[Bug 43522] New: matrixview segfaults because of _tnl_emit_vertices_to_buffer heap corruption

Sun Dec 4 13:49:54 PST 2011

https://bugs.freedesktop.org/show_bug.cgi?id=43522

             Bug #: 43522
           Summary: matrixview segfaults because of
                    _tnl_emit_vertices_to_buffer heap corruption
    Classification: Unclassified
           Product: Mesa
           Version: 7.11
          Platform: x86 (IA32)
        OS/Version: Linux (All)
            Status: NEW
          Severity: normal
          Priority: medium
         Component: Drivers/DRI/Savage
        AssignedTo: dri-devel at lists.freedesktop.org
        ReportedBy: bugzi11.fdo.tormod at xoxy.net

Created attachment 54114
  --> https://bugs.freedesktop.org/attachment.cgi?id=54114
gdb session with backtrace from corruption

The matrixview screensaver hack from rss-glx (Really Slick Screensavers Port to
GLX) segfaults very reproducibly on my savage laptop. The
_swrast_context->InvalidateState function pointer gets overwritten and
_swrast_InvalidateState segfaults.

I have tracked this down to emit_viewport4_bgra4_st2() from
src/mesa/tnl/t_vertex_generic.c (see attached gdb session).

This happens with or without MESA_NO_CODEGEN=1 but gdb made more sense with it.

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.