http://bugs.winehq.org/show_bug.cgi?id=22000
Summary: Gallium + Indexed rendering = Null pointer dereference Product: Wine Version: unspecified Platform: x86 OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: directx-d3d AssignedTo: wine-bugs@winehq.org ReportedBy: MostAwesomeDude@gmail.com
Created an attachment (id=26727) --> (http://bugs.winehq.org/attachment.cgi?id=26727) Failed device.ok test in d3d9
First off, I *am* upstream (Mesa/Gallium), so assume they've been contacted. :3
Gallium and indexed rendering are not very happy with each other. I get some fairly solidly reliable segfaults with both a d3d9 DLL test (device.ok) and Civ4 (Steam version). Hardware is a Radeon R580 (X1900), driver is r300g from Mesa git.
I'm attaching four logs. The first two are the original test and Civ4 logs; the second two are the same, but edited to show the juicy bits.
My current guess, based on the Mesa debug info I dumped, is that the indexed rendering code is slightly baked and maybe trusting the underlying GL driver a bit too much.
get_arrays_bounds: Handling 2 attrs attr 0: stride 16 size 12 start (nil) end 0xfffffffc attr 1: stride 16 size 4 start 0xc end (nil) buffer range: (nil) 0xfffffffc range -4 max index 4294967295
So right here (from device.ok) we have interleaved userspace VBO, that is being prepped inside core Mesa. Two delightful things here; the first attr seems way off-base, it shouldn't dare be giving us bad pointers, and the second attr's pointers don't even line up! Compare to a sane program (Mesa's drawarrays):
get_arrays_bounds: Handling 2 attrs attr 0: stride 16 size 12 start 0x8087020 end 0x808705c attr 1: stride 16 size 4 start 0x808702c end 0x8087060 buffer range: 0x8087020 0x8087060 range 64 max index 3
r300g doesn't really care. The kernel drops the rendering on the floor for a variety of reasons, not least being the ridiculous max_index.
But then it segfaults, and I have zero idea why. I'd guess it's something to do with tossing around NULL pointers like candy, but I'm honestly not sure and I haven't really dug into the DLL code yet.