vc4: Add a sentinel after simulator buffers for buffer overflow detection.

This is a little bit like the mprotect-based fencing I've experimented with, but it's simple and low overhead. The downside is that only catches writes, not reads. It didn't catch any bad writes on a current piglit run, but may be useful in the future.
2015-10-22 11:31:56 +01:00 · 2015-10-22 11:31:56 +01:00 · b0963ce758
parent f408a13dd3
commit b0963ce758
1 changed files with 11 additions and 1 deletions
--- a/src/gallium/drivers/vc4/vc4_simulator.c
+++ b/src/gallium/drivers/vc4/vc4_simulator.c
@ -32,6 +32,11 @@
 #include "vc4_simulator_validate.h"
 #include "simpenrose/simpenrose.h"

+/* A marker placed just after each BO, then checked after rendering to make
+ * sure it's still there.
+ */
+#define BO_SENTINEL		0xfedcba98
+
 #define OVERFLOW_SIZE (32 * 1024 * 1024)

 static struct drm_gem_cma_object *
@ -49,10 +54,12 @@ vc4_wrap_bo_with_cma(struct drm_device *dev, struct vc4_bo *bo)
        obj->vaddr = screen->simulator_mem_base + dev->simulator_mem_next;
        obj->paddr = simpenrose_hw_addr(obj->vaddr);

-        dev->simulator_mem_next += size;
+        dev->simulator_mem_next += size + sizeof(uint32_t);
        dev->simulator_mem_next = align(dev->simulator_mem_next, 4096);
        assert(dev->simulator_mem_next <= screen->simulator_mem_size);

+        *(uint32_t *)(obj->vaddr + bo->size) = BO_SENTINEL;
+
        return obj;
 }

@ -109,6 +116,7 @@ vc4_simulator_unpin_bos(struct vc4_exec_info *exec)
                struct drm_vc4_bo *drm_bo = to_vc4_bo(&obj->base);
                struct vc4_bo *bo = drm_bo->bo;

+                assert(*(uint32_t *)(obj->vaddr + bo->size) == BO_SENTINEL);
                memcpy(bo->map, obj->vaddr, bo->size);

                if (drm_bo->validated_shader) {
@ -197,6 +205,8 @@ vc4_simulator_flush(struct vc4_context *vc4, struct drm_vc4_submit_cl *args)
        list_for_each_entry_safe(struct drm_vc4_bo, bo, &exec.unref_list,
                                 unref_head) {
 		list_del(&bo->unref_head);
+                assert(*(uint32_t *)(bo->base.vaddr + bo->bo->size) ==
+                       BO_SENTINEL);
                vc4_bo_unreference(&bo->bo);
                free(bo);
        }