* Heap corruption regression in 2.15.0
@ 2011-05-18 4:17 Ian Pilcher
2011-05-18 7:43 ` Chris Wilson
0 siblings, 1 reply; 5+ messages in thread
From: Ian Pilcher @ 2011-05-18 4:17 UTC (permalink / raw)
To: intel-gfx
With the recently pushed Fedora 15 update to 2.15.0, I'm getting a hard
X hang every time I log out. gdb backtrace reveals that glibc is dead-
locking trying to report a heap corruption:
#0 __lll_lock_wait_private () at
../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:100
#1 0x00007fb07f8c7c11 in _L_lock_10461 () at malloc.c:6486
#2 0x00007fb07f8c59d7 in __libc_malloc (bytes=140396034138592) at
malloc.c:3657
#3 0x00007fb07f8bb35d in __libc_message (do_abort=2,
fmt=0x7fb07f9a6fb8 "*** glibc detected *** %s: %s: 0x%s ***\n")
at ../sysdeps/unix/sysv/linux/libc_fatal.c:137
#4 0x00007fb07f8c196a in malloc_printerr (action=3,
str=0x7fb07f9a3f92 "corrupted double-linked list", ptr=<optimized
out>) at
malloc.c:6283
#5 0x00007fb07f8c1d48 in malloc_consolidate (av=0x7fb07fbe21e0) at
malloc.c:5161
#6 0x00007fb07f8c2669 in malloc_consolidate (av=0x7fb07fbe21e0) at
malloc.c:5115
#7 _int_free (av=0x7fb07fbe21e0, p=<optimized out>, have_lock=0) at
malloc.c:5034
#8 0x000000351360c01f in FontFileFreeDir (dir=0x1fef3d0) at fontdir.c:166
#9 0x000000351360ce18 in FontFileFreeFPE (fpe=0x1fef360) at fontfile.c:139
#10 0x000000351360f89e in CatalogueUnrefFPEs (fpe=<optimized out>) at
catalogue.c:116
#11 0x000000351360fe41 in CatalogueFreeFPE (fpe=0x1fb8f00) at
catalogue.c:272
#12 0x000000000042f09d in FreeFPE (fpe=0x1fb8f00) at dixfonts.c:218
#13 FreeFPE (fpe=0x1fb8f00) at dixfonts.c:214
#14 0x000000000042f107 in FreeFontPath (list=0x1fb54b0, n=2, force=1) at
dixfonts.c:1628
#15 0x0000000000432257 in FreeFonts () at dixfonts.c:1998
#16 0x0000000000422f1e in main (argc=<optimized out>, argv=0x7fff89fd3fb8,
envp=<optimized out>)
at main.c:329
This does not happen with the 2.14.0 package (verified by downgrading).
Anyone have any ideas for potential suspect commits?
Thanks!
--
========================================================================
Ian Pilcher arequipeno@gmail.com
"If you're going to shift my paradigm ... at least buy me dinner first."
========================================================================
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Heap corruption regression in 2.15.0
2011-05-18 4:17 Heap corruption regression in 2.15.0 Ian Pilcher
@ 2011-05-18 7:43 ` Chris Wilson
2011-05-18 15:54 ` Ian Pilcher
0 siblings, 1 reply; 5+ messages in thread
From: Chris Wilson @ 2011-05-18 7:43 UTC (permalink / raw)
To: Ian Pilcher, intel-gfx
On Tue, 17 May 2011 23:17:01 -0500, Ian Pilcher <arequipeno@gmail.com> wrote:
> With the recently pushed Fedora 15 update to 2.15.0, I'm getting a hard
> X hang every time I log out. gdb backtrace reveals that glibc is dead-
> locking trying to report a heap corruption:
What sort of tasks do you do during the sessions that encounter this
corruption? Is it limited to a single chipset?
When I valgrind, I tend to stick to the automated tests, i.e. those that I
can run remotely and leave running, for the obvious reasons.... If you can
narrow done the circumstances under which it occurs, I can then hopefully
reproduce it and capture the error.
Thanks,
-Chris
--
Chris Wilson, Intel Open Source Technology Centre
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Heap corruption regression in 2.15.0
2011-05-18 7:43 ` Chris Wilson
@ 2011-05-18 15:54 ` Ian Pilcher
2011-05-18 18:23 ` Ian Pilcher
0 siblings, 1 reply; 5+ messages in thread
From: Ian Pilcher @ 2011-05-18 15:54 UTC (permalink / raw)
To: Chris Wilson; +Cc: intel-gfx
On 05/18/2011 02:43 AM, Chris Wilson wrote:
> What sort of tasks do you do during the sessions that encounter this
> corruption? Is it limited to a single chipset?
It doesn't seem to take much ... I basically log in to KDE (startx), do
a bit of work, and logout. I haven't been able to reproduce the problem
with anything less than full-on KDE started from startx, however.
I'm in the process of trying to bisect 2.14.0 - 2.15.0.
One thing I just noticed. I'm using glxgears as part of my test work-
load, and I noticed that the vsync seems very messed up with 2.15.0 --
lots of "flickering"; doesn't happen with 2.14.0. I have no idea if
this is related or not ...
Thanks for the response. I will let you know if the bisect turns up
anything useful.
--
========================================================================
Ian Pilcher arequipeno@gmail.com
"If you're going to shift my paradigm ... at least buy me dinner first."
========================================================================
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Heap corruption regression in 2.15.0
2011-05-18 15:54 ` Ian Pilcher
@ 2011-05-18 18:23 ` Ian Pilcher
2011-05-21 16:04 ` Ian Pilcher
0 siblings, 1 reply; 5+ messages in thread
From: Ian Pilcher @ 2011-05-18 18:23 UTC (permalink / raw)
To: intel-gfx
On 05/18/2011 10:54 AM, Ian Pilcher wrote:
> I'm in the process of trying to bisect 2.14.0 - 2.15.0.
It looks like the problematic commit is one of:
e1ff5182304e00c0d392092069422cae7626cf8d Handle drawable/client
destruction in pending swaps/flips
86f23f21ab57fcbc031bcd2b8f432a08ff4cc320 Skip client and drawable
resource delete calls when deleting frame event
I wasn't able to test with only the first commit, because KDE gets stuck
on its "splash screen".
I'm not sure what to do next ...
--
========================================================================
Ian Pilcher arequipeno@gmail.com
"If you're going to shift my paradigm ... at least buy me dinner first."
========================================================================
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Heap corruption regression in 2.15.0
2011-05-18 18:23 ` Ian Pilcher
@ 2011-05-21 16:04 ` Ian Pilcher
0 siblings, 0 replies; 5+ messages in thread
From: Ian Pilcher @ 2011-05-21 16:04 UTC (permalink / raw)
To: chris; +Cc: intel-gfx
On 05/18/2011 01:23 PM, Ian Pilcher wrote:
>
> It looks like the problematic commit is one of:
>
> e1ff5182304e00c0d392092069422cae7626cf8d Handle drawable/client
> destruction in pending swaps/flips
>
> 86f23f21ab57fcbc031bcd2b8f432a08ff4cc320 Skip client and drawable
> resource delete calls when deleting frame event
>
I have bugzilla'ed this at:
https://bugs.freedesktop.org/show_bug.cgi?id=37420
Any thoughts on how I can further debug this? It's gonna suck to be
stuck on 2.14.0 forever ...
--
========================================================================
Ian Pilcher arequipeno@gmail.com
"If you're going to shift my paradigm ... at least buy me dinner first."
========================================================================
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2011-05-21 16:04 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-05-18 4:17 Heap corruption regression in 2.15.0 Ian Pilcher
2011-05-18 7:43 ` Chris Wilson
2011-05-18 15:54 ` Ian Pilcher
2011-05-18 18:23 ` Ian Pilcher
2011-05-21 16:04 ` Ian Pilcher
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.