[Mesa-dev] [PATCH] mesa/st: Fix NULL access if no fragment shader is bound
Bas Nieuwenhuizen
bas at basnieuwenhuizen.nl
Mon Mar 28 16:20:46 UTC 2016
This can happen when using glDispatchCompute while having only a
compute shader bound.
As far as I can see st_upload_constants is only called with
shader_type = PIPE_SHADER_FRAGMENT if st->fp is not null, and in other
calls the second part of the if condition does not get executed.
- Bas
On Mon, Mar 28, 2016 at 6:05 PM, Miklós Máté <mtmkls at gmail.com> wrote:
> On 03/28/2016 05:01 PM, Bas Nieuwenhuizen wrote:
>>
>> Signed-off-by: Bas Nieuwenhuizen <bas at basnieuwenhuizen.nl>
>> ---
>> src/mesa/state_tracker/st_atom_constbuf.c | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/src/mesa/state_tracker/st_atom_constbuf.c
>> b/src/mesa/state_tracker/st_atom_constbuf.c
>> index 4d9b344..a980dbe 100644
>> --- a/src/mesa/state_tracker/st_atom_constbuf.c
>> +++ b/src/mesa/state_tracker/st_atom_constbuf.c
>> @@ -65,8 +65,8 @@ void st_upload_constants( struct st_context *st,
>> shader_type == PIPE_SHADER_COMPUTE);
>> /* update the ATI constants before rendering */
>> - struct ati_fragment_shader *ati_fs = st->fp->ati_fs;
>> - if (shader_type == PIPE_SHADER_FRAGMENT && ati_fs) {
>> + if (shader_type == PIPE_SHADER_FRAGMENT && st->fp->ati_fs) {
>> + struct ati_fragment_shader *ati_fs = st->fp->ati_fs;
>> unsigned c;
>> for (c = 0; c < MAX_NUM_FRAGMENT_CONSTANTS_ATI; c++) {
>
>
> Could you please provide a test program that demonstrates the NULL access?
> AFAIK st->fp is either a user-supplied
> shader or a shader that implements the fixed-function fragment operation,
> and I don't know how it could be NULL.
> BTW if st->fp is NULL, then this segfaults even after your change.
>
> MM
>
> _______________________________________________
> mesa-dev mailing list
> mesa-dev at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/mesa-dev
More information about the mesa-dev
mailing list