From f3ec9d33c6a3ed4ddb42d3bf4844fc04bf4a69c8 Mon Sep 17 00:00:00 2001 From: Robert Bragg Date: Fri, 24 Feb 2017 16:39:06 +0000 Subject: [PATCH] mesa: Fix performance query id check The queryid_valid() function asserts that an ID given by an application isn't zero since the spec explicitly reserves an ID of zero as invalid. The implementation was written as if the ID was a signed integer and based on the assumption that queryid_to_index() is simply subtracting one from the ID. It was broken because in fact the ID was stored in an unsigned int and testing for an index >= 0 would always succeed. This adds a spec quote to clarify why zero is considered invalid and checks for zero before even passing the ID to queryid_to_index() for then checking the upper bound. This is a v2 of a patch originally posted by Juha-Pekka (thanks) Cc: Juha-Pekka Heikkila Signed-off-by: Robert Bragg Reviewed-by: Plamena Manolova --- src/mesa/main/performance_query.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/mesa/main/performance_query.c b/src/mesa/main/performance_query.c index aa10351..56f6a7d 100644 --- a/src/mesa/main/performance_query.c +++ b/src/mesa/main/performance_query.c @@ -90,8 +90,12 @@ index_to_queryid(unsigned index) static inline bool queryid_valid(const struct gl_context *ctx, unsigned numQueries, GLuint queryid) { - GLuint index = queryid_to_index(queryid); - return index >= 0 && index < numQueries; + /* The GL_INTEL_performance_query spec says: + * + * "Performance counter ids values start with 1. Performance counter id 0 + * is reserved as an invalid counter." + */ + return queryid != 0 && queryid_to_index(queryid) < numQueries; } static inline GLuint -- 2.7.4