On 8/23/07, Shane Blackett <[EMAIL PROTECTED]> wrote: > Hi, > > While investigating problems due to the display lists not sharing with > Windows GDI, I found that if the display list stack ever reaches > MAX_LIST_NESTING then when it decrements in the index, > ctx->ListState.CallDepth it clears the Callstack entry for the > incremented value. This is one greater than what corresponds to where > the Callstack entry was set at the start of the routine with a post_fix > increment. This probably does not normally have any effect, (as the > only consequence would be leaving one of the Callstack entries set). > However when the maximum count is reached this overreaches the list, > clearing the next entry in the structure which happens to be the > CallDepth itself, setting this to zero. When the stack then unrolls > further it decrements this zero value, and sets random memory to zero. > > I have attached a simple patch which changes the decrement from postfix > to prefix, which is the complement of the postfix increment at the start > of the routine.
Actually, the CallStack array isn't needed at all. It's probably a remnant of some old code. The execute_list() function is recursive and the regular calling stack saves/restores the dlist state. I'll remove it. -Brian ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Mesa3d-dev mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/mesa3d-dev
