From 16f1d8b3910496e04faba22f5d7b0ba84c07e6ad Mon Sep 17 00:00:00 2001 From: =?utf8?q?Marcin=20=C5=9Alusarz?= Date: Mon, 11 May 2020 23:26:40 +0200 Subject: [PATCH] glsl: fix crashes on out of bound matrix access using constant index MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Fixes these piglit tests: - spec@glsl-1.20@execution@matrix-out-of-bounds-access@fs-mat4-out-of-bounds-2 - spec@glsl-1.20@execution@matrix-out-of-bounds-access@fs-mat4-out-of-bounds-4 - spec@glsl-1.20@execution@matrix-out-of-bounds-access@fs-mat4-out-of-bounds-5 Signed-off-by: Marcin Ślusarz Reviewed-by: Danylo Piliaiev Reviewed-by: Matt Turner Reviewed-by: Eric Anholt Part-of: --- .gitlab-ci/piglit/quick_shader.txt | 7 ++----- src/compiler/glsl/ir_constant_expression.cpp | 13 +++++++++++++ 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/.gitlab-ci/piglit/quick_shader.txt b/.gitlab-ci/piglit/quick_shader.txt index cfe6e67bf76..1f1c83e86b0 100644 --- a/.gitlab-ci/piglit/quick_shader.txt +++ b/.gitlab-ci/piglit/quick_shader.txt @@ -369,9 +369,6 @@ spec/glsl-1.10/execution/built-in-functions/fs-pow-float-float: fail spec/glsl-1.10/execution/built-in-functions/vs-pow-float-float: fail spec/glsl-1.10/preprocessor/extension-defined-test: skip spec/glsl-1.10/preprocessor/extension-if-1: skip -spec/glsl-1.20/execution/matrix-out-of-bounds-access/fs-mat4-out-of-bounds-2: crash -spec/glsl-1.20/execution/matrix-out-of-bounds-access/fs-mat4-out-of-bounds-4: crash -spec/glsl-1.20/execution/matrix-out-of-bounds-access/fs-mat4-out-of-bounds-5: crash spec/glsl-1.20/execution/vector-out-of-bounds-access/fs-vec4-out-of-bounds-1: crash spec/glsl-1.20/execution/vector-out-of-bounds-access/fs-vec4-out-of-bounds-2: crash spec/glsl-1.20/execution/vector-out-of-bounds-access/fs-vec4-out-of-bounds-4: crash @@ -598,9 +595,9 @@ spec/nv_viewport_swizzle/viewport_swizzle: skip summary: name: results ---- -------- - pass: 15778 + pass: 15781 fail: 104 - crash: 178 + crash: 175 skip: 315 timeout: 0 warn: 0 diff --git a/src/compiler/glsl/ir_constant_expression.cpp b/src/compiler/glsl/ir_constant_expression.cpp index 47049d0202b..1f2f786e2f0 100644 --- a/src/compiler/glsl/ir_constant_expression.cpp +++ b/src/compiler/glsl/ir_constant_expression.cpp @@ -955,6 +955,19 @@ ir_dereference_array::constant_expression_value(void *mem_ctx, const glsl_type *const column_type = array->type->column_type(); + /* Section 5.11 (Out-of-Bounds Accesses) of the GLSL 4.60 spec says: + * + * In the subsections described above for array, vector, matrix and + * structure accesses, any out-of-bounds access produced undefined + * behavior....Out-of-bounds reads return undefined values, which + * include values from other variables of the active program or zero. + */ + if (idx->value.i[0] < 0 || column >= array->type->matrix_columns) { + ir_constant_data data = { { 0 } }; + + return new(mem_ctx) ir_constant(column_type, &data); + } + /* Offset in the constant matrix to the first element of the column * to be extracted. */ -- 2.30.2