Another requirement for GL4.0 is support for ARB_sample_shading.
This enables it and turns on the cap when needed.
Signed-off-by: Dave Airlie <airlied@redhat.com>
These are needed for ARB_draw_indirect and GL4.0
This enables support and turns in the cap when
support is present.
This also enhances the draw packets to cover
future features, it doesn't enable or show these
yet, since other work is required in the shaders.
Signed-off-by: Dave Airlie <airlied@redhat.com>
Free vertex element in error path.
This was introduced by this commit:
vrend: add sanity check for vertext buffer index.
Reported-by: Matthias Gerstner <mgerstner@suse.de>
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
There will be a crash if the guest destroy context 0. As the context 0 is
allocate in renderer init, not destroy in vrend_renderer_context_destroy.
The context will be freed in renderer fini by calling vrend_decode_reset.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
The vertext_buffer_index is read from guest and then used
to index the 'vbo' array in struct 'vrend_sub_context'.
Add sanity check for this to avoid oob issue.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Add the sanity check of the 'nr_cbufs' to avoid stack
overflow.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Create a context more than once causes memory leak issue.
Juest return if the context exists.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Context array is declared as dec_ctx[VREND_MAX_CTX], virgl shouldn't accept id
== VREND_MAX_CTX.
Found thanks to AddressSanitizer.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Avoid out of bounds array access.
Found thanks to AddressSanitizer & american fuzzy lop.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Avoid out-of-bound acces of array so_info.output.
Fix found thanks to american fuzzy lop.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
the protocol failed to handle larger shaders, this allow
the renderer to reassemble large shaders and recombined
the chunks before passing them to the GLSL translation.
This also enhances the renderer protocol to allow
for some more info in the shader object, and removes
the separate vs/gs/fs variants in favour of a type field
in the shader.
This fixes a number of issues with how transform feedback works
it does requires ARB_transform_feedback3 to work at all, but
hopefully this extension is widespread enough, if not we can
revisit later.
It uses transform feedback objects to store the stream out
state.