projects / mesa.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fa43c4b) | patch
nvc0: reset TFB bufctx when we no longer hold a reference to the buffers
authorIlia Mirkin <imirkin@alum.mit.edu>
Tue, 16 Feb 2016 06:02:52 +0000 (01:02 -0500)
committerIlia Mirkin <imirkin@alum.mit.edu>
Sun, 6 Mar 2016 15:14:52 +0000 (10:14 -0500)
commitff085d014ed8ccce230769575e50924561218d98
tree7fdd01cb02166d39a69a82a2d3867bfb20abe152tree
parentfa43c4bd998990f8d3ebf7db33213b4935ef2b8fcommit | diff
nvc0: reset TFB bufctx when we no longer hold a reference to the buffers

This fixes some use-after-free situations in dEQP when an xfb state is
removed, and then a clear is triggered, which only does a partial
validation. It would attempt to read the no-longer-valid buffers,
resulting in crashes.

Signed-off-by: Ilia Mirkin <imirkin@alum.mit.edu>
Cc: "11.1 11.2" <mesa-stable@lists.freedesktop.org>
src/gallium/drivers/nouveau/nvc0/nvc0_shader_state.c diff | blob | history
src/gallium/drivers/nouveau/nvc0/nvc0_state.c diff | blob | history