Re: [Mesa-dev] segfault in pstip_bind_sampler_states

Mon, 12 Aug 2013 07:30:21 -0700 

On 08/09/2013 01:50 PM, Kevin H. Hobbs wrote:

On 08/09/2013 01:59 PM, Brian Paul wrote:


That's probably not it, given the above.  Can you try setting a
breakpoint on pstip_destroy() and see if that's getting called before
the segfault?  If so, things are getting freed in the wrong order.



No, it is not called before the segfault.

We do seem to enter pstip_bind_sampler_states many times before the
segfault. I do not remember this from before I had CFLAGS="-g -O0"...

The last time through :

(gdb) print pstip
$1 = (struct pstip_stage *) 0xff66331aff66331a

I don't think my actual RAM goes that high.



That looks suspect since the low and high halves of the address are the 
same.





(gdb) print pstip->state
Cannot access memory at address 0xff66331aff66339a

I should think not...

(gdb) print pipe
$2 = (struct pipe_context *) 0x13d6ec0

What does pstip_stage_from_pipe do?

(gdb) print pipe->draw
$3 = (void *) 0x137a090

(gdb) print ((struct draw_context *)(pipe->draw))->pipeline
$6 = {first = 0xffda006dffdc006e, validate = 0xffd40069ffd9006c,
flatshade = 0xffe6007affe7007d, clip =
     0xffe10070ffe30072, cull = 0xffdf006fffe00070, twoside =
0xffdd006effde006f, offset =
     0xffda006dffdc006d, unfilled = 0xffd8006bffd9006c, stipple =
0xffd5006affd6006b, aapoint =
     0xffd00067ffd30069, aaline = 0xff66331aff66331a, pstipple =
0xff66331aff66331a, wide_line =
     0xff66331aff66331a, wide_point = 0xff66331aff66331a, rasterize =
0xff66331aff66331a,
   wide_point_threshold = -3.05987774e+38, wide_line_threshold =
-3.05987774e+38,
   wide_point_sprites = 26 '\032', line_stipple = 51 '3', point_sprite =
102 'f', verts =
     0xff66331aff66331a <Address 0xff66331aff66331a out of bounds>,
vertex_stride = 4284887834,
   vertex_count = 4284887834}

Which looks like a whole lot of uninitialized..




Can you run with valgrind?  That should give us some useful info if 
there's a use-after-free.


Otherwise, if you can send me an executable, I could try it here.

-Brian

_______________________________________________
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/mesa-dev






















					Reply via email to