Bug 8320 - segmentation fault with alpha blended texture mapped points
Summary: segmentation fault with alpha blended texture mapped points
Status: RESOLVED FIXED
Alias: None
Product: Mesa
Classification: Unclassified
Component: Demos (show other bugs)
Version: unspecified
Hardware: x86 (IA32) Linux (All)
: high normal
Assignee: mesa-dev
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-09-18 02:53 UTC by Sean D'Epagnier
Modified: 2006-09-18 08:05 UTC (History)
0 users

See Also:
i915 platform:
i915 features:

Attachments
glut test program to demonstrate bug (1.07 KB, text/plain)
2006-09-18 02:56 UTC, Sean D'Epagnier 		Details
View All

Description Sean D'Epagnier 2006-09-18 02:53:38 UTC 
I have been playing around with mesa a lot recently, and I came across
a
situation that causes a segmentation fault in mesa, it pretty specific,
so this
explains why it has not occured more.  I would like to fix
it, but I might
need a few pointers as to what is going on.
Unfortunately it doesn't occur on
my x86 machine, only the amd64.

I am hoping someone who has more experience
with mesa and opengl might
be able to understand what is going on better. 

The following things must be set:
glEnable(GL_BLEND);
glEnable(GL_TEXTURE_2D); // with valid glTexImage2D
glTexParameteri(GL_TEXTURE_2D, GL_TEXTURE_MAG_FILTER, GL_LINEAR);
glTexParameteri(GL_TEXTURE_2D, GL_TEXTURE_MIN_FILTER, GL_NEAREST);
if the min and mag filters are the same, there is no problem,
but if one is
GL_LINEAR, and the other GL_NEAREST, in both cases
there is a crash.

It only occurs if I now draw a point, (and the point has to be visible)
  
glBegin(GL_POINTS);
glVertex3f(0, 0, -5);
glEnd();


#0  0x00002aaaab548f70 in compute_min_mag_ranges (tObj=0x52d650, n=0,
lambda=0x2aaaac7f7010,
    minStart=0x7fffffd8d514, minEnd=0x7fffffd8d510,
magStart=0x7fffffd8d50c,
    magEnd=0x7fffffd8d508) at s_texfilter.c:593
#1 0x00002aaaab54bd15 in sample_lambda_2d (ctx=0x502930, tObj=0x52d650, n=0,
   
texcoords=0x2aaaac777010, lambda=0x2aaaac7f7010, rgba=0x2aaaac89d010) at
s_texfilter.c:1313
#2  0x00002aaaab547415 in _swrast_texture_span (ctx=0x502930,
span=0x547058)
    at s_texcombine.c:1129
#3  0x00002aaaab53eccc in
_swrast_write_rgba_span (ctx=0x502930, span=0x547058) at s_span.c:1300
#4 0x00002aaaab536293 in textured_rgba_point (ctx=0x502930, vert=0x2aaaac8be020)

   at s_pointtemp.h:236
#5  0x00002aaaab51f8bd in _swrast_validate_point
(ctx=0x502930, v0=0x2aaaac8be020)
    at s_context.c:353
#6  0x00002aaaab51ff9b in _swrast_Point (ctx=0x502930, v0=0x2aaaac8be020) at
s_context.c:597
#7  0x00002aaaab584b0e in swsetup_points (ctx=0x502930, first=0,
last=1) at ss_triangle.c:271
#8  0x00002aaaab4aed52 in _tnl_render_points_verts
(ctx=0x502930, start=0, count=1, flags=48)
    at t_vb_rendertmp.h:69
#9 0x00002aaaab4b10dc in run_render (ctx=0x502930, stage=0x75ace0) at
t_vb_render.c:320
#10 0x00002aaaab4948da in _tnl_run_pipeline (ctx=0x502930) at t_pipeline.c:159
#11 0x00002aaaab4d9989 in _tnl_flush_vtx (ctx=0x502930) at t_vtx_exec.c:281
#12 0x00002aaaab4d0cec in _tnl_FlushVertices (ctx=0x502930,
flags=1) at t_vtx_api.c:881
#13 0x00002aaaab3a66a7 in _mesa_Flush () at
context.c:1861
#14 0x00002aaaab59daac in glFlush () at glapitemp.h:1170
#15 0x00002aaaaad00ba3 in glutSwapBuffers () at fbdev.c:793
#16 0x0000000000400c8d in display () at alphatexturebug.c:12
#17 0x00002aaaaacffeb2 in glutMainLoop () at fbdev.c:459
#18 0x0000000000400e3e in main (argc=1, argv=0x7fffffd95b48) at
alphatexturebug.c:49
Comment 1 Sean D'Epagnier 2006-09-18 02:56:35 UTC 
Created attachment 7042 [details]
glut test program to demonstrate bug
Comment 2 Brian Paul 2006-09-18 08:05:42 UTC 
Looks like this was caused by two things:
1. reading the [-1] element of an array
2. reading uninitialized array elements

both fixed in CVS.  Grab swrast/s_pointtemp.h and swrast/s_texfilter.c

I only tested on 32-bit x86.  Re-open if still not fixed on x86-64.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.