[Mesa-dev] [PATCH 4/4] i965: Use safer pointer arithmetic in gather_oa_results()

Chad Versace chad.versace at linux.intel.com
Tue Nov 18 21:02:13 PST 2014

This patch reduces the likelihood of pointer arithmetic overflow bugs in
gather_oa_results(), like the one fixed by b69c7c5dac.

I haven't yet encountered any overflow bugs in the wild along this
patch's codepath. But I get nervous when I see code patterns like this:

   (void*) + (int) * (int)

I smell 32-bit overflow all over this code.

This patch retypes 'snapshot_size' to 'ptrdiff_t', which should fix any
potential overflow.

Cc: Ian Romanick <idr at freedesktop.org>
Cc: Kenneth Graunke <kenneth at whitecape.org>
Signed-off-by: Chad Versace <chad.versace at linux.intel.com>
 src/mesa/drivers/dri/i965/brw_performance_monitor.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/mesa/drivers/dri/i965/brw_performance_monitor.c b/src/mesa/drivers/dri/i965/brw_performance_monitor.c
index edfa3d2..e683e40 100644
--- a/src/mesa/drivers/dri/i965/brw_performance_monitor.c
+++ b/src/mesa/drivers/dri/i965/brw_performance_monitor.c
@@ -907,7 +907,7 @@ gather_oa_results(struct brw_context *brw,
-   const int snapshot_size = brw->perfmon.entries_per_oa_snapshot;
+   const ptrdiff_t snapshot_size = brw->perfmon.entries_per_oa_snapshot;
    /* First, add the contributions from the "head" interval:
     * (snapshot taken at BeginPerfMonitor time,

More information about the mesa-dev mailing list