glsl: Fix buffer overflow with an atomic buffer binding out of range. (!77) · Merge requests · Mesa / mesa

Emma Anholt requested to merge anholt/mesa:atomic-binding-overflow into master Jan 08, 2019

The binding is checked against the limits later in the function, so we need to make sure we don't overflow before the check here.

Fixes this valgrind warning (and sometimes segfault):

==1460== Invalid write of size 4 ==1460== at 0x74C98DD: ast_declarator_list::hir(exec_list*, _mesa_glsl_parse_state*) (ast_to_hir.cpp:4943) ==1460== by 0x74C054F: _mesa_ast_to_hir(exec_list*, _mesa_glsl_parse_state*) (ast_to_hir.cpp:159) ==1460== by 0x7435C12: _mesa_glsl_compile_shader (glsl_parser_extras.cpp:2130)

dEQP-GLES31.functional.debug.negative_coverage.get_error.compute. exceed_atomic_counters_limit

Admin message

Admin message

glsl: Fix buffer overflow with an atomic buffer binding out of range.

Merge request reports