We already check that the address is not "too far", but we should also
clamp the UBO index in order to avoid looking at the wrong place in the
driver cb. This is a pretty rare situation though.
Signed-off-by: Samuel Pitoiset <samuel.pitoi...@gmail.com>
Cc: "12.0" <mesa-sta...@lists.freedesktop.org>
---
src/gallium/drivers/nouveau/codegen/nv50_ir_lowering_nvc0.cpp | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/gallium/drivers/nouveau/codegen/nv50_ir_lowering_nvc0.cpp
b/src/gallium/drivers/nouveau/codegen/nv50_ir_lowering_nvc0.cpp
index 689fecf..e766aa7 100644
--- a/src/gallium/drivers/nouveau/codegen/nv50_ir_lowering_nvc0.cpp
+++ b/src/gallium/drivers/nouveau/codegen/nv50_ir_lowering_nvc0.cpp
@@ -2181,7 +2181,12 @@ NVC0LoweringPass::handleLDST(Instruction *i)
int8_t fileIndex = i->getSrc(0)->reg.fileIndex - 1;
Value *ind = i->getIndirect(0, 1);
- // TODO: clamp the offset to the maximum number of const buf.
+ if (ind) {
+ // Clamp the UBO index when an indirect access is used to avoid
+ // loading information from the wrong place in the driver cb.
+ ind = bld.mkOp2v(OP_MIN, TYPE_U32, ind, ind, bld.loadImm(NULL,
12));
+ }
+
if (i->src(0).isIndirect(1)) {
Value *offset = bld.loadImm(NULL, i->getSrc(0)->reg.data.offset +
typeSizeof(i->sType));
Value *ptr = loadUboInfo64(ind, fileIndex * 16);
--
2.8.3
_______________________________________________
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/mesa-dev
