[Mesa-dev] [PATCH 1/1] glsl/blob: handle copy of NULL ptr in blob_write_string

[gregory hainaut]

On Fri, 31 Mar 2017 08:24:36 +0200
Nicolai Hähnle <nhaehnle at gmail.com> wrote:

Hello Nicolai

> On 30.03.2017 21:55, Gregory Hainaut wrote:
> > Typically happen when we want to copy an unnamed shader parameter
> > in the shader cache.
> 
> So this happens only when blob_write_string is called from nouveau?

Sorry, I poorly explain myself. I should have written reproduce &
tested on Nouveau. I don't know for others drivers, they should be
impacted.

_mesa_add_parameter seems to allow to store a NULL pointer in p->Name.
Which is later written by blob_write_string. I guess it could
depends on the shader cache state.


I got the crash with this piglit test:
textureGather fs offsets r 0 float 2D repeat -auto -fb


> By the way, please setup send-mail so that it threads your mails.
> That should be the default, so I'm not sure what happened here...
Oh. I edited my email in the mailer queue which moved the email from my
pop3 to my imap account. I guess it broke the threading link. I will
be more careful next time.

Thanks


> Thanks,
> Nicolai

> >
> > Note: it is safer to copy an empty string so we can read it back
> > safely.
> >
> > Fix piglit crashes of the 'texturegatheroffsets' tests
> >
> > Signed-off-by: Gregory Hainaut <gregory.hainaut at gmail.com>
> > ---
> >  src/compiler/glsl/blob.c | 5 ++++-
> >  1 file changed, 4 insertions(+), 1 deletion(-)
> >
> > diff --git a/src/compiler/glsl/blob.c b/src/compiler/glsl/blob.c
> > index 769ebf1..f84d7f3 100644
> > --- a/src/compiler/glsl/blob.c
> > +++ b/src/compiler/glsl/blob.c
> > @@ -176,7 +176,10 @@ blob_write_intptr(struct blob *blob, intptr_t
> > value) bool
> >  blob_write_string(struct blob *blob, const char *str)
> >  {
> > -   return blob_write_bytes(blob, str, strlen(str) + 1);
> > +   if (str == NULL)
> > +      return blob_write_bytes(blob, "", 1);
> > +   else
> > +      return blob_write_bytes(blob, str, strlen(str) + 1);
> >  }
> >
> >  void
> >
> 
>