[Mesa-dev] [PATCH 1/2] radv: return binary code_size not variant code size to cache

Fri Jul 27 04:22:42 UTC 2018

From: Dave Airlie <airlied at redhat.com>

The code sizes return here get passed to the cache shader insert function,
which then memcpy from the code ptr, and causes all sorts of valgrind
errors like:
==6755== Invalid read of size 8
==6755==    at 0x4C32FEE: memcpy at GLIBC_2.2.5 (vg_replace_strmem.c:1021)
==6755==    by 0x2305D4C7: radv_pipeline_cache_insert_shaders (radv_pipeline_cache.c:416)
==6755==    by 0x2305791D: radv_create_shaders (radv_pipeline.c:2158)
==6755==    by 0x2305C523: radv_pipeline_init (radv_pipeline.c:3404)
==6755==    by 0x2305C890: radv_graphics_pipeline_create (radv_pipeline.c:3515)
==6755==    by 0x230188AB: radv_device_init_meta_blit_color (radv_meta_blit.c:871)
==6755==    by 0x2301D50E: radv_device_init_meta_blit_state (radv_meta_blit.c:1278)
==6755==    by 0x23011893: radv_device_init_meta (radv_meta.c:352)
==6755==    by 0x2300744B: radv_CreateDevice (radv_device.c:1576)
==6755==    by 0x5187D0F: ??? (in /usr/lib64/libvulkan.so.1.1.77)
==6755==    by 0x518F6A3: ??? (in /usr/lib64/libvulkan.so.1.1.77)
==6755==    by 0x5192A42: vkCreateDevice (in /usr/lib64/libvulkan.so.1.1.77)
==6755==  Address 0x22a58548 is 4 bytes after a block of size 116 alloc'd
==6755==    at 0x4C2EBAB: malloc (vg_replace_malloc.c:299)
==6755==    by 0x23089DC4: ac_elf_read (ac_binary.c:144)
==6755==    by 0x23090A60: ac_compile_module_to_binary (ac_llvm_helper.cpp:162)
==6755==    by 0x23053F06: compile_to_memory_buffer (radv_llvm_helper.cpp:58)
==6755==    by 0x23053F06: radv_compile_to_binary (radv_llvm_helper.cpp:98)
==6755==    by 0x23052769: ac_llvm_compile (radv_nir_to_llvm.c:3394)
==6755==    by 0x23052823: ac_compile_llvm_module (radv_nir_to_llvm.c:3418)
==6755==    by 0x23053C05: radv_compile_nir_shader (radv_nir_to_llvm.c:3542)
==6755==    by 0x23061B4E: shader_variant_create (radv_shader.c:580)
==6755==    by 0x23061CFD: radv_shader_variant_create (radv_shader.c:634)
==6755==    by 0x23057765: radv_create_shaders (radv_pipeline.c:2123)
==6755==    by 0x2305C523: radv_pipeline_init (radv_pipeline.c:3404)
==6755==    by 0x2305C890: radv_graphics_pipeline_create (radv_pipeline.c:3515)

Since we are just inserting the code into the cache, we can avoid these
bad reads and data in the cache by just using the binary code size here.

Fixes: 939e5a382 (radv: add padding for the UMR disassembler)
---
 src/amd/vulkan/radv_shader.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/amd/vulkan/radv_shader.c b/src/amd/vulkan/radv_shader.c
index 634e35e1d9b..7d4265cfdad 100644
--- a/src/amd/vulkan/radv_shader.c
+++ b/src/amd/vulkan/radv_shader.c
@@ -588,7 +588,7 @@ shader_variant_create(struct radv_device *device,
 
 	if (code_out) {
 		*code_out = binary.code;
-		*code_size_out = variant->code_size;
+		*code_size_out = binary.code_size;
 	} else
 		free(binary.code);
 	free(binary.config);
-- 
2.17.1

