On 01/21/2014 05:30 PM, Ian Romanick wrote:
From: Ian Romanick <ian.d.roman...@intel.com>
Since the list pointer was never incremented when a OPCODE_PIXEL_MAP
opcode was encountered, the data for the instruction would get freed
over and over and over... resulting in a crash.
Fixes gl-1.0-beginend-coverage.
Signed-off-by: Ian Romanick <ian.d.roman...@intel.com>
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=72214
Cc: Brian Paul <bri...@vmware.com>
Cc: Lu Ha <huax...@intel.com>
---
src/mesa/main/dlist.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/mesa/main/dlist.c b/src/mesa/main/dlist.c
index cb40ff4..08943c9 100644
--- a/src/mesa/main/dlist.c
+++ b/src/mesa/main/dlist.c
@@ -767,6 +767,7 @@ _mesa_delete_list(struct gl_context *ctx, struct
gl_display_list *dlist)
break;
case OPCODE_PIXEL_MAP:
free(get_pointer(&n[3]));
+ n += InstSize[n[0].opcode];
break;
case OPCODE_CONTINUE:
Thanks, Ian.
Reviewed-by: Brian Paul <bri...@vmware.com>
Looks like my original patch for fixing the pixelmap leak (1fb10652)
isn't in the 10.0.x branch. It's probably not worth cherry picking. Who
uses glPixelMap in a display list anyway?
-Brian
_______________________________________________
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/mesa-dev
