[Mesa-dev] [Bug 99465] vtn_vector_construct writing out of bounds when given multiple non-zero length sources

Thu Jan 19 23:46:31 UTC 2017

https://bugs.freedesktop.org/show_bug.cgi?id=99465

            Bug ID: 99465
           Summary: vtn_vector_construct writing out of bounds when given
                    multiple non-zero length sources
           Product: Mesa
           Version: 13.0
          Hardware: Other
                OS: All
            Status: NEW
          Severity: normal
          Priority: medium
         Component: Other
          Assignee: mesa-dev at lists.freedesktop.org
          Reporter: freiling at google.com
        QA Contact: mesa-dev at lists.freedesktop.org

We ran into this problem running the correctness test for the skia graphics
library on Vulkan on Linux on Intel HD520, it was causing a number of memory
corruption issues and  segfaults in different tests. You can reproduce the
problem by running the Skia correctness tests
(https://skia.org/dev/testing/testing) on their vulkan backend
(https://skia.org/user/special/vulkan). This may be the cause of
https://bugs.freedesktop.org/show_bug.cgi?id=97213

The solution we used (https://fuchsia-review.googlesource.com/c/17700/) was to
make the total number of components in the output vector the sum of all the
components in all of the input vectors. This fixes the memory corruption, but
it remains unclear to us if this is the correct behavior for the compiler,
which is why we havent submitted an upstream patch yet.

Let me know if you need anything else from my end on this.

Cheers,

Forrest Reiling

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/mesa-dev/attachments/20170119/3a23c83a/attachment-0001.html>