[Mesa-dev] [PATCH] i965: Fix software primitive restart with indirect draws.

[Kenneth Graunke]

new_prim was declared as a stack variable within a nested scope; we
tried to retain a pointer to that data beyond the scope, which is bogus.

GCC with -O1 eliminated most of the code that set new_prim's fields.

Move the declaration to fix the bug.

Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=81025
Signed-off-by: Kenneth Graunke <kenneth at whitecape.org>
Cc: Mark Janes <mark.a.janes at intel.com>
Cc: mesa-stable at lists.freedesktop.org
---
 src/mesa/vbo/vbo_primitive_restart.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/mesa/vbo/vbo_primitive_restart.c b/src/mesa/vbo/vbo_primitive_restart.c
index 562dedc..bb9048f 100644
--- a/src/mesa/vbo/vbo_primitive_restart.c
+++ b/src/mesa/vbo/vbo_primitive_restart.c
@@ -167,6 +167,7 @@ vbo_sw_primitive_restart(struct gl_context *ctx,
                          struct gl_buffer_object *indirect)
 {
    GLuint prim_num;
+   struct _mesa_prim new_prim;
    struct sub_primitive *sub_prims;
    struct sub_primitive *sub_prim;
    GLuint num_sub_prims;
@@ -182,7 +183,6 @@ vbo_sw_primitive_restart(struct gl_context *ctx,
 
    /* If there is an indirect buffer, map it and extract the draw params */
    if (indirect && prims[0].is_indirect) {
-      struct _mesa_prim new_prim = *prims;
       struct _mesa_index_buffer new_ib = *ib;
       const uint32_t *indirect_params;
       if (!ctx->Driver.MapBufferRange(ctx, 0, indirect->Size, GL_MAP_READ_BIT,
@@ -195,6 +195,7 @@ vbo_sw_primitive_restart(struct gl_context *ctx,
       }
 
       assert(nr_prims == 1);
+      new_prim = prims[0];
       indirect_params = (const uint32_t *)
                         ADD_POINTERS(indirect->Mappings[MAP_INTERNAL].Pointer,
                                      new_prim.indirect_offset);
-- 
2.3.5