XFree86 Bug/Test Report Form Please fill in as many of the fields a possible, and return this form to [EMAIL PROTECTED] Replace the comments in [] with your own text.
VERSION: CVS tree on 1/21/2003 XF86_VERSION 4.2.99.4 VIDEO DRIVER: radeon mobile 9600 OPERATING SYSTEM: Linux VIDEO CARD: MODEL: Radeon Mobility 9000 GRAPHICS CHIPSET: ATI Radeon R250 RAMDAC: CLOCKCHIP: VIDEO MEMORY: BUS TYPE: PCI REPORT: I have an OpenGL program that crashes after opening the GL context (I believe) - but then dies. The Xserver tries to cleanup after this mishap and free memory. In the Mesa server code, xc/extras/Mesa/src/tnl, a context structure element "freed_immesiate" is used to cache the last freed memory - for possible reuse. Clearly a performance gain. The problem: If no memory has been freed - because none has been allocated yet, _tnl_DestroyContext (t_context.c:146) invokes _tnl_free_immediate with a second argument the pointer to the freed_immediate memory. This will be "0" if no memory has been freed - or if t_imm_alloc.c has given the memory to someone else already. _tnl_free_immediate (t_imm_alloc.c:129) places the second argument into a variable IM. Almost immediately at line 130 - IM is derefenced with ASSERT(IM->ref_count == 0); Oops.... Two possible fixes: a) _tnl_free_immediate should test for IM being 0, or _tnl_DestroyContext should not call _tnl_free_immediate if freed_immediate is 0. I chose the later.... Seems that the DRI development CVS tree suffers from the same. Ezra --- xc/extras/Mesa/src/tnl/t_context.c.ezra 2003-01-27 17:22:23.000000000 -0500 +++ xc/extras/Mesa/src/tnl/t_context.c 2003-01-27 17:11:58.000000000 -0500 @@ -144,7 +144,8 @@ _tnl_array_destroy( ctx ); _tnl_imm_destroy( ctx ); _tnl_destroy_pipeline( ctx ); - _tnl_free_immediate( ctx, tnl->freed_immediate ); + if (tnl->freed_immediate) + _tnl_free_immediate( ctx, tnl->freed_immediate ); FREE(tnl); ctx->swtnl_context = 0; $XFree86: xc/programs/Xserver/hw/xfree86/doc/BugReport.cpp,v 1.1 2001/01/15 23:00:01 dawes Exp $ _______________________________________________ XFree86 mailing list [EMAIL PROTECTED] http://XFree86.Org/mailman/listinfo/xfree86