From 4393be8291ff3f39ff37a61133b6e5b0fa3e9698 Mon Sep 17 00:00:00 2001 From: Charmaine Lee Date: Mon, 8 Aug 2022 18:02:30 -0700 Subject: [PATCH] mesa/st: fix reference to nir->info after nir_to_tgsi The nir shader memory is freed in nir_to_tgsi(), but the already freed shader info is referenced later when create compute state. To avoid referencing the freed memory, copy the shader info first before calling nir_to_tgsi. Fixes vmx crash running aztec on SVGA driver. Fixes: 580f1ac4736 ("nir: Extract shader_info->cs.shared_size out of union") Reviewed-by: Roland Scheidegger Part-of: --- src/mesa/state_tracker/st_program.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/mesa/state_tracker/st_program.c b/src/mesa/state_tracker/st_program.c index 8aa25431689..2c8f7eb777f 100644 --- a/src/mesa/state_tracker/st_program.c +++ b/src/mesa/state_tracker/st_program.c @@ -502,6 +502,7 @@ st_create_nir_shader(struct st_context *st, struct pipe_shader_state *state) assert(state->type == PIPE_SHADER_IR_NIR); nir_shader *nir = state->ir.nir; + struct shader_info info = nir->info; gl_shader_stage stage = nir->info.stage; enum pipe_shader_type sh = pipe_shader_type_from_mesa(stage); @@ -548,7 +549,7 @@ st_create_nir_shader(struct st_context *st, struct pipe_shader_state *state) case MESA_SHADER_COMPUTE: { struct pipe_compute_state cs = {0}; cs.ir_type = state->type; - cs.req_local_mem = nir->info.shared_size; + cs.req_local_mem = info.shared_size; if (state->type == PIPE_SHADER_IR_NIR) cs.prog = state->ir.nir;