Mesa (staging/21.3): radv: re-apply "Do not access set layout during vkCmdBindDescriptorSets."
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Wed Dec 29 15:44:57 UTC 2021
Module: Mesa
Branch: staging/21.3
Commit: d46c1ebc6d67c4761f7c1e9064445b1c15b9b7be
URL: http://cgit.freedesktop.org/mesa/mesa/commit/?id=d46c1ebc6d67c4761f7c1e9064445b1c15b9b7be
Author: Samuel Pitoiset <samuel.pitoiset at gmail.com>
Date: Tue Dec 28 15:14:02 2021 +0100
radv: re-apply "Do not access set layout during vkCmdBindDescriptorSets."
Uplay needs this to avoid a crash because it does an use-after-free
of a descriptor set layout. This was initially introduced by Bas to
workaround a similar issue with Baldur's Gate 3, it seems needed again.
Cc: 21.3 mesa-stable
Closes: https://gitlab.freedesktop.org/mesa/mesa/-/issues/5789
Signed-off-by: Samuel Pitoiset <samuel.pitoiset at gmail.com>
Reviewed-by: Bas Nieuwenhuizen <bas at basnieuwenhuizen.nl>
Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/14318>
(cherry picked from commit b775aaff1ec86f4ebd50867a045695da1fbeb2e1)
---
.pick_status.json | 2 +-
src/amd/vulkan/radv_cmd_buffer.c | 5 ++---
src/amd/vulkan/radv_descriptor_set.c | 9 +++++++--
src/amd/vulkan/radv_descriptor_set.h | 4 +++-
4 files changed, 13 insertions(+), 7 deletions(-)
diff --git a/.pick_status.json b/.pick_status.json
index 9111a000ce4..755dc70563a 100644
--- a/.pick_status.json
+++ b/.pick_status.json
@@ -103,7 +103,7 @@
"description": "radv: re-apply \"Do not access set layout during vkCmdBindDescriptorSets.\"",
"nominated": true,
"nomination_type": 0,
- "resolution": 0,
+ "resolution": 1,
"main_sha": null,
"because_sha": null
},
diff --git a/src/amd/vulkan/radv_cmd_buffer.c b/src/amd/vulkan/radv_cmd_buffer.c
index 4305aa4508f..4f8983f1ce8 100644
--- a/src/amd/vulkan/radv_cmd_buffer.c
+++ b/src/amd/vulkan/radv_cmd_buffer.c
@@ -4565,7 +4565,6 @@ radv_bind_descriptor_set(struct radv_cmd_buffer *cmd_buffer, VkPipelineBindPoint
radv_set_descriptor_set(cmd_buffer, bind_point, set, idx);
assert(set);
- assert(!(set->header.layout->flags & VK_DESCRIPTOR_SET_LAYOUT_CREATE_PUSH_DESCRIPTOR_BIT_KHR));
if (!cmd_buffer->device->use_global_bo_list) {
for (unsigned j = 0; j < set->header.buffer_count; ++j)
@@ -4603,7 +4602,7 @@ radv_CmdBindDescriptorSets(VkCommandBuffer commandBuffer, VkPipelineBindPoint pi
radv_bind_descriptor_set(cmd_buffer, pipelineBindPoint, set, set_idx);
}
- for (unsigned j = 0; j < set->header.layout->dynamic_offset_count; ++j, ++dyn_idx) {
+ for (unsigned j = 0; j < layout->set[set_idx].dynamic_offset_count; ++j, ++dyn_idx) {
unsigned idx = j + layout->set[i + firstSet].dynamic_offset_start;
uint32_t *dst = descriptors_state->dynamic_buffers + idx * 4;
assert(dyn_idx < dynamicOffsetCount);
@@ -4629,7 +4628,7 @@ radv_CmdBindDescriptorSets(VkCommandBuffer commandBuffer, VkPipelineBindPoint pi
}
}
- cmd_buffer->push_constant_stages |= set->header.layout->dynamic_shader_stages;
+ cmd_buffer->push_constant_stages |= layout->set[set_idx].dynamic_offset_stages;
}
}
}
diff --git a/src/amd/vulkan/radv_descriptor_set.c b/src/amd/vulkan/radv_descriptor_set.c
index 1b1708c3c7f..81cf394375e 100644
--- a/src/amd/vulkan/radv_descriptor_set.c
+++ b/src/amd/vulkan/radv_descriptor_set.c
@@ -495,11 +495,16 @@ radv_CreatePipelineLayout(VkDevice _device, const VkPipelineLayoutCreateInfo *pC
layout->set[set].layout = set_layout;
layout->set[set].dynamic_offset_start = dynamic_offset_count;
+ layout->set[set].dynamic_offset_count = 0;
+ layout->set[set].dynamic_offset_stages = 0;
for (uint32_t b = 0; b < set_layout->binding_count; b++) {
- dynamic_offset_count += set_layout->binding[b].array_size * set_layout->binding[b].dynamic_offset_count;
- dynamic_shader_stages |= set_layout->dynamic_shader_stages;
+ layout->set[set].dynamic_offset_count +=
+ set_layout->binding[b].array_size * set_layout->binding[b].dynamic_offset_count;
+ layout->set[set].dynamic_offset_stages |= set_layout->dynamic_shader_stages;
}
+ dynamic_offset_count += layout->set[set].dynamic_offset_count;
+ dynamic_shader_stages |= layout->set[set].dynamic_offset_stages;
/* Hash the entire set layout except for the vk_object_base. The
* rest of the set layout is carefully constructed to not have
diff --git a/src/amd/vulkan/radv_descriptor_set.h b/src/amd/vulkan/radv_descriptor_set.h
index 5e0ea7eaed4..65d33f19dc3 100644
--- a/src/amd/vulkan/radv_descriptor_set.h
+++ b/src/amd/vulkan/radv_descriptor_set.h
@@ -89,7 +89,9 @@ struct radv_pipeline_layout {
struct {
struct radv_descriptor_set_layout *layout;
uint32_t size;
- uint32_t dynamic_offset_start;
+ uint16_t dynamic_offset_start;
+ uint16_t dynamic_offset_count;
+ VkShaderStageFlags dynamic_offset_stages;
} set[MAX_SETS];
uint32_t num_sets;
More information about the mesa-commit
mailing list