projects / mesa.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 01a78db)
pan/midgard: Fix memory corruption in register spilling
authorAlyssa Rosenzweig <alyssa.rosenzweig@collabora.com>
Tue, 8 Oct 2019 02:42:35 +0000 (22:42 -0400)
committerAlyssa Rosenzweig <alyssa.rosenzweig@collabora.com>
Wed, 16 Oct 2019 12:17:56 +0000 (08:17 -0400)
Essentially an off-by-one error ... bit of an edge case, but seems to
occur in some glamor shaders.

Signed-off-by: Alyssa Rosenzweig <alyssa.rosenzweig@collabora.com>
src/panfrost/midgard/mir.c patch | blob | history

diff --git a/src/panfrost/midgard/mir.c b/src/panfrost/midgard/mir.c
index 5d49f7f79f1aaeb6888221e195b86a04fb44789c..3a3a4f934487e2a390c3cf90e765e48296c1487c 100644 (file)
--- a/src/panfrost/midgard/mir.c
+++ b/src/panfrost/midgard/mir.c
@@ -531,11 +531,11 @@ mir_insert_instruction_after_scheduled(
 
         midgard_bundle *bundles = (midgard_bundle *) block->bundles.data;
         memmove(bundles + after + 2, bundles + after + 1, (count - after - 1) * sizeof(midgard_bundle));
-        midgard_bundle *after_bundle_1 = bundles + after + 2;
+        midgard_bundle *after_bundle = bundles + after;
 
         midgard_bundle new = mir_bundle_for_op(ctx, ins);
         memcpy(bundles + after + 1, &new, sizeof(new));
-        list_addtail(&new.instructions[0]->link, &after_bundle_1->instructions[0]->link);
+        list_addtail(&new.instructions[0]->link, &after_bundle->instructions[after_bundle->instruction_count - 1]->link);
 }
 
 /* Flip the first-two arguments of a (binary) op. Currently ALU