libGL segfault related to changing maps with the console open
I didn't get around to reporting this for a while but now that it's probably fixed it seems like a good time :P
This seems random but I can reproduce it within a few minutes with some terribad xonscript:
alias trytocrash "changelevel erbium; defer 5 \"changelevel finalrage\"; defer 10 \"changelevel catharsis\"; defer 15 \"changelevel erbium\"; defer 20 \"changelevel silentsiege\"; defer 25 \"changelevel oilrig\"; defer 30 \"changelevel opium\"; defer 35 \"changelevel space-elevator\"; defer 40 \"changelevel warfare\"; defer 45 \"changelevel boil\"; defer 50 \"changelevel implosion\"; defer 55 \"changelevel solarium\"; defer 60 \"changelevel xoylent\"; defer 65 \"changelevel stormkeep\"; defer 70 \"changelevel runningman\"; defer 75 \"changelevel glowplant\"; defer 80 \"changelevel fuse\"; defer 85 \"changelevel bromine\"; defer 90 \"changelevel atelier\"; defer 95 \"changelevel dance\"; defer 100 \"changelevel afterslime\"; defer 105 \"changelevel runningmanctf\"; defer 110 \"changelevel darkzone\"; defer 115 \"changelevel geoplanetary\"; defer 125 trytocrash"; map boil; defer 10 trytocrash
It happens on (at least) nvidia proprietary and intel mesa drivers. Something invalid is given to libGL. GL error checking doesn't catch it.
Thread 1 "darkplaces-sdl" received signal SIGSEGV, Segmentation fault.
0x00000000400b0c97 in ?? ()
(gdb) bt
#0 0x00000000400b0c97 in ?? ()
#1 0x00007ffff26b7299 in ?? ()
from /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.470.129.06
#2 0x00007ffff26c7b55 in ?? ()
from /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.470.129.06
#3 0x00007ffff22a4af6 in ?? ()
from /usr/lib/x86_64-linux-gnu/libnvidia-glcore.so.470.129.06
#4 0x000055555569e0dc in R_Mesh_Draw (firstvertex=0, numvertices=4, firsttriangle=0,
numtriangles=2, element3i=0x5555be3a2970, element3i_indexbuffer=0x5555695e8df0,
element3i_bufferoffset=0, element3s=0x555569c2f560,
element3s_indexbuffer=0x5555695e8d50, element3s_bufferoffset=0)
at ../../../gl_backend.c:1742
#5 0x00005555556cd687 in RSurf_DrawBatch () at ../../../gl_rmain.c:8533
#6 0x00005555556ce14b in R_DrawTextureSurfaceList_GL20 (texturenumsurfaces=1,
texturesurfacelist=0x5555c05bbe30, writedepth=false, prepass=false, ui=true)
at ../../../gl_rmain.c:8744
#7 0x00005555556ce41d in R_DrawModelTextureSurfaceList (texturenumsurfaces=1,
texturesurfacelist=0x5555c05bbe30, writedepth=false, prepass=false, ui=true)
at ../../../gl_rmain.c:8792
#8 0x00005555556ced38 in R_ProcessModelTextureSurfaceList (texturenumsurfaces=1,
texturesurfacelist=0x5555c05bbe30, writedepth=false, depthonly=false, prepass=false,
ui=true) at ../../../gl_rmain.c:8929
#9 0x00005555556cf15d in R_QueueModelSurfaceList (
ent=0x555555e28440 <cl_meshentities+2080>, numsurfaces=13, surfacelist=0x5555c05bbe30,
flagsmask=64, writedepth=false, depthonly=false, prepass=false, ui=true)
at ../../../gl_rmain.c:9000
#10 0x00005555556d3f2f in R_DrawModelSurfaces (ent=0x555555e28440 <cl_meshentities+2080>,
skysurfaces=false, writedepth=false, depthonly=false, debug=false, prepass=false,
ui=true) at ../../../gl_rmain.c:10069
#11 0x00005555556a657c in DrawQ_FlushUI () at ../../../gl_draw.c:1492
#12 0x00005555556a649f in DrawQ_Finish () at ../../../gl_draw.c:1463
#13 0x000055555562b157 in SCR_DrawScreen () at ../../../cl_screen.c:1789
#14 0x000055555562cf1a in CL_UpdateScreen () at ../../../cl_screen.c:2398
#15 0x00005555555fb594 in CL_Frame (time=0.030851866002194583) at ../../../cl_main.c:2913
#16 0x00005555556e6c08 in Host_Frame (time=0.030851866002194583) at ../../../host.c:647
#17 0x00005555556e6f9f in Host_Main () at ../../../host.c:736
#18 0x000055555559a1ec in main (argc=10, argv=0x7fffffffdf48) at ../../../sys_sdl.c:222