[Mesa-dev] [PATCH v1] i915: fixing driver crashes if too few vertices are submitted
Eirik Byrkjeflot Anonsen
eirik at eirikba.org
Wed Sep 9 12:18:05 PDT 2015
Marius Predut <marius.predut at intel.com> writes:
> Comparison with a signed expression and unsigned value
> is converted to unsigned value, reason for minus value is interpreted
> as a big unsigned value. For this case the "for" loop
> is going into unexpected behavior.
>
> Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=38109
> Signed-off-by: Marius Predut <marius.predut at intel.com>
> ---
> src/mesa/tnl_dd/t_dd_dmatmp.h | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/src/mesa/tnl_dd/t_dd_dmatmp.h b/src/mesa/tnl_dd/t_dd_dmatmp.h
> index 7be3954..88ecc78 100644
> --- a/src/mesa/tnl_dd/t_dd_dmatmp.h
> +++ b/src/mesa/tnl_dd/t_dd_dmatmp.h
> @@ -627,6 +627,8 @@ static void TAG(render_quads_verts)( struct gl_context *ctx,
> LOCAL_VARS;
> GLuint j;
>
> + if(count%4 != 0) return;
> +
Seems to me that does a bit more than just fixing the crash. I would
think
if (count < 4)
would fix the crash only. (And then quite possibly you won't need the
next hunk?) But I have no idea whether the side effect is desired.
(Actually, what if count is 0? Or is that impossible?)
eirik
> INIT(GL_TRIANGLES);
>
> for (j = start; j < count-3; j += 4) {
> @@ -1248,7 +1250,7 @@ static GLboolean TAG(validate_render)( struct gl_context *ctx,
> ok = (GLint) count < GET_SUBSEQUENT_VB_MAX_ELTS();
> }
> else {
> - ok = HAVE_TRIANGLES; /* flatshading is ok. */
> + ok = HAVE_TRIANGLES && (count%4 == 0); /* flatshading is ok. */
> }
> break;
> default:
> --
> 1.9.1
>
> _______________________________________________
> mesa-dev mailing list
> mesa-dev at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/mesa-dev
More information about the mesa-dev
mailing list