diff options
author | Jason Ekstrand <[email protected]> | 2016-09-07 21:33:48 -0700 |
---|---|---|
committer | Jason Ekstrand <[email protected]> | 2016-09-13 10:44:03 -0700 |
commit | 6ac469a6c33d7b5b6a1e0abcb4761e9ca05fa449 (patch) | |
tree | 7275046ec7c75123227a6bce1b28e1338294334d | |
parent | 3943888c94beca69e575b8d3d1ec7a6cbf474ee4 (diff) |
anv/allocator: Use VG_NOACCESS_WRITE in anv_bo_pool_free
Previously, we were relying on the fact that VALGRIND_MEMPOOL_FREE came
later on in the function to prevent "link->bo = bo" from causing an invalid
write. However, in the case where the size requested by the user is very
small (less than sizeof(struct anv_bo)), this isn't sufficient. Instead,
we should call VALGRIND_MEMPOOL_FREE early and then use VG_NOACCESS_WRITE.
We do, however, have to call VALGRIND_MEMPOOL_FREE after reading bo_in
because it may be stored in the bo itself.
Signed-off-by: Jason Ekstrand <[email protected]>
-rw-r--r-- | src/intel/vulkan/anv_allocator.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/intel/vulkan/anv_allocator.c b/src/intel/vulkan/anv_allocator.c index 457a88ff0cd..c1687b98979 100644 --- a/src/intel/vulkan/anv_allocator.c +++ b/src/intel/vulkan/anv_allocator.c @@ -865,15 +865,17 @@ anv_bo_pool_free(struct anv_bo_pool *pool, const struct anv_bo *bo_in) { /* Make a copy in case the anv_bo happens to be storred in the BO */ struct anv_bo bo = *bo_in; + + VG(VALGRIND_MEMPOOL_FREE(pool, bo.map)); + struct bo_pool_bo_link *link = bo.map; - link->bo = bo; + VG_NOACCESS_WRITE(&link->bo, bo); assert(util_is_power_of_two(bo.size)); const unsigned size_log2 = ilog2_round_up(bo.size); const unsigned bucket = size_log2 - 12; assert(bucket < ARRAY_SIZE(pool->free_list)); - VG(VALGRIND_MEMPOOL_FREE(pool, bo.map)); anv_ptr_free_list_push(&pool->free_list[bucket], link); } |