review.tizen.org Git - platform/upstream/mesa.git/commit

author	Eric Anholt <eric@anholt.net>
	Thu, 18 Feb 2021 21:53:31 +0000 (13:53 -0800)
committer	Marge Bot <eric+marge@anholt.net>
	Wed, 24 Feb 2021 21:48:54 +0000 (21:48 +0000)
commit	9fcc36977038597e1f381fca5289420679376eb8
tree	283b3c00f5ceb63872f8f91a8afa826831e9eb57	tree \| snapshot
parent	3468c0dd4dd8f2b6de05479de87483218653bed1	commit \| diff

mesa: Always make sure uniform storage doesn't get reallocated.

Every caller of associate_uniform_storage was doing this to safety-check
that the uniform storage didn't get reallocated, except for
st_deserialise_ir_program(). This ended up leaving an opening for
use-after-free without hitting the assert in the hot-cache case (and I
found it on freedreno). Having added it, it also reveals use-after-frees
in the drawpixels shader variant cases on llvmpipe and zink.

Reviewed-by: Marek Olšák <marek.olsak@amd.com>
Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/8997>

src/gallium/drivers/llvmpipe/ci/gitlab-ci.yml		diff \| blob \| history
src/gallium/drivers/llvmpipe/ci/llvmpipe-quick_gl.txt		diff \| blob \| history
src/mesa/program/ir_to_mesa.cpp		diff \| blob \| history
src/mesa/state_tracker/st_glsl_to_nir.cpp		diff \| blob \| history
src/mesa/state_tracker/st_glsl_to_tgsi.cpp		diff \| blob \| history