[Bug 99677] heap-use-after-free in glsl
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Feb 7 08:36:47 UTC 2017
https://bugs.freedesktop.org/show_bug.cgi?id=99677
--- Comment #2 from Bartosz Tomczyk <bartosz.tomczyk86 at gmail.com> ---
Hi Samuel,
I don't have setup to reproduce it right now. I will update you will more
details in the evening.
But I looked at current mesa git and the bug is definitively there.
Look at src/compiler/glsl/ast_to_hir.cpp:5210 - function
get_variable_being_redeclared can free 'var', and then it could be
dereferenced at src/compiler/glsl/ast_to_hir.cpp:5266. This is exactly what
address sanitizer showed.
--
You are receiving this mail because:
You are the QA Contact for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/intel-3d-bugs/attachments/20170207/977aa839/attachment.html>
More information about the intel-3d-bugs
mailing list