mirror of
https://gitlab.freedesktop.org/mesa/mesa.git
synced 2026-05-07 00:38:48 +02:00
read-only mirror of https://gitlab.freedesktop.org/mesa/mesa
aa79030505
Indeed, the access to the array is done with a 4x multiplier.
The size of the array should be calculated accordingly.
For instance, this issue is triggered on radeonsi with
"piglit/bin/arb_direct_state_access-gettextureimage-formats -auto -fbo":
==3419==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffc31f804b0 at pc 0x7fac7ef81b2d bp 0x7ffc31f803d0 sp 0x7ffc31f803c8
WRITE of size 1 at 0x7ffc31f804b0 thread T0
#0 0x7fac7ef81b2c in do_span_rgba_unorm8 ../src/mesa/main/mipmap.c:160
#1 0x7fac7ef83549 in do_row ../src/mesa/main/mipmap.c:258
#2 0x7fac7ef83986 in make_2d_mipmap ../src/mesa/main/mipmap.c:371
#3 0x7fac7ef8670b in generate_mipmap_compressed ../src/mesa/main/mipmap.c:1062
#4 0x7fac7ef8670b in _mesa_generate_mipmap ../src/mesa/main/mipmap.c:1119
#5 0x7fac7e5472aa in check_gen_mipmap ../src/mesa/main/teximage.c:2910
#6 0x7fac7e5472aa in check_gen_mipmap ../src/mesa/main/teximage.c:2904
#7 0x7fac7e5472aa in teximage ../src/mesa/main/teximage.c:3315
#8 0x7fac7e5472aa in teximage_err ../src/mesa/main/teximage.c:3342
#9 0x7fac7e550cfa in _mesa_TexImage2D ../src/mesa/main/teximage.c:3413
Address 0x7ffc31f804b0 is located in stack of thread T0 at offset 96 in frame
#0 0x7fac7ef814ff in do_span_rgba_unorm8 ../src/mesa/main/mipmap.c:132
This frame has 3 object(s):
[32, 96) 'result' (line 145) <== Memory access at offset 96 overflows this variable
[128, 384) 'rowA' (line 144)
[448, 704) 'rowB' (line 144)
Fixes:
|
||
|---|---|---|
| .ci-farms | ||
| .ci-farms-disabled | ||
| .github/workflows | ||
| .gitlab | ||
| .gitlab-ci | ||
| android | ||
| bin | ||
| build-support | ||
| docs | ||
| include | ||
| src | ||
| subprojects | ||
| .clang-format | ||
| .clang-format-ignore | ||
| .clang-format-include | ||
| .dir-locals.el | ||
| .editorconfig | ||
| .git-blame-ignore-revs | ||
| .gitattributes | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .graphqlrc.yml | ||
| .mailmap | ||
| .mr-label-maker.yml | ||
| CODEOWNERS | ||
| meson.build | ||
| meson_options.txt | ||
| README.rst | ||
| VERSION | ||
`Mesa <https://mesa3d.org>`_ - The 3D Graphics Library ====================================================== Source ------ This repository lives at https://gitlab.freedesktop.org/mesa/mesa. Other repositories are likely forks, and code found there is not supported. Build & install --------------- You can find more information in our documentation (`docs/install.rst <https://docs.mesa3d.org/install.html>`_), but the recommended way is to use Meson (`docs/meson.rst <https://docs.mesa3d.org/meson.html>`_): .. code-block:: sh $ mkdir build $ cd build $ meson .. $ sudo ninja install Support ------- Many Mesa devs hang on IRC; if you're not sure which channel is appropriate, you should ask your question on `OFTC's #dri-devel <irc://irc.oftc.net/dri-devel>`_, someone will redirect you if necessary. Remember that not everyone is in the same timezone as you, so it might take a while before someone qualified sees your question. To figure out who you're talking to, or which nick to ping for your question, check out `Who's Who on IRC <https://dri.freedesktop.org/wiki/WhosWho/>`_. The next best option is to ask your question in an email to the mailing lists: `mesa-dev\@lists.freedesktop.org <https://lists.freedesktop.org/mailman/listinfo/mesa-dev>`_ Bug reports ----------- If you think something isn't working properly, please file a bug report (`docs/bugs.rst <https://docs.mesa3d.org/bugs.html>`_). Contributing ------------ Contributions are welcome, and step-by-step instructions can be found in our documentation (`docs/submittingpatches.rst <https://docs.mesa3d.org/submittingpatches.html>`_). Note that Mesa uses gitlab for patches submission, review and discussions.