[Mesa-dev] [PATCH V2] mesa: don't memcmp() off the end of a cache key.

Paul Berry stereotype441 at gmail.com
Thu Apr 4 06:39:33 PDT 2013 

On 2 April 2013 01:31, Chris Forbes <chrisf at ijw.co.nz> wrote:

> Reported-by: `per` in #intel-gfx
>
> The size of the cache key varies, so store the actual size as well as
> the key blob itself, rather than just assuming it's the same as the size
> passed in.
>
> NOTE: This is a candidate for stable branches.
>
> V2: Don't leave silly holes in structure; use unsigned instead of
> GLuint.
>
> Signed-off-by: Chris Forbes <chrisf at ijw.co.nz>
> ---
>  src/mesa/program/prog_cache.c | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/src/mesa/program/prog_cache.c b/src/mesa/program/prog_cache.c
> index 47f926b..1041f35 100644
> --- a/src/mesa/program/prog_cache.c
> +++ b/src/mesa/program/prog_cache.c
> @@ -37,6 +37,7 @@
>  struct cache_item
>  {
>     GLuint hash;
> +   unsigned keysize;
>     void *key;
>     struct gl_program *program;
>     struct cache_item *next;
> @@ -183,7 +184,10 @@ _mesa_search_program_cache(struct gl_program_cache
> *cache,
>        struct cache_item *c;
>
>        for (c = cache->items[hash % cache->size]; c; c = c->next) {
> -         if (c->hash == hash && memcmp(c->key, key, keysize) == 0) {
> +         if (c->hash == hash &&
> +            c->keysize == keysize &&
> +            memcmp(c->key, key, keysize) == 0) {
> +
>

At the top of this function (_mesa_search_program_cache) there's another
memcmp that needs to be fixed:

   if (cache->last &&
       memcmp(cache->last->key, key, keysize) == 0) {
      return cache->last->program;
   }

needs to change to:

   if (cache->last &&
       cache->last->keysize == keysize &&
       memcmp(cache->last->key, key, keysize) == 0) {
      return cache->last->program;
   }

With that additional fix, this patch is:

Reviewed-by: Paul Berry <stereotype441 at gmail.com>



>              cache->last = c;
>              return c->program;
>           }
> @@ -207,6 +211,7 @@ _mesa_program_cache_insert(struct gl_context *ctx,
>
>     c->key = malloc(keysize);
>     memcpy(c->key, key, keysize);
> +   c->keysize = keysize;
>
>     c->program = program;  /* no refcount change */
>
> @@ -235,6 +240,7 @@ _mesa_shader_cache_insert(struct gl_context *ctx,
>
>     c->key = malloc(keysize);
>     memcpy(c->key, key, keysize);
> +   c->keysize = keysize;
>
>     c->program = (struct gl_program *)program;  /* no refcount change */
>
> --
> 1.8.2
>
> _______________________________________________
> mesa-dev mailing list
> mesa-dev at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/mesa-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/mesa-dev/attachments/20130404/6b8e89d4/attachment.html>

More information about the mesa-dev mailing list