From 593dac802886dc8e3d8ac23ec5168883691e258c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Ol=C5=A1=C3=A1k?= <marek.olsak@amd.com>
Date: Sun, 22 Nov 2020 17:12:58 -0500
Subject: [PATCH] mesa: overallocate program parameter values
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

See the comment. This is something I spotted in the code. There is
no known bug caused by this.

Reviewed-by: Zoltán Böszörményi <zboszor@gmail.com>
Reviewed-by: Eric Anholt <eric@anholt.net>
Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/8046>
---
 src/mesa/program/prog_parameter.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/mesa/program/prog_parameter.c b/src/mesa/program/prog_parameter.c
index 1b46c2dee48..910bb269913 100644
--- a/src/mesa/program/prog_parameter.c
+++ b/src/mesa/program/prog_parameter.c
@@ -223,8 +223,12 @@ _mesa_reserve_parameter_storage(struct gl_program_parameter_list *paramList,
       paramList->ParameterValues = (gl_constant_value *)
          align_realloc(paramList->ParameterValues,         /* old buf */
                        oldNum * 4 * sizeof(gl_constant_value),/* old sz */
-                       paramList->SizeValues * 4 * sizeof(gl_constant_value),/*new*/
-                       16);
+                       /* Overallocate the size by 12 because matrix rows can
+                        * be allocated partially but fetch_state always writes
+                        * 4 components (16 bytes).
+                        */
+                       paramList->SizeValues * 4 * sizeof(gl_constant_value) +
+                       12, 16);
    }
 }