From 9b7faa7d960dcad4585dda4a946d58269875c5a8 Mon Sep 17 00:00:00 2001 From: Frank Binns Date: Mon, 22 May 2023 13:10:45 +0100 Subject: [PATCH] pvr: fix invalid read reported by valgrind pvr_gpu_upload() can't be used in the case of pvr_gpu_upload_usc() as it expects the source and destination buffers to be the same size. This isn't the case because pvr_gpu_upload_usc() adds some padding bytes to the size passed in by the caller. Fixes: 547a10f8702 ("pvr: switch pvr_cmd_buffer_alloc_mem to use pvr_bo_suballoc") Signed-off-by: Frank Binns Reviewed-by: Karmjit Mahil Part-of: --- src/imagination/vulkan/pvr_device.c | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/src/imagination/vulkan/pvr_device.c b/src/imagination/vulkan/pvr_device.c index 2442553e94a..35f2d0e5672 100644 --- a/src/imagination/vulkan/pvr_device.c +++ b/src/imagination/vulkan/pvr_device.c @@ -2562,18 +2562,30 @@ VkResult pvr_gpu_upload_usc(struct pvr_device *device, uint64_t code_alignment, struct pvr_suballoc_bo **const pvr_bo_out) { + struct pvr_suballoc_bo *suballoc_bo = NULL; + VkResult result; + void *map; + assert(code_size > 0); /* The USC will prefetch the next instruction, so over allocate by 1 * instruction to prevent reading off the end of a page into a potentially * unallocated page. */ - return pvr_gpu_upload(device, - device->heaps.usc_heap, - code, - code_size + ROGUE_MAX_INSTR_BYTES, - code_alignment, - pvr_bo_out); + result = pvr_bo_suballoc(&device->suballoc_usc, + code_size + ROGUE_MAX_INSTR_BYTES, + code_alignment, + false, + &suballoc_bo); + if (result != VK_SUCCESS) + return result; + + map = pvr_bo_suballoc_get_map_addr(suballoc_bo); + memcpy(map, code, code_size); + + *pvr_bo_out = suballoc_bo; + + return VK_SUCCESS; } /**