WIP: Validate pipe_vertex_buffer offset before using it (st_atom_array + radeonsi) (!1265) · Merge requests · Mesa / mesa

Pierre-Eric Pelloux-Prayer requested to merge pepp/mesa:check_offset into master Jul 05, 2019

Some applications contain the following pattern:

float b[] = { ... }; // 3 float for pos, 3 for color
glBufferData(GL_ARRAY_BUFFER, ..., b, ...);
glVertexAttribPointer(0, 3, GL_FLOAT, GL_FALSE, 6 * sizeof(float), 0);
glVertexAttribPointer(1, 3, GL_FLOAT, GL_FALSE, 6 * sizeof(float), &b[3]);
                                                                    ^
                                                        should be 3 * sizeof(float)

Which cause &b[3] to be interpreted as a byte offset (so it can be negative and/or very large)

On some hardware this can cause GPU hangs (see https://bugs.freedesktop.org/show_bug.cgi?id=105251#c52 for an example), so this MR tries to fix these offsets before they are used.

The first commit detects negative offset.

The second one is radeonsi specific and verify that the offset is smaller than the buffer size.

WIP: Validate pipe_vertex_buffer offset before using it (st_atom_array + radeonsi)

Merge request reports