Hi, it seems the USE_XCB path in indirect glReadPixels doesn't take the state set e.g. with glPixelStorei( GL_PACK_ALIGNMENT, 1 ) into account. The non-xcb path uses __glEmptyImage which does use these values, the xcb path does a plain memcpy which may overwrite the caller's buffer.
as a PoC, the patch below seems to fix the crashes and valgrind complaints I'd been seeing. A real fix would involve glX_proto_send.py. diff --git a/src/glx/indirect.c b/src/glx/indirect.c index a6b0c0d..ea0ccf2 100644 --- a/src/glx/indirect.c +++ b/src/glx/indirect.c @@ -3756,9 +3756,7 @@ __indirect_glReadPixels(GLint x, GLint y, GLsizei width, GLsizei height, state->storePack. swapEndian, 0), NULL); - (void) memcpy(pixels, xcb_glx_read_pixels_data(reply), - xcb_glx_read_pixels_data_length(reply) * - sizeof(GLvoid)); + __glEmptyImage(gc, 3, width, height, 1, format, type, xcb_glx_read_pixels_data(reply), pixels); free(reply); #else GLubyte const *pc =
http://lists.freedesktop.org/pipermail/mesa-dev/2012-July/024302.html
fixed in master, commit ac889b24109ba0aec4f8c7f103d3c23e78c11a29
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.