Mesa (master): st/glsl_to_tgsi: fix potential crash when allocating temporaries
Samuel Pitoiset
hakzsam at kemper.freedesktop.org
Sat Apr 30 15:44:35 UTC 2016
Module: Mesa
Branch: master
Commit: 8f2238ccbae399a20fce24c5941accced7cee8d2
URL: http://cgit.freedesktop.org/mesa/mesa/commit/?id=8f2238ccbae399a20fce24c5941accced7cee8d2
Author: Samuel Pitoiset <samuel.pitoiset at gmail.com>
Date: Thu Apr 28 21:09:12 2016 +0200
st/glsl_to_tgsi: fix potential crash when allocating temporaries
When index - t->temps_size is greater than 4096, allocating space for
temporaries on demand will miserably crash. This can happen when a game
uses a lot of temporaries like the recent released Tomb raider.
Signed-off-by: Samuel Pitoiset <samuel.pitoiset at gmail.com>
Reviewed-by: Ilia Mirkin <imirkin at alum.mit.edu>
Reviewed-by: Nicolai Hähnle <nicolai.haehnle at amd.com>
Cc: "11.1 11.2" <mesa-stable at lists.freedesktop.org>
---
src/mesa/state_tracker/st_glsl_to_tgsi.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/mesa/state_tracker/st_glsl_to_tgsi.cpp b/src/mesa/state_tracker/st_glsl_to_tgsi.cpp
index 3c4c91b..060e854 100644
--- a/src/mesa/state_tracker/st_glsl_to_tgsi.cpp
+++ b/src/mesa/state_tracker/st_glsl_to_tgsi.cpp
@@ -5360,7 +5360,7 @@ dst_register(struct st_translate *t, gl_register_file file, unsigned index,
case PROGRAM_TEMPORARY:
/* Allocate space for temporaries on demand. */
if (index >= t->temps_size) {
- const int inc = 4096;
+ const int inc = align(index - t->temps_size + 1, 4096);
t->temps = (struct ureg_dst*)
realloc(t->temps,
More information about the mesa-commit
mailing list