From 293aaa43b9c63a2001ad9b979feb41bb54ff4f51 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Roberto=20de=20Souza?= <jose.souza@intel.com>
Date: Wed, 30 Apr 2025 12:16:38 -0700
Subject: [PATCH] intel/tools: Fix batch buffer decoder
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

intel_decoder_init() initializes intel_batch_decode_ctx so later
we can call decode functions but it depends on data stored in
brw/elk_isa_info but that was being allocated in stack
of intel_decoder_init() then when the decode functions were executed
it was accessing garbage at the brw/elk_isa_info memory.

Reviewed-by: Lionel Landwerlin <lionel.g.landwerlin@intel.com>
Fixes: ec2d20a70d01 ("intel/tools: Add helpers for decoder_init/disasm")
Signed-off-by: José Roberto de Souza <jose.souza@intel.com>
Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/34776>
(cherry picked from commit 3e5a735d01700163d25b1c00ee05b97644da9cf2)
---
 .pick_status.json                        |  2 +-
 src/intel/tools/aubinator.c              |  3 ++-
 src/intel/tools/aubinator_error_decode.c |  3 ++-
 src/intel/tools/intel_tools.c            | 13 +++++++------
 src/intel/tools/intel_tools.h            | 15 +++++++++++++++
 5 files changed, 27 insertions(+), 9 deletions(-)

diff --git a/.pick_status.json b/.pick_status.json
index e852e5d1be9..0896cb5ba5f 100644
--- a/.pick_status.json
+++ b/.pick_status.json
@@ -304,7 +304,7 @@
         "description": "intel/tools: Fix batch buffer decoder",
         "nominated": true,
         "nomination_type": 2,
-        "resolution": 0,
+        "resolution": 1,
         "main_sha": null,
         "because_sha": "ec2d20a70d018736c6ef7cb5bbbe48d82e8c6b4c",
         "notes": null
diff --git a/src/intel/tools/aubinator.c b/src/intel/tools/aubinator.c
index b7eb7193509..b8e43ff23e7 100644
--- a/src/intel/tools/aubinator.c
+++ b/src/intel/tools/aubinator.c
@@ -61,6 +61,7 @@ uint16_t pci_id = 0;
 char *input_file = NULL, *xml_path = NULL;
 struct intel_device_info devinfo;
 struct intel_batch_decode_ctx batch_ctx;
+struct intel_isa_info isa_info = {};
 struct aub_mem mem;
 
 FILE *outfile;
@@ -96,7 +97,7 @@ aubinator_init(void *user_data, int aub_pci_id, const char *app_name)
       batch_flags |= INTEL_BATCH_DECODE_OFFSETS;
    batch_flags |= INTEL_BATCH_DECODE_FLOATS;
 
-   intel_decoder_init(&batch_ctx, &devinfo, outfile,
+   intel_decoder_init(&batch_ctx, &isa_info, &devinfo, outfile,
                       batch_flags, xml_path, NULL, NULL, NULL);
 
    /* Check for valid spec instance, if wrong xml_path is passed then spec
diff --git a/src/intel/tools/aubinator_error_decode.c b/src/intel/tools/aubinator_error_decode.c
index 2dd9dca5475..f7e78e3ac53 100644
--- a/src/intel/tools/aubinator_error_decode.c
+++ b/src/intel/tools/aubinator_error_decode.c
@@ -585,7 +585,8 @@ read_i915_data_file(FILE *file, enum intel_batch_decode_flags batch_flags)
    }
 
    struct intel_batch_decode_ctx batch_ctx;
-   intel_decoder_init(&batch_ctx, &devinfo, stdout,
+   struct intel_isa_info isa_info = {};
+   intel_decoder_init(&batch_ctx, &isa_info, &devinfo, stdout,
                       batch_flags, xml_path, get_intel_batch_bo,
                       NULL, NULL);
    batch_ctx.acthd = acthd;
diff --git a/src/intel/tools/intel_tools.c b/src/intel/tools/intel_tools.c
index a697cba1fcb..b63aec48ab5 100644
--- a/src/intel/tools/intel_tools.c
+++ b/src/intel/tools/intel_tools.c
@@ -42,6 +42,7 @@ intel_disassemble(const struct intel_device_info *devinfo,
 
 void
 intel_decoder_init(struct intel_batch_decode_ctx *ctx,
+                   struct intel_isa_info *isa_info,
                    const struct intel_device_info *devinfo,
                    FILE *fp, enum intel_batch_decode_flags flags,
                    const char *xml_path,
@@ -50,15 +51,15 @@ intel_decoder_init(struct intel_batch_decode_ctx *ctx,
                    void *user_data)
 {
    if (devinfo->ver >= 9) {
-      struct brw_isa_info isa;
-      brw_init_isa_info(&isa, devinfo);
-      intel_batch_decode_ctx_init_brw(ctx, &isa, devinfo, fp,
+      struct brw_isa_info *isa = &isa_info->brw_isa;
+      brw_init_isa_info(isa, devinfo);
+      intel_batch_decode_ctx_init_brw(ctx, isa, devinfo, fp,
                                       flags, xml_path, get_bo, get_state_size, user_data);
    } else {
 #ifdef INTEL_USE_ELK
-      struct elk_isa_info isa;
-      elk_init_isa_info(&isa, devinfo);
-      intel_batch_decode_ctx_init_elk(ctx, &isa, devinfo, fp,
+      struct elk_isa_info *isa = &isa_info->elk_isa;
+      elk_init_isa_info(isa, devinfo);
+      intel_batch_decode_ctx_init_elk(ctx, isa, devinfo, fp,
                                       flags, xml_path, get_bo, get_state_size, user_data);
 #else
       not_supported(devinfo);
diff --git a/src/intel/tools/intel_tools.h b/src/intel/tools/intel_tools.h
index 3d33160ab44..13d14e4e3e9 100644
--- a/src/intel/tools/intel_tools.h
+++ b/src/intel/tools/intel_tools.h
@@ -9,18 +9,33 @@
 
 #include "intel/decoder/intel_decoder.h"
 
+#include "compiler/brw_isa_info.h"
+#ifdef INTEL_USE_ELK
+#include "compiler/elk/elk_isa_info.h"
+#endif
+
 #ifdef __cplusplus
 extern "C" {
 #endif
 
 struct intel_device_info;
 
+struct intel_isa_info {
+   union {
+      struct brw_isa_info brw_isa;
+#ifdef INTEL_USE_ELK
+      struct elk_isa_info elk_isa;
+#endif
+   };
+};
+
 /* Helpers to abstract some BRW/ELK differences. */
 
 void intel_disassemble(const struct intel_device_info *devinfo,
                        const void *assembly, int start, FILE *out);
 
 void intel_decoder_init(struct intel_batch_decode_ctx *ctx,
+                        struct intel_isa_info *isa_info,
                         const struct intel_device_info *devinfo,
                         FILE *fp, enum intel_batch_decode_flags flags,
                         const char *xml_path,