http://bugs.freedesktop.org/show_bug.cgi?id=10071
Summary: Invalid read in emit_vec16 r300_maos.c. Related
probably to artifact.
Product: DRI
Version: XOrg CVS
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: medium
Component: libGL
AssignedTo: dri-devel@lists.sourceforge.net
ReportedBy: [EMAIL PROTECTED]
Valgrind reports the following error:
==8649== Invalid read of size 4
==8649== at 0x4BA0ED9: r300EmitArrays (r300_maos.c:172)
==8649== by 0x4B9648A: r300_run_vb_render (r300_render.c:341)
==8649== by 0x4B96E8E: r300_run_tcl_render (r300_render.c:540)
==8649== by 0x4C128A0: _tnl_run_pipeline (t_pipeline.c:159)
==8649== by 0x4C9E8D8: _tnl_draw_prims (t_draw.c:400)
==8649== by 0x4C97F42: vbo_exec_vtx_flush (vbo_exec_draw.c:215)
==8649== by 0x4C93885: vbo_exec_wrap_buffers (vbo_exec_api.c:75)
==8649== by 0x4C93D85: vbo_exec_vtx_wrap (vbo_exec_api.c:109)
==8649== by 0x4C97289: vbo_Vertex3fv (vbo_attrib_tmp.h:61)
==8649== by 0x4837BE1: glVertex3fv (glapitemp.h:770)
==8649== by 0x42C32CE: osgParticle::Particle::render(osg::Vec3f const&,
osg::Vec3f const&, osg::Vec3f const&, float) const (in
/usr/lib/libosgParticle.so)
==8649== by 0x42C9633:
osgParticle::ParticleSystem::single_pass_render(osg::State&, osg::Matrixd
const&) const (in /usr/lib/libosgParticle.so)
==8649== Address 0x4DADB00 is 0 bytes after a block of size 65,536 alloc'd
==8649== at 0x40227F4: memalign (vg_replace_malloc.c:448)
==8649== by 0x4022844: posix_memalign (vg_replace_malloc.c:549)
==8649== by 0x4BD5269: _mesa_align_malloc (imports.c:113)
==8649== by 0x4C94329: vbo_exec_vtx_init (vbo_exec_api.c:638)
==8649== by 0x4C935DC: vbo_exec_init (vbo_exec.c:52)
==8649== by 0x4C934D0: _vbo_CreateContext (vbo_context.c:223)
==8649== by 0x4B8CAA5: r300CreateContext (r300_context.c:297)
==8649== by 0x4B84D9C: radeonCreateContext (radeon_screen.c:920)
==8649== by 0x4B815A9: driCreateNewContext (dri_util.c:830)
==8649== by 0x480A64E: CreateContext (glxcmds.c:353)
==8649== by 0x480A984: glXCreateContext (glxcmds.c:430)
==8649== by 0x48924DD: Producer::RenderSurface::_init() (in
/usr/lib/libProducer.so)
It seems that somehow in emit_vec16 in r300_maos, data has less allocated
memory from what count thinks, by one,
so we read out of the data bounds.
for (i = 0; i < count; i++) {
out[0] = *(int *)data; // Valgrind warns here
out[1] = *(int *)(data + 4);// Valgrind warns and here
out[2] = *(int *)(data + 8);// Valgrind warns and here
out[3] = *(int *)(data + 12);// Valgrind warns and here
out += 4;
data += stride;
}
This happens when using a simple model which is not rendered correctly in
blender and OSG.
The black line should not exist. Toggling light seems to remove the black line.
--
Configure bugmail: http://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
--
_______________________________________________
Dri-devel mailing list
Dri-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dri-devel
