[Mesa-dev] [PATCH 2/2] i965/tiled_memcpy: Protect against wrong alignments
Chad Versace
chad.versace at intel.com
Tue Apr 5 23:26:38 UTC 2016
On 04/04/2016 06:04 PM, Jason Ekstrand wrote:
> It's possible, when doing an x-tiled copy, to end up with a case where the
> bytes parameter is equal to 16 but the pointer is not actually aligned.
> This causes asserts in debug mode and segfaults in release builds due to
> doing an aligned operation on an unaligned pointer.
>
> Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=93962
> ---
> src/mesa/drivers/dri/i965/intel_tiled_memcpy.c | 48 +++++++++++++-------------
> 1 file changed, 24 insertions(+), 24 deletions(-)
>
> diff --git a/src/mesa/drivers/dri/i965/intel_tiled_memcpy.c b/src/mesa/drivers/dri/i965/intel_tiled_memcpy.c
> index 19079d0..823d8b0 100644
> --- a/src/mesa/drivers/dri/i965/intel_tiled_memcpy.c
> +++ b/src/mesa/drivers/dri/i965/intel_tiled_memcpy.c
> @@ -85,19 +85,19 @@ rgba8_copy_aligned_dst(void *dst, const void *src, size_t bytes)
> uint8_t const *s = src;
>
> #ifdef __SSSE3__
> - if (bytes == 16) {
> - assert(!(((uintptr_t)dst) & 0xf));
> - rgba8_copy_16_aligned_dst(d+ 0, s+ 0);
> - return dst;
> - }
> + if ((((uintptr_t)dst) & 0xf) == 0) {
> + if (bytes == 16) {
> + rgba8_copy_16_aligned_dst(d+ 0, s+ 0);
> + return dst;
> + }
[snip]
I see the bug... Sometimes (dst, src) points into (tiled, linear user ptr) memory, and
other times into (linear user ptr, tiled) memory. So we can never assume that either
address is aligned, as it may be a user ptr.
I didn't test it, but it looks correct to me.
Reviewed-by: Chad Versace <chad.versace at intel.com>
(I'm really back from parental leave! I just built Mesa for the first time
in 9 weeks! Of course, I had to install a newer libdrm before it compiled).
More information about the mesa-dev
mailing list