Segfault on master after de8a9197 u_dynarray: turn util_dynarray_{grow, resize} into element-oriented macros
mesa master is segfaulting with lima, bisected to commit:
de8a919702a u_dynarray: turn util_dynarray_{grow, resize} into element-oriented macros
This is reproducible even with kmscube. segfault seems to happen during lima_bo_free.
I'm just starting to debug it, @nh any clue?
Program received signal SIGSEGV, Segmentation fault.
0x0000ffffbedd6ea0 in lima_bo_free (bo=0x0) at ../src/gallium/drivers/lima/lima_bo.c:135
135 if (!p_atomic_dec_zero(&bo->refcnt))
(gdb) bt full
#0 0x0000ffffbedd6ea0 in lima_bo_free (bo=0x0) at ../src/gallium/drivers/lima/lima_bo.c:135
screen = <optimized out>
#1 0x0000ffffbedd7a7c in lima_submit_start (submit=0x5ad2a0, frame=frame@entry=0xfffffffff6f8, size=size@entry=24) at ../src/gallium/drivers/lima/lima_submit.c:147
bo = 0xae4c90
req = {ctx = 0, pipe = 0, nr_bos = 4, frame_size = 24, bos = 6205120, frame = 281474976708344, flags = 0, out_sync = 0, in_sync = {0, 0}}
ret = true
#2 0x0000ffffbedcda18 in _lima_flush (ctx=ctx@entry=0x5aa3a0, end_of_frame=<optimized out>) at ../src/gallium/drivers/lima/lima_draw.c:1598
vs_cmd_size = <optimized out>
plbu_cmd_size = <optimized out>
vs_cmd_va = 0
plbu_cmd_va = 5906432
plbu_cmd = <optimized out>
screen = 0x5a1860
gp_frame = {frame = {0, 0, 5906432, 5906480, 274432, 1323008}}
gp_frame_reg = 0xfffffffff6f8
ps = <optimized out>
#3 0x0000ffffbedcdea8 in lima_pipe_flush (pctx=0x5aa3a0, fence=0xfffffffff970, flags=<optimized out>) at ../src/gallium/drivers/lima/lima_draw.c:1703
ctx = 0x5aa3a0
#4 0x0000ffffbe9ea618 in st_flush (st=st@entry=0x5cfe10, fence=fence@entry=0xfffffffff970, flags=flags@entry=1) at ../src/mesa/state_tracker/st_cb_flush.c:62
No locals.
#5 0x0000ffffbe903e40 in st_context_flush (stctxi=0x5cfe10, flags=2, fence=0xfffffffff970) at ../src/mesa/state_tracker/st_manager.c:671
st = 0x5cfe10
pipe_flags = 1
__func__ = "st_context_flush"
#6 0x0000ffffbe6f445c in dri_flush (cPriv=<optimized out>, dPriv=<optimized out>, flags=<optimized out>, reason=__DRI2_THROTTLE_SWAPBUFFER) at ../src/gallium/state_trackers/dri/dri_drawable.c:567
screen = 0x5a1860
oldest_fence = 0xffffbf6582cc <dri2_flush_drawable_for_swapbuffers+52>
new_fence = 0x0
ctx = 0x5a8ae0
drawable = 0x5d5490
st = 0x5cfe10
flush_flags = <optimized out>
swap_msaa_buffers = 0 '\000'
__PRETTY_FUNCTION__ = "dri_flush"
#7 0x0000ffffbf658334 in dri2_flush_drawable_for_swapbuffers (disp=disp@entry=0x5a7800, draw=draw@entry=0x5d5270) at ../src/egl/drivers/dri2/egl_dri2.c:1646
ctx = <optimized out>
dri2_ctx = <optimized out>
dri2_dpy = 0x5a7ff0
dri_drawable = 0x5e5090
#8 0x0000ffffbf65d6e0 in dri2_drm_swap_buffers (drv=<optimized out>, disp=0x5a7800, draw=0x5d5270) at ../src/egl/drivers/dri2/platform_drm.c:437
dri2_dpy = 0x5a7ff0
dri2_surf = 0x5d5270
#9 0x0000ffffbf6548a0 in dri2_swap_buffers (drv=0x5a7e30, disp=0x5a7800, surf=0x5d5270) at ../src/egl/drivers/dri2/egl_dri2.c:1665
dri2_dpy = 0x5a7ff0
ctx = <optimized out>
#10 0x0000ffffbf646968 in eglSwapBuffers (dpy=<optimized out>, surface=<optimized out>) at ../src/egl/main/eglapi.c:1311
ctx = 0x59f6d0
disp = 0x5a7800
surf = 0x5d5270
drv = <optimized out>
ret = <optimized out>
__func__ = "eglSwapBuffers"
#11 0x0000000000407078 in legacy_run (gbm=0x57c578 <gbm>, egl=0x57c5f8 <gl>) at drm-legacy.c:56
fds = {__fds_bits = {1503316182561361920, 281474976709456, 281473892570604, 5750128, 281474976709944, 1, 0, 0, 0, 4616194021471028224, 1503316182561361920, 281474976709504, 4227628, 4294967295, 4616194021471028225, 5750912}}
evctx = {version = 2, vblank_handler = 0x0, page_flip_handler = 0x406fe4 <page_flip_handler>, page_flip_handler2 = 0x0, sequence_handler = 0x0}
bo = <optimized out>
fb = <optimized out>
i = 0
ret = <optimized out>
#12 0x000000000040824c in main (argc=1, argv=0xfffffffffd38) at kmscube.c:182
device = 0x56a740 "/dev/dri/card0"
video = <optimized out>
mode = SMOOTH
modifier = 0
samples = <optimized out>
atomic = 0
dump = 0
opt = -1
fd = <optimized out>
width = <optimized out>
height = <optimized out>