[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#682812: calloc (nmemb=0, size=12)

Michel Dänzer wrote:

On Mit, 2012-07-25 at 23:01 +0200, Johann Klammer wrote:

Does the problem still occur with libgl1-mesa-dri version 8.x?




updated to 8.0.3-1

Same results.
Also, I get these unexpected messages on startup of the application:
nvfx_screen_get_param:95 -  Warning: unknown PIPE_CAP 30
nvfx_screen_get_param:95 -  Warning: unknown PIPE_CAP 30
nvfx_screen_get_param:95 -  Warning: unknown PIPE_CAP 55
nvfx_screen_get_param:95 -  Warning: unknown PIPE_CAP 56
nvfx_screen_get_param:95 -  Warning: unknown PIPE_CAP 59
nvfx_screen_get_param:95 -  Warning: unknown PIPE_CAP 58
nvfx_screen_get_param:95 -  Warning: unknown PIPE_CAP 30

but that may be because I did not update the rest of xorg...
dependencies seem notoriously broken...

still black triangles.
There are calloc calls with zero size at two points before the program continues without interruption. 
Backtraces follow:

The first one:
#0 0xb7cc5647 in raise (sig=2) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 
#1  0xb7fd8f70 in calloc (nmemb=1, size=0) at alc.c:634
#2  0xb6a717f8 in st_translate_program (ctx=0xb6666000, procType=0,
    ureg=0xb52e3000, program=0xb52ff000, proginfo=0xb52e8000, numInputs=3,
    inputMapping=0xbff75780, inputSemanticName=0xbff756d4 "\001\001\005",
    inputSemanticIndex=0xbff756f4 "", interpMode=0xbff75800, numOutputs=1,
    outputMapping=0xbff75754,
outputSemanticName=0xbff75714 "\001\200\375\267\234\222\067\265 \362\375\267\020", outputSemanticIndex=0xbff75734 "", passthrough_edgeflags=0 '\000') 
    at state_tracker/st_glsl_to_tgsi.cpp:4674
#3  0xb6a3e4c3 in st_translate_fragment_program (st=0xb661e430,
    stfp=0xb52e8000, key=0xbff758e8) at state_tracker/st_program.c:706
#4  0xb6a3ef06 in st_get_fp_variant (st=0xb661e430, stfp=0xb52e8000,
    key=0xbff758e8) at state_tracker/st_program.c:781
#5  0xb6b07d07 in update_fp (st=0xb661e430)
    at state_tracker/st_atom_shader.c:86
#6  0xb6b05316 in st_validate_state (st=0xb661e430)
    at state_tracker/st_atom.c:197
#7  0xb6b0bc78 in st_Clear (ctx=0xb6666000, mask=18)
    at state_tracker/st_cb_clear.c:508
#8  0xb6acce60 in _mesa_Clear (mask=16640) at main/clear.c:242
#9  0x080501cb in event_loop (dpy=0xb77b12e0, win=20971522, glxw=20971523,
    sd=0xbff75d84) at main.c:2671
#10 0x0805193e in main (argc=1, argv=0xbffff514) at main.c:3330

The second one:
#0 0xb7cc5647 in raise (sig=2) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 
#1  0xb7fd8f27 in calloc (nmemb=0, size=8) at alc.c:622
#2  0xb6905585 in nvfx_fragprog_prepare (nvfx=0xb7791250, pfp=0xb5308000,
    emulate_sprite_flipping=0 '\000') at nvfx_fragprog.c:985
#3  nvfx_fragprog_translate (nvfx=0xb7791250, pfp=0xb5308000,
    emulate_sprite_flipping=0 '\000') at nvfx_fragprog.c:1084
#4  0xb6906f03 in nvfx_fragprog_validate (nvfx=0xb7791250)
    at nvfx_fragprog.c:1251
#5 0xb690d6b8 in nvfx_state_validate_common (nvfx=Unhandled dwarf expression opcode 0xf3 
) at nvfx_state_emit.c:290
#6  0xb690ddfd in nvfx_state_validate (nvfx=0xb7791250)
    at nvfx_state_emit.c:424
#7  0xb68ea828 in nvfx_draw_vbo (pipe=0xb7791250, info=0xbff756e0)
    at nvfx_vbo.c:240
#8  0xb6a3adaa in st_draw_vbo (ctx=0xb6666000, arrays=0xb661a4c0,
    prims=0xb6618da8, nr_prims=4, ib=0x0, index_bounds_valid=1 '\001',
    min_index=0, max_index=11, tfb_vertcount=0x0)
    at state_tracker/st_draw.c:1112
#9 0xb6a3469a in vbo_exec_vtx_flush (exec=0xb6618988, keepUnmapped=1 '\001') 
    at vbo/vbo_exec_draw.c:407
#10 0xb6a2988f in vbo_exec_FlushVertices_internal (exec=0xb6618988, unmap=Unhandled dwarf expression opcode 0xf3 
)
    at vbo/vbo_exec_api.c:539
#11 0xb6a31dff in vbo_exec_FlushVertices (ctx=0xb6666000, flags=1)
    at vbo/vbo_exec_api.c:1290
---Type <return> to continue, or q <return> to quit---
#12 0xb69ff485 in _mesa_BindTexture (target=3553, texName=3)
    at main/texobj.c:1123
#13 0xb7e013b9 in textureUse (t=0xb54efea8) at texture.c:240
#14 0x0804e95c in draw_etri (et=0xb54a4e64, err_usr=0xbff75d84) at main.c:1878 #15 0x0804ec70 in frag_draw2 (t=0xb54a4340, err_usr=0xbff75d84) at main.c:1980 
#16 0x08051d84 in drawTriangle (tri=0xb54a4340, context=0x805acf0)
    at planets.c:365
#17 0x08053ef7 in drawNode2 (node=0xb54a4340, context=0x805acf0, p=0xbff75c98) 
    at planets.c:1190
#18 0x08053e9a in drawNode2 (node=0xb54a4240, context=0x805acf0, p=0xbff75c98) 
    at planets.c:1183
#19 0x08053d8c in drawSphere2 (sp=0x805aca0, p=0xbff75c98) at planets.c:1152
#20 0x08050500 in event_loop (dpy=0xb77b12e0, win=20971522, glxw=20971523,
    sd=0xbff75d84) at main.c:2738
#21 0x0805193e in main (argc=1, argv=0xbffff514) at main.c:3330


Using libc allocator fixes it, as before.
fixing the custom allocator to return a valid pointer for zero-sized allocations fixes it, too. 
(the new warning messages still persist and seem unrelated)
Reply to: