When resizing google-chrome's main window I got the following SIGSEV today running master on my gen6 based notebook: Program received signal SIGSEGV, Segmentation fault. 0x00007f7d191f6dd3 in kgem_bo_release_map (kgem=0x7f7d18f25240, bo=0x1b86e70) at kgem.c:1226 1226 bo->map = NULL; (gdb) bt #0 0x00007f7d191f6dd3 in kgem_bo_release_map (kgem=0x7f7d18f25240, bo=0x1b86e70) at kgem.c:1226 #1 0x00007f7d19201259 in __kgem_bo_map__cpu (kgem=0x7f7d18f25240, bo=0x1b86e70) at kgem.c:4123 #2 0x00007f7d1925d286 in write_boxes_inplace__tiled (kgem=0x7f7d18f25240, src=0x7f7d01d7d000 "\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377\354\347\340\377"..., stride=13964, bpp=32, src_dx=0, src_dy=0, bo=0x1b86e70, dst_dx=0, dst_dy=0, box=0x7fffe2093060, n=1) at sna_io.c:509 #3 0x00007f7d19260bae in sna_replace (sna=0x7f7d18f25010, pixmap=0x1c1aab0, _bo=0x1c3f8e8, src=0x7f7d01d7d000, stride=13964) at sna_io.c:1351 #4 0x00007f7d1923b32c in blt_put_composite_box (sna=0x7f7d18f25010, op=0x7fffe20931e0, box=0x7fffe20931d0) at sna_blt.c:1445 #5 0x00007f7d192421d8 in sna_composite (op=1 '\001', src=0x1c61f00, mask=0x0, dst=0x1bf5d40, src_x=0, src_y=0, mask_x=0, mask_y=0, dst_x=0, dst_y=0, width=3491, height=1609) at sna_composite.c:561 #6 0x0000000000502139 in ?? () #7 0x00000000004fb0a4 in ?? () #8 0x000000000043447a in ?? () #9 0x0000000000423485 in ?? () #10 0x0000003ff1421735 in __libc_start_main (main=0x423110, argc=8, ubp_av=0x7fffe20936b8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffe20936a8) at libc-start.c:226 #11 0x000000000042375d in _start () (gdb) debug=full log is available at: http://93.83.133.214/Xorg.4.log.7za - unfourtunatly quite large this time :/
Ugh, having to copy the Cr buffer! Let's hope userptr doesn't miss this kernel cycle as well... commit ae6ae91baa0574a7a23ab76afac5e2d827c49c20 Author: Chris Wilson <chris@chris-wilson.co.uk> Date: Tue Oct 9 18:36:59 2012 +0100 sna: Check the map exists before trying to release it Reported-by: Clemens Eisserer <linuxhippy@gmail.com> Bugzilla: ttps://bugs.freedesktop.org/show_bug.cgi?id=55812 Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Your bugfix latency is incredible ;)
Another one, however only happens when debug!=full so probably timing related: Program received signal SIGSEGV, Segmentation fault. sna_render_composite_redirect_done (sna=sna@entry=0x7fb926193010, op=op@entry=0x7fff74c71e90) at sna_render.c:1916 1916 sna_damage_combine(t->real_damage, t->damage, (gdb) bt #0 sna_render_composite_redirect_done (sna=sna@entry=0x7fb926193010, op=op@entry=0x7fff74c71e90) at sna_render.c:1916 #1 0x00007fb9264ecd71 in gen6_render_fill_boxes (sna=0x7fb926193010, op=<optimized out>, format=<optimized out>, color=0x7fb924c65210, dst=<optimized out>, dst_bo=0x23aaa60, box=<optimized out>, n=0) at gen6_render.c:3777 #2 0x00007fb92648bc6c in sna_composite_rectangles (op=1 '\001', dst=0x2791c00, color=0x7fb924c65210, num_rects=1, rects=0x7fb924c65218) at sna_composite.c:874 #3 0x00000000004fb165 in ?? () #4 0x000000000043447a in ?? () #5 0x0000000000423485 in ?? () #6 0x0000003ff1421735 in __libc_start_main (main=0x423110, argc=8, ubp_av=0x7fff74c72328, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff74c72318) at libc-start.c:226 #7 0x000000000042375d in _start () Furthermore I noticed google-chrome's shows a lot artifacts when its windows ~7500px, however I have to admit, I don't care about this ;)
composite_redirect on SNB, what sites do you frequent?!!! google-chrome itself tends to break down with large windows, but it seems like you are having a lot of fun along code paths I haven't run since userptr :)
> composite_redirect on SNB, what sites do you frequent?!!! Actually, just the chrome start "page" ;) > google-chrome itself tends to break down with large windows Good to know...
Whilst you have it around, can you do a 'bt full'? which I hope will be enough to see how we ended up here.
As you wish: Program received signal SIGSEGV, Segmentation fault. sna_render_composite_redirect_done (sna=sna@entry=0x7f026e353010, op=op@entry=0x7fff8bc58520) at sna_render.c:1916 1916 sna_damage_combine(t->real_damage, t->damage, (gdb) bt full #0 sna_render_composite_redirect_done (sna=sna@entry=0x7f026e353010, op=op@entry=0x7fff8bc58520) at sna_render.c:1916 t = 0x7fff8bc58650 __PRETTY_FUNCTION__ = "sna_render_composite_redirect_done" #1 0x00007f026e6acd71 in gen6_render_fill_boxes (sna=0x7f026e353010, op=<optimized out>, format=<optimized out>, color=0x11042e0, dst=<optimized out>, dst_bo=0x1042680, box=<optimized out>, n=0) at gen6_render.c:3777 tmp = {blt = 0x7fff8bc585c0, box = 0x7f026e643154 <sna_accel_wakeup_handler+68>, boxes = 0x7fff8bc58570, done = 0x7df180, damage = 0x7fff8bc58660, op = 6205, dst = {pixmap = 0xf86ac0, format = 537004168, bo = 0xff2a50, x = -384, y = -96, width = 256, height = 16}, src = {bo = 0xfd7e80, transform = 0x10000000e, width = 61696, height = 125, pict_format = 0, card_format = 1852099344, filter = 32514, repeat = 0, is_affine = 0, is_solid = 0, is_linear = 0, is_opaque = 0, alpha_fixup = 0, rb_reversed = 0, offset = {0, -9986}, scale = {4.55618183e-41, 2.61657624e-38}, embedded_transform = {matrix = {{0, 3, 0}, {16280256, 0, 1848979472}, {32514, 9252, 0}}}, u = {gen2 = { pixel = 1851972677, linear_dx = 4.55618183e-41, linear_dy = 0, linear_offset = 0}, gen3 = {type = 1851972677, mode = 32514, constants = 0}}}, mask = {bo = 0x0, transform = 0x0, ---Type <return> to continue, or q <return> to quit--- width = 65505, height = 79, pict_format = 0, card_format = 0, filter = 0, repeat = 0, is_affine = 0, is_solid = 0, is_linear = 0, is_opaque = 0, alpha_fixup = 0, rb_reversed = 0, offset = {0, -31280}, scale = {0, 6.28430653e-39}, embedded_transform = {matrix = {{0, 17529264, 0}, {5592138, 0, 0}, {0, 17529264, 0}}}, u = {gen2 = {pixel = 17529496, linear_dx = 0, linear_dy = -7.60845301e-32, linear_offset = 4.59163468e-41}, gen3 = {type = 17529496, mode = 0, constants = 2344978136}}}, is_affine = 0, has_component_alpha = 0, need_magic_ca_pass = 0, rb_reversed = 0, floats_per_vertex = 2, floats_per_rect = 6, prim_emit = 0x4fffe1, redirect = {real_bo = 0x1042680, real_damage = 0x3, damage = 0xfe1640, box = {x1 = 0, y1 = 0, x2 = 0, y2 = 0}}, u = { blt = {src_pixmap = 0x200980, sx = -13696, sy = 183, inplace = 0, overwrites = 0, bpp = 0, cmd = 12052032, br13 = 0, pitch = { 524288, 0}, pixel = 2344978280, bo = {0x101094ec0, 0x10b79b0}}, gen3 = {constants = {2.94214383e-39, 0, 1.68785391e-38, 0, 1.68884939e-38, 0, 7.34683969e-40, 0}, num_constants = 2344978280}, gen4 = {wm_kernel = 2099584, ve_id = 0}, gen5 = {wm_kernel = 2099584, ve_id = 0}, gen6 = { flags = 2099584}, gen7 = {flags = 2099584}}, priv = 0x56d990} pixel = 4278190335 #2 0x00007f026e64bc6c in sna_composite_rectangles (op=1 '\001', dst=0xf667b0, ---Type <return> to continue, or q <return> to quit--- color=0x11042e0, num_rects=1, rects=0x11042e8) at sna_composite.c:874 sna = 0x7f026e353010 pixmap = 0xf86ac0 priv = 0x1cb bo = 0x1042680 damage = <optimized out> region = {extents = {x1 = 465, y1 = 111, x2 = 622, y2 = 112}, data = 0x0} boxes = 0x7fff8bc58770 dst_x = <optimized out> dst_y = <optimized out> num_boxes = 1 error = <optimized out> hint = <optimized out> __PRETTY_FUNCTION__ = "sna_composite_rectangles" #3 0x00000000004fb165 in ?? () No symbol table info available. #4 0x000000000043447a in ?? () No symbol table info available. #5 0x0000000000423485 in ?? () No symbol table info available. #6 0x0000003ff1421735 in __libc_start_main (main=0x423110, argc=8, ubp_av=0x7fff8bc589b8, init=<optimized out>, fini=<optimized out>, ---Type <return> to continue, or q <return> to quit--- rtld_fini=<optimized out>, stack_end=0x7fff8bc589a8) at libc-start.c:226 result = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -4728514540509556870, 4339508, 140735538366896, 0, 0, 4728751704611786618, -4747053972283289734}, mask_was_saved = 0}}, priv = {pad = { 0x0, 0x0, 0x3ff100eee0, 0x1b0839}, data = {prev = 0x0, cleanup = 0x0, canceltype = -251597088}}} not_first_call = <optimized out> #7 0x000000000042375d in _start () No symbol table info available.
commit d73f5b5bb1a81421f1fdc3ac3b460a8ad90be0ad Author: Chris Wilson <chris@chris-wilson.co.uk> Date: Tue Oct 9 19:41:10 2012 +0100 sna/gen6+: Initialize the damage for fill-boxes In case we need to redirect the rendering for a large render target, we need to initialize the damage pointer. Reported-by: Clemens Eisserer <linuxhippy@gmail.com> Bugzilla: ttps://bugs.freedesktop.org/show_bug.cgi?id=55812 Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Crashing fixed, thanks!
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.