[Mesa-dev] [PATCH] gallium/drivers: initialize pipe_resource::next to NULL
Rob Clark
robdclark at gmail.com
Mon Oct 3 16:07:08 UTC 2016
Fix potential issues if state-tracker passes in garbage in templ->next
ptr.
See:
https://lists.freedesktop.org/archives/mesa-dev/2016-September/129867.html
Signed-off-by: Rob Clark <robdclark at gmail.com>
---
src/gallium/drivers/freedreno/freedreno_resource.c | 2 ++
src/gallium/drivers/i915/i915_resource_buffer.c | 1 +
src/gallium/drivers/i915/i915_resource_texture.c | 2 ++
src/gallium/drivers/ilo/ilo_resource.c | 2 ++
src/gallium/drivers/llvmpipe/lp_texture.c | 2 ++
src/gallium/drivers/noop/noop_pipe.c | 1 +
src/gallium/drivers/nouveau/nouveau_buffer.c | 1 +
src/gallium/drivers/nouveau/nv30/nv30_miptree.c | 2 ++
src/gallium/drivers/nouveau/nv50/nv50_miptree.c | 2 ++
src/gallium/drivers/nouveau/nvc0/nvc0_miptree.c | 1 +
src/gallium/drivers/r300/r300_screen_buffer.c | 1 +
src/gallium/drivers/r600/evergreen_compute.c | 1 +
src/gallium/drivers/rbug/rbug_objects.c | 1 +
src/gallium/drivers/softpipe/sp_texture.c | 2 ++
src/gallium/drivers/svga/svga_resource_buffer.c | 1 +
src/gallium/drivers/svga/svga_resource_texture.c | 2 ++
src/gallium/drivers/swr/swr_screen.cpp | 1 +
src/gallium/drivers/trace/tr_texture.c | 1 +
src/gallium/drivers/vc4/vc4_resource.c | 1 +
src/gallium/drivers/virgl/virgl_buffer.c | 1 +
src/gallium/drivers/virgl/virgl_texture.c | 2 ++
21 files changed, 30 insertions(+)
diff --git a/src/gallium/drivers/freedreno/freedreno_resource.c b/src/gallium/drivers/freedreno/freedreno_resource.c
index 1874271..2f37fae 100644
--- a/src/gallium/drivers/freedreno/freedreno_resource.c
+++ b/src/gallium/drivers/freedreno/freedreno_resource.c
@@ -795,6 +795,7 @@ fd_resource_create(struct pipe_screen *pscreen,
return NULL;
*prsc = *tmpl;
+ prsc->next = NULL;
pipe_reference_init(&prsc->reference, 1);
@@ -891,6 +892,7 @@ fd_resource_from_handle(struct pipe_screen *pscreen,
return NULL;
*prsc = *tmpl;
+ prsc->next = NULL;
pipe_reference_init(&prsc->reference, 1);
diff --git a/src/gallium/drivers/i915/i915_resource_buffer.c b/src/gallium/drivers/i915/i915_resource_buffer.c
index 2572fc4..038b1bb 100644
--- a/src/gallium/drivers/i915/i915_resource_buffer.c
+++ b/src/gallium/drivers/i915/i915_resource_buffer.c
@@ -125,6 +125,7 @@ i915_buffer_create(struct pipe_screen *screen,
return NULL;
buf->b.b = *template;
+ buf->b.b.next = NULL;
buf->b.vtbl = &i915_buffer_vtbl;
pipe_reference_init(&buf->b.b.reference, 1);
buf->b.b.screen = screen;
diff --git a/src/gallium/drivers/i915/i915_resource_texture.c b/src/gallium/drivers/i915/i915_resource_texture.c
index 4ade04f..a5e2f50 100644
--- a/src/gallium/drivers/i915/i915_resource_texture.c
+++ b/src/gallium/drivers/i915/i915_resource_texture.c
@@ -930,6 +930,7 @@ i915_texture_create(struct pipe_screen *screen,
return NULL;
tex->b.b = *template;
+ tex->b.b.next = NULL;
tex->b.vtbl = &i915_texture_vtbl;
pipe_reference_init(&tex->b.b.reference, 1);
tex->b.b.screen = screen;
@@ -1003,6 +1004,7 @@ i915_texture_from_handle(struct pipe_screen * screen,
return NULL;
tex->b.b = *template;
+ tex->b.b.next = NULL;
tex->b.vtbl = &i915_texture_vtbl;
pipe_reference_init(&tex->b.b.reference, 1);
tex->b.b.screen = screen;
diff --git a/src/gallium/drivers/ilo/ilo_resource.c b/src/gallium/drivers/ilo/ilo_resource.c
index 5ca7e1b..fb294fb 100644
--- a/src/gallium/drivers/ilo/ilo_resource.c
+++ b/src/gallium/drivers/ilo/ilo_resource.c
@@ -555,6 +555,7 @@ tex_create(struct pipe_screen *screen,
return NULL;
tex->base = *templ;
+ tex->base.next = NULL;
tex->base.screen = screen;
pipe_reference_init(&tex->base.reference, 1);
@@ -629,6 +630,7 @@ buf_create(struct pipe_screen *screen, const struct pipe_resource *templ)
return NULL;
buf->base = *templ;
+ buf->base.next = NULL;
buf->base.screen = screen;
pipe_reference_init(&buf->base.reference, 1);
diff --git a/src/gallium/drivers/llvmpipe/lp_texture.c b/src/gallium/drivers/llvmpipe/lp_texture.c
index 733253b..49d9c2f 100644
--- a/src/gallium/drivers/llvmpipe/lp_texture.c
+++ b/src/gallium/drivers/llvmpipe/lp_texture.c
@@ -247,6 +247,7 @@ llvmpipe_resource_create_front(struct pipe_screen *_screen,
return NULL;
lpr->base = *templat;
+ lpr->base.next = NULL;
pipe_reference_init(&lpr->base.reference, 1);
lpr->base.screen = &screen->base;
@@ -448,6 +449,7 @@ llvmpipe_resource_from_handle(struct pipe_screen *screen,
}
lpr->base = *template;
+ lpr->base.next = NULL;
pipe_reference_init(&lpr->base.reference, 1);
lpr->base.screen = screen;
diff --git a/src/gallium/drivers/noop/noop_pipe.c b/src/gallium/drivers/noop/noop_pipe.c
index 3013019..0cbc370 100644
--- a/src/gallium/drivers/noop/noop_pipe.c
+++ b/src/gallium/drivers/noop/noop_pipe.c
@@ -107,6 +107,7 @@ static struct pipe_resource *noop_resource_create(struct pipe_screen *screen,
stride = util_format_get_stride(templ->format, templ->width0);
nresource->base = *templ;
+ nresource->base.next = NULL;
nresource->base.screen = screen;
nresource->size = stride * templ->height0 * templ->depth0;
nresource->data = MALLOC(nresource->size);
diff --git a/src/gallium/drivers/nouveau/nouveau_buffer.c b/src/gallium/drivers/nouveau/nouveau_buffer.c
index 17052b2..b0b519c 100644
--- a/src/gallium/drivers/nouveau/nouveau_buffer.c
+++ b/src/gallium/drivers/nouveau/nouveau_buffer.c
@@ -649,6 +649,7 @@ nouveau_buffer_create(struct pipe_screen *pscreen,
return NULL;
buffer->base = *templ;
+ buffer->base.next = NULL;
buffer->vtbl = &nouveau_buffer_vtbl;
pipe_reference_init(&buffer->base.reference, 1);
buffer->base.screen = pscreen;
diff --git a/src/gallium/drivers/nouveau/nv30/nv30_miptree.c b/src/gallium/drivers/nouveau/nv30/nv30_miptree.c
index 165b8f2..f56caf6 100644
--- a/src/gallium/drivers/nouveau/nv30/nv30_miptree.c
+++ b/src/gallium/drivers/nouveau/nv30/nv30_miptree.c
@@ -391,6 +391,7 @@ nv30_miptree_create(struct pipe_screen *pscreen,
mt->base.vtbl = &nv30_miptree_vtbl;
*pt = *tmpl;
+ pt->next = NULL;
pipe_reference_init(&pt->reference, 1);
pt->screen = pscreen;
@@ -484,6 +485,7 @@ nv30_miptree_from_handle(struct pipe_screen *pscreen,
}
mt->base.base = *tmpl;
+ mt->base.base.next = NULL;
mt->base.vtbl = &nv30_miptree_vtbl;
pipe_reference_init(&mt->base.base.reference, 1);
mt->base.base.screen = pscreen;
diff --git a/src/gallium/drivers/nouveau/nv50/nv50_miptree.c b/src/gallium/drivers/nouveau/nv50/nv50_miptree.c
index f2e304f..d9ffae3 100644
--- a/src/gallium/drivers/nouveau/nv50/nv50_miptree.c
+++ b/src/gallium/drivers/nouveau/nv50/nv50_miptree.c
@@ -348,6 +348,7 @@ nv50_miptree_create(struct pipe_screen *pscreen,
mt->base.vtbl = &nv50_miptree_vtbl;
*pt = *templ;
+ pt->next = NULL;
pipe_reference_init(&pt->reference, 1);
pt->screen = pscreen;
@@ -426,6 +427,7 @@ nv50_miptree_from_handle(struct pipe_screen *pscreen,
mt->base.address = mt->base.bo->offset;
mt->base.base = *templ;
+ mt->base.base.next = NULL;
mt->base.vtbl = &nv50_miptree_vtbl;
pipe_reference_init(&mt->base.base.reference, 1);
mt->base.base.screen = pscreen;
diff --git a/src/gallium/drivers/nouveau/nvc0/nvc0_miptree.c b/src/gallium/drivers/nouveau/nvc0/nvc0_miptree.c
index 27674f7..9c778b0 100644
--- a/src/gallium/drivers/nouveau/nvc0/nvc0_miptree.c
+++ b/src/gallium/drivers/nouveau/nvc0/nvc0_miptree.c
@@ -260,6 +260,7 @@ nvc0_miptree_create(struct pipe_screen *pscreen,
mt->base.vtbl = &nvc0_miptree_vtbl;
*pt = *templ;
+ pt->next = NULL;
pipe_reference_init(&pt->reference, 1);
pt->screen = pscreen;
diff --git a/src/gallium/drivers/r300/r300_screen_buffer.c b/src/gallium/drivers/r300/r300_screen_buffer.c
index 4747058..24dd92f 100644
--- a/src/gallium/drivers/r300/r300_screen_buffer.c
+++ b/src/gallium/drivers/r300/r300_screen_buffer.c
@@ -163,6 +163,7 @@ struct pipe_resource *r300_buffer_create(struct pipe_screen *screen,
rbuf = MALLOC_STRUCT(r300_resource);
rbuf->b.b = *templ;
+ rbuf->b.b.next = NULL;
rbuf->b.vtbl = &r300_buffer_vtbl;
pipe_reference_init(&rbuf->b.b.reference, 1);
rbuf->b.b.screen = screen;
diff --git a/src/gallium/drivers/r600/evergreen_compute.c b/src/gallium/drivers/r600/evergreen_compute.c
index fe43f37..5dd055c 100644
--- a/src/gallium/drivers/r600/evergreen_compute.c
+++ b/src/gallium/drivers/r600/evergreen_compute.c
@@ -1027,6 +1027,7 @@ struct pipe_resource *r600_compute_global_buffer_create(struct pipe_screen *scre
result->base.b.vtbl = &r600_global_buffer_vtbl;
result->base.b.b = *templ;
+ result->base.b.b.next = NULL;
result->base.b.b.screen = screen;
pipe_reference_init(&result->base.b.b.reference, 1);
diff --git a/src/gallium/drivers/rbug/rbug_objects.c b/src/gallium/drivers/rbug/rbug_objects.c
index 2aa4e12..450fb3c 100644
--- a/src/gallium/drivers/rbug/rbug_objects.c
+++ b/src/gallium/drivers/rbug/rbug_objects.c
@@ -55,6 +55,7 @@ rbug_resource_create(struct rbug_screen *rb_screen,
memcpy(&rb_resource->base, resource, sizeof(struct pipe_resource));
pipe_reference_init(&rb_resource->base.reference, 1);
+ rb_resource->base.next = NULL;
rb_resource->base.screen = &rb_screen->base;
rb_resource->resource = resource;
diff --git a/src/gallium/drivers/softpipe/sp_texture.c b/src/gallium/drivers/softpipe/sp_texture.c
index 8dca158..4cf06ca 100644
--- a/src/gallium/drivers/softpipe/sp_texture.c
+++ b/src/gallium/drivers/softpipe/sp_texture.c
@@ -162,6 +162,7 @@ softpipe_resource_create_front(struct pipe_screen *screen,
assert(templat->format != PIPE_FORMAT_NONE);
spr->base = *templat;
+ spr->base.next = NULL;
pipe_reference_init(&spr->base.reference, 1);
spr->base.screen = screen;
@@ -227,6 +228,7 @@ softpipe_resource_from_handle(struct pipe_screen *screen,
return NULL;
spr->base = *templat;
+ spr->base.next = NULL;
pipe_reference_init(&spr->base.reference, 1);
spr->base.screen = screen;
diff --git a/src/gallium/drivers/svga/svga_resource_buffer.c b/src/gallium/drivers/svga/svga_resource_buffer.c
index 99ed1a2..0957d61 100644
--- a/src/gallium/drivers/svga/svga_resource_buffer.c
+++ b/src/gallium/drivers/svga/svga_resource_buffer.c
@@ -404,6 +404,7 @@ svga_buffer_create(struct pipe_screen *screen,
goto error1;
sbuf->b.b = *template;
+ sbuf->b.b.next = NULL;
sbuf->b.vtbl = &svga_buffer_vtbl;
pipe_reference_init(&sbuf->b.b.reference, 1);
sbuf->b.b.screen = screen;
diff --git a/src/gallium/drivers/svga/svga_resource_texture.c b/src/gallium/drivers/svga/svga_resource_texture.c
index fc5c374..5853e3a 100644
--- a/src/gallium/drivers/svga/svga_resource_texture.c
+++ b/src/gallium/drivers/svga/svga_resource_texture.c
@@ -902,6 +902,7 @@ svga_texture_create(struct pipe_screen *screen,
}
tex->b.b = *template;
+ tex->b.b.next = NULL;
tex->b.vtbl = &svga_texture_vtbl;
pipe_reference_init(&tex->b.b.reference, 1);
tex->b.b.screen = screen;
@@ -1166,6 +1167,7 @@ svga_texture_from_handle(struct pipe_screen *screen,
}
tex->b.b = *template;
+ tex->b.b.next = NULL;
tex->b.vtbl = &svga_texture_vtbl;
pipe_reference_init(&tex->b.b.reference, 1);
tex->b.b.screen = screen;
diff --git a/src/gallium/drivers/swr/swr_screen.cpp b/src/gallium/drivers/swr/swr_screen.cpp
index 90fc77e..119be4f 100644
--- a/src/gallium/drivers/swr/swr_screen.cpp
+++ b/src/gallium/drivers/swr/swr_screen.cpp
@@ -863,6 +863,7 @@ swr_resource_create(struct pipe_screen *_screen,
return NULL;
res->base = *templat;
+ res->base.next = NULL;
pipe_reference_init(&res->base.reference, 1);
res->base.screen = &screen->base;
diff --git a/src/gallium/drivers/trace/tr_texture.c b/src/gallium/drivers/trace/tr_texture.c
index 47845a3..be9e33a 100644
--- a/src/gallium/drivers/trace/tr_texture.c
+++ b/src/gallium/drivers/trace/tr_texture.c
@@ -53,6 +53,7 @@ trace_resource_create(struct trace_screen *tr_scr,
memcpy(&tr_res->base, texture, sizeof(struct pipe_resource));
pipe_reference_init(&tr_res->base.reference, 1);
+ tr_res->base.next = NULL;
tr_res->base.screen = &tr_scr->base;
tr_res->resource = texture;
diff --git a/src/gallium/drivers/vc4/vc4_resource.c b/src/gallium/drivers/vc4/vc4_resource.c
index bfa8f40..ff70599 100644
--- a/src/gallium/drivers/vc4/vc4_resource.c
+++ b/src/gallium/drivers/vc4/vc4_resource.c
@@ -461,6 +461,7 @@ vc4_resource_setup(struct pipe_screen *pscreen,
*prsc = *tmpl;
pipe_reference_init(&prsc->reference, 1);
+ prsc->next = NULL;
prsc->screen = pscreen;
rsc->base.vtbl = &vc4_resource_vtbl;
diff --git a/src/gallium/drivers/virgl/virgl_buffer.c b/src/gallium/drivers/virgl/virgl_buffer.c
index de99796..9ef5f9d 100644
--- a/src/gallium/drivers/virgl/virgl_buffer.c
+++ b/src/gallium/drivers/virgl/virgl_buffer.c
@@ -156,6 +156,7 @@ struct pipe_resource *virgl_buffer_create(struct virgl_screen *vs,
buf = CALLOC_STRUCT(virgl_buffer);
buf->base.clean = TRUE;
buf->base.u.b = *template;
+ buf->base.u.b.next = NULL;
buf->base.u.b.screen = &vs->base;
buf->base.u.vtbl = &virgl_buffer_vtbl;
pipe_reference_init(&buf->base.u.b.reference, 1);
diff --git a/src/gallium/drivers/virgl/virgl_texture.c b/src/gallium/drivers/virgl/virgl_texture.c
index 24bbc3c..64649e2 100644
--- a/src/gallium/drivers/virgl/virgl_texture.c
+++ b/src/gallium/drivers/virgl/virgl_texture.c
@@ -316,6 +316,7 @@ virgl_texture_from_handle(struct virgl_screen *vs,
tex = CALLOC_STRUCT(virgl_texture);
tex->base.u.b = *template;
+ tex->base.u.b.next = NULL;
tex->base.u.b.screen = &vs->base;
pipe_reference_init(&tex->base.u.b.reference, 1);
tex->base.u.vtbl = &virgl_texture_vtbl;
@@ -335,6 +336,7 @@ struct pipe_resource *virgl_texture_create(struct virgl_screen *vs,
tex = CALLOC_STRUCT(virgl_texture);
tex->base.clean = TRUE;
tex->base.u.b = *template;
+ tex->base.u.b.next = NULL;
tex->base.u.b.screen = &vs->base;
pipe_reference_init(&tex->base.u.b.reference, 1);
tex->base.u.vtbl = &virgl_texture_vtbl;
--
2.7.4
More information about the mesa-dev
mailing list