https://bugs.freedesktop.org/show_bug.cgi?id=32297 --- Comment #4 from Chris Rankin <rankincj@xxxxxxxxxxxxxx> 2011-01-05 16:40:23 PST --- I think I've debugged this as far as I can; to get any further I'll need to find where the __DRIcontext.driverPrivate field is set to the "garbage"(?) value. According to the fprintf() statements that I've littered throughout the Mesa/gallium code, where: &__DRIcontext = 0x7d6f8d70 &struct dri_context = 0x7d13c4f0 Starting just before the crash: ** ENTER dri2_destroy_context: pcp->driContext=0x7d6f8d70, pcp->driContext->driverPrivate=0x7d13c4f0 ** destroying dri_context 0x7d13c4f0 *** setting cPriv(0x7d6f8d70)->driverPrivate from 0x7d13c4f0 to NULL ** DONE dri2_destroy_context: pcp->driContext=0x7d6f8d70, pcp->driContext->driverPrivate=(nil) So at this point, we have destroyed the dri_context at 0x7d13c4f0, and for good measure I have also explicitly NULLed out the __DRIcontext.driverPrivate field which referred to it. However, we then get this call to DRI2WireToEvent(), which triggers the fatal call to dri2InvalidateBuffers(): ** ENTER DRI2WireToEvent *** wire->u.u.type=0x4b dri2 invalidate buffers: awire=0x7a56b4c8, awire->drawable=0x4800011 ** ENTER dri2GetGlxDrawableFromXDrawableId ** found pdraw=0x7d775bd8 for drawable 0x4800011: cPriv=0x7d6f8d70, driverPrivate=0x7a5047a8 ** ENTER dri2InvalidateBuffers: pdp->driDrawable->driContextPriv=0x7d6f8d70 ** drawable IDs: 0x4800011 0x7d775c78 dri2_invalidate_drawable: dPriv=0x7d775c78, dPriv->driContextPriv=0x7d6f8d70, drawable=0x7d775cf8, ctx=0x7a5047a8, drawable->dPriv=0x7d775c78 wine: Unhandled page fault on read access to 0x0000003c at address 0x7d9710df (thread 000d), starting debugger... This event fetches a struct dri2_drawable from the dri2Hash structure, which is linked to the __DRIcontext at 0x7d6f8d70 via driDrawable->driContextPriv. However, the driverPrivate field on this __DRIcontext structure is now set to 0x7a5047a8, which is a garbage value as far as I can tell. Chaos ensues when this value is mistaken for the address of a struct dri_context. Interestingly, this problem actually DOES happen when WoW runs full-screen. However, the Wine debugger isn't started to tell me about it. If anyone has any ideas on how to debug this further then I'm all ears. I've already tried using valgrind, but wine/WoW completely failed to run. -- Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. _______________________________________________ dri-devel mailing list dri-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/dri-devel