Module: Mesa Branch: main Commit: 1c1aa579ff5214a2082ad29ef99d76b52d76d560 URL: http://cgit.freedesktop.org/mesa/mesa/commit/?id=1c1aa579ff5214a2082ad29ef99d76b52d76d560
Author: Kenneth Graunke <[email protected]> Date: Mon Sep 18 17:43:01 2023 -0700 mesa: Fix zeroing of new ParameterValues array entries when growing On non-Windows OSes, align_realloc is the os_realloc_aligned() from src/util/os_memory_aligned.h, which doesn't use realloc internally. Instead, it uses os_malloc_aligned() and memcpy's over the old data, which is why it needs an "old size" (unlike normal realloc). In _mesa_reserve_parameter_storage, the call to align_realloc above passes (oldValNum * sizeof(gl_constant_value)) as the old size, which is all the actual data. The actual allocation size of the array may be larger (in fact, we allocate 16 extra components), which is tracked in SizeValues. After realloc, we memset to zero starting at the old allocation size, to the new allocation size. This would work if it were a real realloc. However, because we actually malloc + memcpy and only copy the previous /data/, not the allocated size, and then memset from the old /allocated size/, our new copy will have the spaces between the old data and the old allocation size neither copied nor memset, leaving them as uninitialized garbage memory. These values then get written to the shader cache, meaning that if you compile the same shader multiple times, you may get different shader cache entries. This is bad for reproducible, deterministic compiles. While at it, we also memset to zero in _mesa_add_parameter, as this looks like another place where memset-to-zero is missing. To reproduce this error, one can run shader-db: $ MESA_SHADER_CACHE_DIR=a ./run -b shaders/godot3.4/49-28.shader_test $ MESA_SHADER_CACHE_DIR=b ./run -b shaders/godot3.4/49-28.shader_test and see an occasional difference in the end of the ParameterValues array, where there's a padding gap between the last two elements that was never zero-initialized. Thanks to Mark Janes for discovering this and tracking it down together! Cc: mesa-stable Reviewed-by: Mark Janes <[email protected]> Reviewed-by: Ian Romanick <[email protected]> Reviewed-by: Marek Olšák <[email protected]> Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/25316> --- src/mesa/program/prog_parameter.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/mesa/program/prog_parameter.c b/src/mesa/program/prog_parameter.c index 2021d900a7f..53ddf35cad0 100644 --- a/src/mesa/program/prog_parameter.c +++ b/src/mesa/program/prog_parameter.c @@ -222,7 +222,6 @@ _mesa_reserve_parameter_storage(struct gl_program_parameter_list *paramList, } if (needSizeValues > paramList->SizeValues) { - unsigned oldSize = paramList->SizeValues; paramList->SizeValues = needSizeValues + 16; /* alloc some extra */ paramList->ParameterValues = (gl_constant_value *) @@ -235,8 +234,8 @@ _mesa_reserve_parameter_storage(struct gl_program_parameter_list *paramList, paramList->SizeValues * sizeof(gl_constant_value) + 12, 16); /* The values are written to the shader cache, so clear them. */ - memset(paramList->ParameterValues + oldSize, 0, - (paramList->SizeValues - oldSize) * sizeof(gl_constant_value)); + memset(paramList->ParameterValues + oldValNum, 0, + (paramList->SizeValues - oldValNum) * sizeof(gl_constant_value)); } } @@ -303,6 +302,7 @@ _mesa_add_parameter(struct gl_program_parameter_list *paramList, memset(¶mList->Parameters[oldNum], 0, sizeof(struct gl_program_parameter)); + memset(¶mList->ParameterValues[oldValNum], 0, padded_size); struct gl_program_parameter *p = paramList->Parameters + oldNum; p->Name = strdup(name ? name : "");
