Bug 43522 - matrixview segfaults because of _tnl_emit_vertices_to_buffer heap corruption
Summary: matrixview segfaults because of _tnl_emit_vertices_to_buffer heap corruption
Status: NEW
Alias: None
Product: Mesa
Classification: Unclassified
Component: Drivers/DRI/Savage (show other bugs)
Version: 7.11
Hardware: x86 (IA32) Linux (All)
: medium normal
Assignee: Default DRI bug account
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-12-04 13:49 UTC by Tormod Volden
Modified: 2011-12-04 13:49 UTC (History)
0 users

See Also:
i915 platform:
i915 features:

Attachments
gdb session with backtrace from corruption (15.64 KB, text/plain)
2011-12-04 13:49 UTC, Tormod Volden 		Details
View All

Description Tormod Volden 2011-12-04 13:49:54 UTC 
Created attachment 54114 [details]
gdb session with backtrace from corruption

The matrixview screensaver hack from rss-glx (Really Slick Screensavers Port to GLX) segfaults very reproducibly on my savage laptop. The _swrast_context->InvalidateState function pointer gets overwritten and _swrast_InvalidateState segfaults.

I have tracked this down to emit_viewport4_bgra4_st2() from src/mesa/tnl/t_vertex_generic.c (see attached gdb session).

This happens with or without MESA_NO_CODEGEN=1 but gdb made more sense with it.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.