader_objects, 
    GL_EXT_texture_swizzle, GL_EXT_vertex_array_bgra, 
    GL_NV_conditional_render, GL_ARB_draw_elements_base_vertex, 
    GL_ARB_explicit_attrib_location, GL_ARB_fragment_coord_conventions, 
    GL_ARB_provoking_vertex, GL_ARB_sampler_objects, GL_EXT_provoking_vertex, 
    GL_EXT_texture_snorm, GL_MESA_texture_signed_rgba, GL_NV_texture_barrier, 
    GL_ARB_robustness
Comment 7 Jose Fonseca 2012-03-09 00:58:11 UTC
(In reply to comment #6)
> Created attachment 58214 [details]
> RS740 debug info
> 
> Same bug on radeon 2100 integrated video (RS740). I don't know how I can help
> sending debug info, hope this helps. Ask me for more debug information if you
> want. Warzone 2100 crashes when scenario begin moving on the screen if
> "shadows" in video options are enable. Or crashes without "shadows" generally
> when you switch between "design mode" or "breefing mode" screens clicking on
> icons of this modes.    

It would be helpful if you could obtain an apitrace ( https://github.com/apitrace/apitrace ) of game crashing.

Also, please tell me which LLVM version you have.
Comment 8 GitLab Migration User 2019-09-18 18:50:30 UTC
-- GitLab Migration Automatic Message --

This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/mesa/mesa/issues/336.


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.