From a382b4cb7aab046ce80140973f07bac71451b9ef Mon Sep 17 00:00:00 2001
From: Matt Turner <mattst88@gmail.com>
Date: Tue, 17 Jun 2014 12:14:05 -0700
Subject: [PATCH] i965: Don't set UIP for ENDIF/WHILE.

They don't have a UIP. We used UIP in an array dereference, which never
caused problems on Gen < 8, since UIP was a small integer (number of
instructions). On Gen 8 UIP is in bytes, so it's large enough that it
caused us to read out of bounds of the array.

Signed-off-by: Matt Turner <mattst88@gmail.com>
Reviewed-by: Kenneth Graunke <kenneth@whitecape.org>
---
 src/mesa/drivers/dri/i965/brw_eu_compact.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/mesa/drivers/dri/i965/brw_eu_compact.c b/src/mesa/drivers/dri/i965/brw_eu_compact.c
index 69621dd..a7d3595 100644
--- a/src/mesa/drivers/dri/i965/brw_eu_compact.c
+++ b/src/mesa/drivers/dri/i965/brw_eu_compact.c
@@ -658,6 +658,10 @@ update_uip_jip(struct brw_context *brw, brw_inst *insn,
    jip -= compacted_between(this_old_ip, this_old_ip + jip, compacted_counts);
    brw_inst_set_jip(brw, insn, jip);
 
+   if (brw_inst_opcode(brw, insn) == BRW_OPCODE_ENDIF ||
+       brw_inst_opcode(brw, insn) == BRW_OPCODE_WHILE)
+      return;
+
    int uip = brw_inst_uip(brw, insn);
    uip -= compacted_between(this_old_ip, this_old_ip + uip, compacted_counts);
    brw_inst_set_uip(brw, insn, uip);
-- 
2.7.4