vc4: Compute the proper end address of the relocated command lists.

render_cl_size/bin_cl_size includes relocations, while the hardware buffer
doesn't.  If you don't emit a HALT packet, the command parser continues
until the end register's value.  We can't allow executing unvalidated
buffer contents (and it's actually harmful in the render lists Mesa is
emitting, since VC4_PACKET_STORE_MS_TILE_BUFFER_AND_EOF doesn't trigger a
halt).

diff --git a/src/gallium/drivers/vc4/vc4_simulator.c b/src/gallium/drivers/vc4/vc4_simulator.c
index 633e80995c1e8c2e0346e361c34f286038ca522a..b2f2b669dc9a5759cbe3ceecfaba53d220aafba7 100644 (file)
--- a/src/gallium/drivers/vc4/vc4_simulator.c
+++ b/src/gallium/drivers/vc4/vc4_simulator.c
@@ -184,9 +184,7 @@ vc4_cl_validate(struct drm_device *dev, struct exec_info *exec)
 #endif
 
        exec->ct0ca = exec->exec_bo->paddr + bin_offset;
-       exec->ct0ea = exec->ct0ca + args->bin_cl_size;
        exec->ct1ca = exec->exec_bo->paddr + render_offset;
-       exec->ct1ea = exec->ct1ca + args->render_cl_size;
 
        exec->shader_rec_v = exec->exec_bo->vaddr + shader_rec_offset;
        exec->shader_rec_p = exec->exec_bo->paddr + shader_rec_offset;

diff --git a/src/gallium/drivers/vc4/vc4_simulator_validate.c b/src/gallium/drivers/vc4/vc4_simulator_validate.c
index d393517c414d951dbadbde1801f2699c385f0862..855947395e9332cbbcf3038b49232b9d37c7acc3 100644 (file)
--- a/src/gallium/drivers/vc4/vc4_simulator_validate.c
+++ b/src/gallium/drivers/vc4/vc4_simulator_validate.c
@@ -363,6 +363,11 @@ vc4_validate_cl(struct drm_device *dev,
                        break;
        }
 
+       if (is_bin)
+               exec->ct0ea = exec->ct0ca + dst_offset;
+       else
+               exec->ct1ea = exec->ct1ca + dst_offset;
+
        return 0;
 }