From ef2b8f56b13c7696b6c0047e3bbf2939390e1b75 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Pavel=20Ondra=C4=8Dka?= Date: Sun, 10 Apr 2022 18:57:56 +0200 Subject: [PATCH] r300: move pointer dereference after a NULL check MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Vs state can be NULL by the time r300_set_constant_buffer is called. We don't hit this with OpenGL though, so this is why I didn't spot this in my testing, but nine hits this codepath. Restore the original behavior here. Fixes: 882811b1ff67fa37197e27f56caaffbe3e6164d6 Signed-off-by: Pavel Ondračka Part-of: --- src/gallium/drivers/r300/r300_state.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/gallium/drivers/r300/r300_state.c b/src/gallium/drivers/r300/r300_state.c index 132b682..4e8c2ec 100644 --- a/src/gallium/drivers/r300/r300_state.c +++ b/src/gallium/drivers/r300/r300_state.c @@ -2087,7 +2087,7 @@ static void r300_set_constant_buffer(struct pipe_context *pipe, if (shader == PIPE_SHADER_VERTEX) { if (r300->screen->caps.has_tcl) { - struct r300_vertex_shader_code *vs = r300_vs(r300)->shader; + struct r300_vertex_shader *vs = r300_vs(r300); if (!vs) { cbuf->buffer_base = 0; @@ -2095,9 +2095,9 @@ static void r300_set_constant_buffer(struct pipe_context *pipe, } cbuf->buffer_base = r300->vs_const_base; - r300->vs_const_base += vs->code.constants.Count; + r300->vs_const_base += vs->shader->code.constants.Count; if (r300->vs_const_base > R500_MAX_PVS_CONST_VECS) { - r300->vs_const_base = vs->code.constants.Count; + r300->vs_const_base = vs->shader->code.constants.Count; cbuf->buffer_base = 0; r300_mark_atom_dirty(r300, &r300->pvs_flush); } -- 2.7.4