glsl: fix crashes on out of bound matrix access using constant index

author Marcin Ślusarz <marcin.slusarz@intel.com>

Mon, 11 May 2020 21:26:40 +0000 (23:26 +0200)

committer Marge Bot <eric+marge@anholt.net>

Tue, 18 Aug 2020 11:34:54 +0000 (11:34 +0000)
author Marcin Ślusarz <marcin.slusarz@intel.com>
Mon, 11 May 2020 21:26:40 +0000 (23:26 +0200)
committer Marge Bot <eric+marge@anholt.net>
Tue, 18 Aug 2020 11:34:54 +0000 (11:34 +0000)
diff --git a/.gitlab-ci/piglit/quick_shader.txt b/.gitlab-ci/piglit/quick_shader.txt

index cfe6e67bf76f93bbd62c24d90ab7344dd50f599c..1f1c83e86b0b83fcbd27a4d4a358dc0a1faae9d8 100644 (file)
--- a/.gitlab-ci/piglit/quick_shader.txt
+++ b/.gitlab-ci/piglit/quick_shader.txt
@@ -369,9 +369,6 @@ spec/glsl-1.10/execution/built-in-functions/fs-pow-float-float: fail
  spec/glsl-1.10/execution/built-in-functions/vs-pow-float-float: fail
  spec/glsl-1.10/preprocessor/extension-defined-test: skip
  spec/glsl-1.10/preprocessor/extension-if-1: skip
-spec/glsl-1.20/execution/matrix-out-of-bounds-access/fs-mat4-out-of-bounds-2: crash
-spec/glsl-1.20/execution/matrix-out-of-bounds-access/fs-mat4-out-of-bounds-4: crash
-spec/glsl-1.20/execution/matrix-out-of-bounds-access/fs-mat4-out-of-bounds-5: crash
  spec/glsl-1.20/execution/vector-out-of-bounds-access/fs-vec4-out-of-bounds-1: crash
  spec/glsl-1.20/execution/vector-out-of-bounds-access/fs-vec4-out-of-bounds-2: crash
  spec/glsl-1.20/execution/vector-out-of-bounds-access/fs-vec4-out-of-bounds-4: crash
@@ -598,9 +595,9 @@ spec/nv_viewport_swizzle/viewport_swizzle: skip
  summary:
         name:  results
         ----  --------
-       pass:    15778
+       pass:    15781
         fail:      104
-      crash:      178
+      crash:      175
         skip:      315
      timeout:        0
         warn:        0
diff --git a/src/compiler/glsl/ir_constant_expression.cpp b/src/compiler/glsl/ir_constant_expression.cpp

index 47049d0202b5e4ffa8e6275a62b6e30fb28b60ce..1f2f786e2f03644a253c732dcc75382d9da0ec8a 100644 (file)
--- a/src/compiler/glsl/ir_constant_expression.cpp
+++ b/src/compiler/glsl/ir_constant_expression.cpp
@@ -955,6 +955,19 @@ ir_dereference_array::constant_expression_value(void *mem_ctx,
  
           const glsl_type *const column_type = array->type->column_type();
  
+         /* Section 5.11 (Out-of-Bounds Accesses) of the GLSL 4.60 spec says:
+          *
+          *    In the subsections described above for array, vector, matrix and
+          *    structure accesses, any out-of-bounds access produced undefined
+          *    behavior....Out-of-bounds reads return undefined values, which
+          *    include values from other variables of the active program or zero.
+          */
+         if (idx->value.i[0] < 0 || column >= array->type->matrix_columns) {
+            ir_constant_data data = { { 0 } };
+
+            return new(mem_ctx) ir_constant(column_type, &data);
+         }
+
           /* Offset in the constant matrix to the first element of the column
            * to be extracted.
            */
author	Marcin Ślusarz <marcin.slusarz@intel.com>
	Mon, 11 May 2020 21:26:40 +0000 (23:26 +0200)
committer	Marge Bot <eric+marge@anholt.net>
	Tue, 18 Aug 2020 11:34:54 +0000 (11:34 +0000)
.gitlab-ci/piglit/quick_shader.txt		patch \| blob \| history
src/compiler/glsl/ir_constant_expression.cpp		patch \| blob \| history