From: Marek Olšák Date: Fri Dec 2 15:39:25 2016 +0100 Subject: [PATCH]cso: don't release sampler states that are bound Patch-mainline: 6dc96de303290e8d1fc294da478c4f370be98dea Git-repo: git://anongit.freedesktop.org/mesa/mesa Git-commit: 6dc96de303290e8d1fc294da478c4f370be98dea References: boo#1015012 fdo#93649 Signed-off-by: Max Staudt This fixes random radeonsi GPU hangs in Batman Arkham: Origins (Wine) and probably many other games too. cso_cache deletes sampler states when the cache size is too big and doesn't check which sampler states are bound, causing use-after-free in drivers. Because of that, radeonsi uploaded garbage sampler states and the hardware went bananas. Other drivers may have experienced similar issues. Cc: 12.0 13.0 Reviewed-by: Nicolai Hähnle Reviewed-by: Edward O'Callaghan --- src/gallium/auxiliary/cso_cache/cso_cache.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/gallium/auxiliary/cso_cache/cso_cache.c b/src/gallium/auxiliary/cso_cache/cso_cache.c index b240c93..1f3be4b 100644 --- a/src/gallium/auxiliary/cso_cache/cso_cache.c +++ b/src/gallium/auxiliary/cso_cache/cso_cache.c @@ -188,7 +188,9 @@ cso_insert_state(struct cso_cache *sc, void *state) { struct cso_hash *hash = _cso_hash_for_type(sc, type); - sanitize_hash(sc, hash, type, sc->max_size); + + if (type != CSO_SAMPLER) + sanitize_hash(sc, hash, type, sc->max_size); return cso_hash_insert(hash, hash_key, state); }