[cairo-bugs] [Bug 91307] New: _cairo_gl_surface_resolve_multisampling called with a cairo_gl_source_t* casted to a cairo_gl_surface_t*
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Sat Jul 11 08:07:40 PDT 2015
https://bugs.freedesktop.org/show_bug.cgi?id=91307
Bug ID: 91307
Summary: _cairo_gl_surface_resolve_multisampling called with a
cairo_gl_source_t* casted to a cairo_gl_surface_t*
Product: cairo
Version: unspecified
Hardware: Other
OS: All
Status: NEW
Severity: normal
Priority: medium
Component: gl backend
Assignee: cairo-bugs at cairographics.org
Reporter: sixtysix at inwind.it
QA Contact: cairo-bugs at cairographics.org
Running:
>( cd test && DISPLAY=:2 CAIRO_TEST_TARGET=gl valgrind --track-origins=yes .libs/cairo-test-suite -f text-rotate)
valgrind reports:
text-rotate.gl.argb32 [0x1]: ==23402== Invalid read of size 4
>==2== at 0x4CCF3B0: _cairo_gl_surface_resolve_multisampling (cairo/src/cairo-gl-surface.c:1314)
>==2== by 0x4CC88B8: _cairo_gl_surface_operand_init (cairo/src/cairo-gl-operand.c:251)
>==2== by 0x4CC88B8: _cairo_gl_operand_init (cairo/src/cairo-gl-operand.c:529)
>==2== by 0x4CCD92F: _cairo_gl_pattern_to_source (cairo/src/cairo-gl-source.c:82)
>==2== by 0x4C7F330: composite_aligned_boxes (cairo/src/cairo-spans-compositor.c:678)
>==2== by 0x4C7F330: clip_and_composite_boxes.part.11 (cairo/src/cairo-spans-compositor.c:882)
>==2== by 0x4C7F92D: clip_and_composite_boxes (cairo/src/cairo-spans-compositor.c:901)
>==2== by 0x4C7FC15: _cairo_spans_compositor_mask (cairo/src/cairo-spans-compositor.c:999)
>==2== by 0x4C3A3C8: _cairo_compositor_mask (cairo/src/cairo-compositor.c:106)
>==2== by 0x4C82D5B: _cairo_surface_mask (cairo/src/cairo-surface.c:2166)
>==2== by 0x4CC747D: render_glyphs_via_mask (cairo/src/cairo-gl-glyphs.c:401)
>==2== by 0x4CC7612: _cairo_gl_composite_glyphs_with_clip (cairo/src/cairo-gl-glyphs.c:461)
>==2== by 0x4CC7653: _cairo_gl_composite_glyphs (cairo/src/cairo-gl-glyphs.c:482)
>==2== by 0x4C93C76: clip_and_composite (cairo/src/cairo-traps-compositor.c:1049)
>==2== by 0x4C93E6C: _cairo_traps_compositor_glyphs (cairo/src/cairo-traps-compositor.c:2335)
>==2== by 0x4C3A69E: _cairo_compositor_glyphs (cairo/src/cairo-compositor.c:250)
>==2== by 0x4CCDA37: _cairo_gl_surface_glyphs (cairo/src/cairo-gl-surface.c:1424)
>==2== by 0x4C835F2: _cairo_surface_show_text_glyphs (cairo/src/cairo-surface.c:2600)
>==2== by 0x4C43917: _cairo_gstate_show_text_glyphs (cairo/src/cairo-gstate.c:2023)
>==2== by 0x4C36295: cairo_show_text (cairo/src/cairo.c:3263)
>==2== by 0x44A26C: draw_quadrant (cairo/test/text-rotate.c:120)
>==2== by 0x44A3ED: draw (cairo/test/text-rotate.c:168)
>==2== by 0x40E04B: cairo_test_for_target (cairo/test/cairo-test.c:929)
>==2== by 0x40EEC1: _cairo_test_context_run_for_target (cairo/test/cairo-test.c:1551)
>==2== by 0x40BB13: _cairo_test_runner_draw (cairo/test/cairo-test-runner.c:255)
>==2== by 0x40BB13: main (cairo/test/cairo-test-runner.c:937)
>==2== Address 0x90247dc is 20 bytes before a block of size 1,040 alloc'd
>==2== at 0x4A08987: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
>==2== by 0x5C588C1: ??? (in /usr/lib64/dri/i965_dri.so)
>==2== by 0x599D878: ??? (in /usr/lib64/dri/i965_dri.so)
>==2== by 0x4CCEC67: _create_scratch_internal (cairo/src/cairo-gl-surface.c:457)
>==2== by 0x4CCED4C: _cairo_gl_surface_create_scratch (cairo/src/cairo-gl-surface.c:512)
To silence this warning it is sufficient to return CAIRO_INT_STATUS_SUCCESS
if _cairo_surface_is_gl (&surface->base) fails at line 1314 of
src/cairo-gl-surface.c.
http://cgit.freedesktop.org/cairo/tree/src/cairo-gl-surface.c#n1311
Another apparent fix could be to anticipate the if (surface->base.device ==
NULL)
before the if (! surface->msaa_active) as it seems gl_source_t are created
with a NULL device pointer.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cairographics.org/archives/cairo-bugs/attachments/20150711/2c3a5946/attachment.html>
More information about the cairo-bugs
mailing list