[Mesa-dev] [PATCH] st/glsl_to_tgsi: fix potential crash when allocating temporaries
Nicolai Hähnle
nhaehnle at gmail.com
Thu Apr 28 22:55:29 UTC 2016
Reviewed-by: Nicolai Hähnle <nicolai.haehnle at amd.com>
On 28.04.2016 14:09, Samuel Pitoiset wrote:
> When index - t->temps_size is greater than 4096, allocating space for
> temporaries on demand will miserably crash. This can happen when a game
> uses a lot of temporaries like the recent released Tomb raider.
>
> Signed-off-by: Samuel Pitoiset <samuel.pitoiset at gmail.com>
> ---
> src/mesa/state_tracker/st_glsl_to_tgsi.cpp | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/mesa/state_tracker/st_glsl_to_tgsi.cpp b/src/mesa/state_tracker/st_glsl_to_tgsi.cpp
> index ad818a8..7ba9856 100644
> --- a/src/mesa/state_tracker/st_glsl_to_tgsi.cpp
> +++ b/src/mesa/state_tracker/st_glsl_to_tgsi.cpp
> @@ -5348,7 +5348,7 @@ dst_register(struct st_translate *t, gl_register_file file, unsigned index,
> case PROGRAM_TEMPORARY:
> /* Allocate space for temporaries on demand. */
> if (index >= t->temps_size) {
> - const int inc = 4096;
> + const int inc = align(index - t->temps_size + 1, 4096);
>
> t->temps = (struct ureg_dst*)
> realloc(t->temps,
>
More information about the mesa-dev
mailing list