Restrict the size of shader arrays. This prevents overflow issues in the HLSL translator and some drivers. The limit it hard-coded to 65536 to be larger than the Shader Model 5 register limit (4096) to account for register allocation optimizations and future hardware. BUG=379799 Change-Id: I3cd0d8ad2084c3ca675821bfad1fab48f78c76c7 Reviewed-on: https://chromium-review.googlesource.com/204521 Reviewed-by: Jamie Madill <jmadill@chromium.org> Tested-by: Nicolas Capens <nicolascapens@chromium.org>

commit: b071b0f098e6efb9066252e751dfddf4f35f06e2 [log] [tgz]
author: Nicolas Capens <nicolascapens@chromium.org> Wed Jun 18 15:20:26 2014
committer: Nicolas Capens <nicolascapens@chromium.org> Wed Jun 18 18:45:12 2014
tree: bb56253f06584ce8b2a6bfef27fc9368426f932c
parent: d3d870647655ea8292cee9a1b65820547b13ac0c [diff]
diff --git a/src/compiler/translator/ParseContext.cpp b/src/compiler/translator/ParseContext.cpp
index 1a1e0d1..8e5f293 100644
--- a/src/compiler/translator/ParseContext.cpp
+++ b/src/compiler/translator/ParseContext.cpp

@@ -689,6 +689,18 @@
         return true;
     }
 
+    // The size of arrays is restricted here to prevent issues further down the
+    // compiler/translator/driver stack. Shader Model 5 generation hardware is limited to
+    // 4096 registers so this should be reasonable even for aggressively optimizable code.
+    const int sizeLimit = 65536;
+
+    if (size > sizeLimit)
+    {
+        error(line, "array size too large", "");
+        size = 1;
+        return true;
+    }
+
     return false;
 }
commit	b071b0f098e6efb9066252e751dfddf4f35f06e2	[log] [tgz]
author	Nicolas Capens <nicolascapens@chromium.org>	Wed Jun 18 15:20:26 2014
committer	Nicolas Capens <nicolascapens@chromium.org>	Wed Jun 18 18:45:12 2014
tree	bb56253f06584ce8b2a6bfef27fc9368426f932c
parent	d3d870647655ea8292cee9a1b65820547b13ac0c [diff]