For the VS and FS stages that use ARB_vertex_program or
ARB_fragment_program we don't have a shader program, however,
when debuging is enabled, we call brw_dump_ir like this:
brw_dump_ir("vertex", prog, &vs->base, &vp->program.Base);
which unconditionally dereferences vs, producing a NULL pointer
dereference in the situation explained above, as observed in this
gdb session for glxgears right before we call brw_dump_ir:
prog=0x0, vp=0x960f50, key=0x7fffffffc940) at brw_vs.c:174
(gdb) p vs
$7 = (struct brw_shader *) 0x0
(gdb) p vp
$8 = (struct brw_vertex_program *) 0x960f50
---
src/mesa/drivers/dri/i965/brw_vs.c | 2 +-
src/mesa/drivers/dri/i965/brw_wm.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/mesa/drivers/dri/i965/brw_vs.c
b/src/mesa/drivers/dri/i965/brw_vs.c
index 38de98f..60fb5fa 100644
--- a/src/mesa/drivers/dri/i965/brw_vs.c
+++ b/src/mesa/drivers/dri/i965/brw_vs.c
@@ -171,7 +171,7 @@ brw_codegen_vs_prog(struct brw_context *brw,
}
if (unlikely(INTEL_DEBUG & DEBUG_VS))
- brw_dump_ir("vertex", prog, &vs->base, &vp->program.Base);
+ brw_dump_ir("vertex", prog, vs ? &vs->base : NULL, &vp->program.Base);
int st_index = -1;
if (INTEL_DEBUG & DEBUG_SHADER_TIME)
diff --git a/src/mesa/drivers/dri/i965/brw_wm.c
b/src/mesa/drivers/dri/i965/brw_wm.c
index 4d5e7f6..65de543 100644
--- a/src/mesa/drivers/dri/i965/brw_wm.c
+++ b/src/mesa/drivers/dri/i965/brw_wm.c
@@ -222,7 +222,7 @@ brw_codegen_wm_prog(struct brw_context *brw,
}
if (unlikely(INTEL_DEBUG & DEBUG_WM))
- brw_dump_ir("fragment", prog, &fs->base, &fp->program.Base);
+ brw_dump_ir("fragment", prog, fs ? &fs->base : NULL, &fp->program.Base);
int st_index8 = -1, st_index16 = -1;
if (INTEL_DEBUG & DEBUG_SHADER_TIME) {
--
1.9.1
_______________________________________________
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/mesa-dev
