As documented, the _mesa_free_shader_program_data function:
"Frees all the data that hangs off a shader program object, but not
the object itself."
This means that this function may be called multiple times on the same object,
(and has been observed to). Meanwhile, the shProg->Label field was not being
set to NULL after its free(). This led to a second call to free() of the same
address on the second call to this function.
Fix this by setting this field to NULL after free(), (just as with all other
calls to free() in this function).
---
src/mesa/main/shaderobj.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/mesa/main/shaderobj.c b/src/mesa/main/shaderobj.c
index 4f4bb69..d5c3d80 100644
--- a/src/mesa/main/shaderobj.c
+++ b/src/mesa/main/shaderobj.c
@@ -355,6 +355,7 @@ _mesa_free_shader_program_data(struct gl_context *ctx,
}
free(shProg->Label);
+ shProg->Label = NULL;
}
--
1.9.rc1
_______________________________________________
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/mesa-dev
