From: bugzilla-daemon@freedesktop.org
To: dri-devel@lists.freedesktop.org
Subject: [Bug 108498] ir_dereference_record nullptr segfault in radeonsi_dri.so
Date: Fri, 19 Oct 2018 12:55:27 +0000 [thread overview]
Message-ID: <bug-108498-502@http.bugs.freedesktop.org/> (raw)
[-- Attachment #1.1: Type: text/plain, Size: 10741 bytes --]
https://bugs.freedesktop.org/show_bug.cgi?id=108498
Bug ID: 108498
Summary: ir_dereference_record nullptr segfault in
radeonsi_dri.so
Product: Mesa
Version: 18.1
Hardware: x86-64 (AMD64)
OS: Linux (All)
Status: NEW
Severity: normal
Priority: medium
Component: Drivers/Gallium/radeonsi
Assignee: dri-devel@lists.freedesktop.org
Reporter: claude@mathr.co.uk
QA Contact: dri-devel@lists.freedesktop.org
Created attachment 142095
--> https://bugs.freedesktop.org/attachment.cgi?id=142095&action=edit
tarball of GLSL source code for use in Fragmentarium
I'm using $ apt-cache policy libgl1-mesa-dri
libgl1-mesa-dri:
Installed: 18.1.7-1
Candidate: 18.1.7-1
Version table:
18.2.0-1 1
1 http://ftp.uk.debian.org/debian experimental/main amd64 Packages
18.1.9-1 500
500 http://ftp.uk.debian.org/debian unstable/main amd64 Packages
*** 18.1.7-1 990
990 http://ftp.uk.debian.org/debian buster/main amd64 Packages
100 /var/lib/dpkg/status
I will try to compile upstream Mesa soon to see if it is a Debian-specific
issue, or whether it has already been fixed in a later version.
Fragmentarium (from https://github.com/3Dickulus/FragM ) crashes inside
radeonsi_dri.so when I try to compile part of a large shader project (~50kB of
GLSL transcluded from the main 'raymond/example.frag'). The problematic part
is the last half of 'raymond/Raymond-Trace.frag' in the attached tarball,
setting #if 0 stops it from crashing and emits an error message in the shader
compile log about missing function definitions (this is expected, the hard
crash with #if 1 is not).
It seems to be caused by something that passes a nullptr as a field name in
compiler/glsl/ir.cpp:1401, gdb backtrace is large:
Thread 1 "Fragmentarium-2" received signal SIGSEGV, Segmentation fault.
__strcmp_ssse3 () at ../sysdeps/x86_64/multiarch/../strcmp.S:173
173 ../sysdeps/x86_64/multiarch/../strcmp.S: No such file or directory.
(gdb) bt
#0 0x00007ffff64c40b6 in __strcmp_ssse3 () at
../sysdeps/x86_64/multiarch/../strcmp.S:173
#1 0x00007fffe24c7d6d in glsl_type::field_type(char const*) const
(this=<optimized out>, name=name@entry=0x0) at
../../../src/compiler/glsl_types.cpp:1228
#2 0x00007fffe24cba3f in
ir_dereference_record::ir_dereference_record(ir_rvalue*, char const*)
(this=0x555556f46e00, value=<optimized out>, field=0x0) at
../../../src/compiler/glsl/ir.cpp:1401
#3 0x00007fffe24ce720 in ir_dereference_record::clone(void*, hash_table*)
const (this=<optimized out>, mem_ctx=<optimized out>, ht=<optimized out>) at
../../../src/compiler/glsl/list.h:58
#4 0x00007fffe2456ab4 in ast_expression::do_hir(exec_list*,
_mesa_glsl_parse_state*, bool) (this=0x555556d12bf8,
instructions=0x555556f459d0, state=0x555556341530, needs_rvalue=<optimized
out>)
at ../../../src/compiler/glsl/ast.h:86
#5 0x00007fffe2458b43 in ast_expression_statement::hir(exec_list*,
_mesa_glsl_parse_state*) (this=<optimized out>, instructions=<optimized out>,
state=<optimized out>)
at ../../../src/compiler/glsl/ast_to_hir.cpp:2228
#6 0x00007fffe2458b9f in ast_compound_statement::hir(exec_list*,
_mesa_glsl_parse_state*) (this=0x555556d12cc8, instructions=0x555556f459d0,
state=0x555556341530)
at ../../../src/compiler/glsl/ast_to_hir.cpp:2244
#7 0x00007fffe2460f0e in ast_iteration_statement::hir(exec_list*,
_mesa_glsl_parse_state*) (this=0x555556d12d28, instructions=<optimized out>,
state=0x555556341530)
at ../../../src/compiler/glsl/ast_to_hir.cpp:6902
#8 0x00007fffe2458b9f in ast_compound_statement::hir(exec_list*,
_mesa_glsl_parse_state*) (this=0x555556d12e70, instructions=0x555556ff6690,
state=0x555556341530)
at ../../../src/compiler/glsl/ast_to_hir.cpp:2244
#9 0x00007fffe245f462 in ast_function_definition::hir(exec_list*,
_mesa_glsl_parse_state*) (this=0x555556d12ed0, instructions=<optimized out>,
state=0x555556341530)
at ../../../src/compiler/glsl/ast_to_hir.cpp:6182
#10 0x00007fffe2455b70 in _mesa_ast_to_hir(exec_list*, _mesa_glsl_parse_state*)
(instructions=0x5555564c7570, state=0x555556341530) at
../../../src/compiler/glsl/ast_to_hir.cpp:156
#11 0x00007fffe24b9551 in _mesa_glsl_compile_shader(gl_context*, gl_shader*,
bool, bool, bool) (ctx=ctx@entry=0x55555604a230,
shader=shader@entry=0x555556496b40, dump_ast=dump_ast@entry=false,
dump_hir=dump_hir@entry=false, force_recompile=force_recompile@entry=false) at
../../../src/compiler/glsl/glsl_parser_extras.cpp:2106
#12 0x00007fffe235b4d0 in _mesa_compile_shader (ctx=0x55555604a230,
sh=0x555556496b40) at ../../../src/mesa/main/shaderapi.c:1131
#13 0x00007ffff748697f in QOpenGLFunctions::glCompileShader(unsigned int)
(this=<optimized out>, shader=6) at opengl/qopenglfunctions.h:1280
#14 0x00007ffff748697f in QOpenGLShaderPrivate::compile(QOpenGLShader*)
(this=this@entry=0x555556485120, q=q@entry=0x5555563adf10) at
opengl/qopenglshaderprogram.cpp:352
#15 0x00007ffff7487275 in QOpenGLShader::compileSourceCode(char const*)
(this=this@entry=0x5555563adf10, source=source@entry=0x555556b80488 "#version
330 compatibility\n// #donotrun\n\nconst float pi = 3.141592653589793;\nconst
vec3 X = vec3(1.0, 0.0, 0.0);\nconst vec3 Y = vec3(0.0, 1.0, 0.0);\nconst vec3
Z = vec3(0.0, 0.0, 1.0);\n\n// #donotrun\n\n"...) at
opengl/qopenglshaderprogram.cpp:678
#16 0x00007ffff748ce2e in
QOpenGLShaderProgram::addShaderFromSourceCode(QFlags<QOpenGLShader::ShaderTypeBit>,
char const*) (this=this@entry=0x7fffec005bf0, type=..., source=0x555556b80488
"#version 330 compatibility\n// #donotrun\n\nconst float pi =
3.141592653589793;\nconst vec3 X = vec3(1.0, 0.0, 0.0);\nconst vec3 Y =
vec3(0.0, 1.0, 0.0);\nconst vec3 Z = vec3(0.0, 0.0, 1.0);\n\n//
#donotrun\n\n"...)
at opengl/qopenglshaderprogram.cpp:980
#17 0x00007ffff748cf8b in
QOpenGLShaderProgram::addShaderFromSourceCode(QFlags<QOpenGLShader::ShaderTypeBit>,
QString const&) (this=0x7fffec005bf0, type=..., source=...)
at ../../include/QtCore/../../src/corelib/tools/qarraydata.h:206
#18 0x00005555555e0acd in
Fragmentarium::GUI::DisplayWidget::initFragmentShader() (this=0x5555558e0c00)
at
/home/claude/code/github.com/3Dickulus/FragM/Fragmentarium-Source/Fragmentarium/GUI/DisplayWidget.cpp:439
#19 0x00005555555deeaf in
Fragmentarium::GUI::DisplayWidget::setFragmentShader(Fragmentarium::Parser::FragmentSource)
(this=0x5555558e0c00, fs=...)
at
/home/claude/code/github.com/3Dickulus/FragM/Fragmentarium-Source/Fragmentarium/GUI/DisplayWidget.cpp:183
#20 0x000055555561b6f2 in Fragmentarium::GUI::MainWindow::initializeFragment()
(this=0x555555852650) at
/home/claude/code/github.com/3Dickulus/FragM/Fragmentarium-Source/Fragmentarium/GUI/MainWindow.cpp:2239
#21 0x0000555555684895 in
Fragmentarium::GUI::MainWindow::qt_static_metacall(QObject*, QMetaObject::Call,
int, void**) (_o=0x555555852650, _c=QMetaObject::InvokeMetaMethod, _id=35,
_a=0x7fffffffcfd0)
at
/home/claude/code/github.com/3Dickulus/FragM/Fragmentarium-Source/build/Fragmentarium-2.5.0_autogen/S5HU6OSMQS/moc_MainWindow.cpp:456
#22 0x00007ffff6b107cb in QMetaObject::activate(QObject*, int, int, void**) ()
at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#23 0x00007ffff7731ef2 in QAction::triggered(bool) () at
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#24 0x00007ffff7734500 in QAction::activate(QAction::ActionEvent) () at
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#25 0x00007ffff781fd2d in () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#26 0x00007ffff781ff65 in QAbstractButton::mouseReleaseEvent(QMouseEvent*) ()
at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#27 0x00007ffff7909cba in QToolButton::mouseReleaseEvent(QMouseEvent*) () at
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#28 0x00007ffff77767d8 in QWidget::event(QEvent*) () at
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#29 0x00007ffff7909d63 in QToolButton::event(QEvent*) () at
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#30 0x00007ffff77384a1 in QApplicationPrivate::notify_helper(QObject*, QEvent*)
() at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#31 0x00007ffff773fd28 in QApplication::notify(QObject*, QEvent*) () at
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#32 0x00007ffff6ae7589 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
() at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#33 0x00007ffff773f029 in QApplicationPrivate::sendMouseEvent(QWidget*,
QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () at
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#34 0x00007ffff7791314 in () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#35 0x00007ffff7793e9e in () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#36 0x00007ffff77384a1 in QApplicationPrivate::notify_helper(QObject*, QEvent*)
() at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
#37 0x00007ffff773fae0 in QApplication::notify(QObject*, QEvent*) () at
/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5
---Type <return> to continue, or q <return> to quit---
#38 0x00007ffff6ae7589 in QCoreApplication::notifyInternal2(QObject*, QEvent*)
() at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#39 0x00007ffff716baab in QCoreApplication::sendSpontaneousEvent(QObject*,
QEvent*) (event=0x7fffffffd8a0, receiver=0x555555aec440) at
../../include/QtCore/../../src/corelib/kernel/qcoreapplication.h:237
#40 0x00007ffff716baab in
QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*)
(e=0x55555602a370) at kernel/qguiapplication.cpp:2081
#41 0x00007ffff716d9a5 in
QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*)
(e=e@entry=0x55555602a370) at kernel/qguiapplication.cpp:1816
#42 0x00007ffff71480db in
QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>)
(flags=...) at kernel/qwindowsysteminterface.cpp:1032
#43 0x00007ffff2830eeb in
QPAEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)
(this=0x5555557ffb90, flags=...) at qeventdispatcher_glib.cpp:70
#44 0x00007ffff6ae625b in
QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#45 0x00007ffff6aee3d2 in QCoreApplication::exec() () at
/usr/lib/x86_64-linux-gnu/libQt5Core.so.5
#46 0x00005555555d35f3 in main(int, char**) (argc=1, argv=0x7fffffffe158) at
/home/claude/code/github.com/3Dickulus/FragM/Fragmentarium-Source/Fragmentarium/Main.cpp:199
--
You are receiving this mail because:
You are the assignee for the bug.
[-- Attachment #1.2: Type: text/html, Size: 12691 bytes --]
[-- Attachment #2: Type: text/plain, Size: 160 bytes --]
_______________________________________________
dri-devel mailing list
dri-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/dri-devel
next reply other threads:[~2018-10-19 12:55 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-19 12:55 bugzilla-daemon [this message]
2018-10-19 13:35 ` [Bug 108498] ir_dereference_record nullptr segfault in radeonsi_dri.so bugzilla-daemon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-108498-502@http.bugs.freedesktop.org/ \
--to=bugzilla-daemon@freedesktop.org \
--cc=dri-devel@lists.freedesktop.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.