diff options
| author | Chia-I Wu <olvaffe@gmail.com> | 2021-08-26 15:23:18 -0700 |
|---|---|---|
| committer | Chia-I Wu <olvaffe@gmail.com> | 2021-08-26 15:51:56 -0700 |
| commit | 56aedd71295a91ef9db3b06f65be4b78baf711fd (patch) | |
| tree | f92023c5198f80a0bbaf64cd8f3ce6b6ee61dd3f | |
| parent | 8bed497ee75a19a2d01b9f03c8fbc20b1f518d3a (diff) | |
| download | virglrenderer-56aedd71295a91ef9db3b06f65be4b78baf711fd.tar.gz | |
vkr: work around a Use-of-uninitialized-value
VkDrmFormatModifierPropertiesListEXT::drmFormatModifierCount may be used
uninitialized. It is a codegen bug but a proper fix breaks the
protocol. Until we are ready to finalize the protocol, let's work
around it.
It works so far because Mesa calls the function twice in a row. In the
first call, pDrmFormatModifierProperties is NULL and the uninitialized
value is not used. Instead, it is initialized by the host driver.
In the second call, because of how the temp pool works, the memory gets
reused and the "uninitialized value" is already initialized. Thanks
goes to Yiwei for figuring this out.
Signed-off-by: Chia-I Wu <olvaffe@gmail.com>
Reviewed-by: Yiwei Zhang <zzyiwei@chromium.org>
Reviewed-by: Ryan Neph <ryanneph@google.com>
| -rw-r--r-- | src/venus/venus-protocol/vn_protocol_renderer.h | 2 | ||||
| -rw-r--r-- | src/venus/venus-protocol/vn_protocol_renderer_device.h | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/src/venus/venus-protocol/vn_protocol_renderer.h b/src/venus/venus-protocol/vn_protocol_renderer.h index 603977ee..1fd294de 100644 --- a/src/venus/venus-protocol/vn_protocol_renderer.h +++ b/src/venus/venus-protocol/vn_protocol_renderer.h @@ -1,4 +1,4 @@ -/* This file is generated by venus-protocol git-97ac37e8. */ +/* This file is generated by venus-protocol git-1117eb98. */ /* * Copyright 2020 Google LLC diff --git a/src/venus/venus-protocol/vn_protocol_renderer_device.h b/src/venus/venus-protocol/vn_protocol_renderer_device.h index 3ca9343d..3601c74f 100644 --- a/src/venus/venus-protocol/vn_protocol_renderer_device.h +++ b/src/venus/venus-protocol/vn_protocol_renderer_device.h @@ -6104,7 +6104,7 @@ static inline void vn_decode_VkDrmFormatModifierPropertiesListEXT_self_partial_temp(struct vn_cs_decoder *dec, VkDrmFormatModifierPropertiesListEXT *val) { /* skip val->{sType,pNext} */ - /* skip val->drmFormatModifierCount */ + /* WA1 */ val->drmFormatModifierCount = vn_peek_array_size(dec); if (vn_peek_array_size(dec)) { const uint32_t iter_count = vn_decode_array_size(dec, val->drmFormatModifierCount); val->pDrmFormatModifierProperties = vn_cs_decoder_alloc_temp(dec, sizeof(*val->pDrmFormatModifierProperties) * iter_count); |