[Mesa-dev] [Bug 105755] Mesa freezes when the GLSL shader contains a `for` loop with an uninitialized `i` index/counter variable
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Mar 27 11:40:38 UTC 2018
https://bugs.freedesktop.org/show_bug.cgi?id=105755
--- Comment #12 from Swyter <swyterzone+mesa3d at gmail.com> ---
Yeah. That was it, I only use a few shaders and they are all compiled at
startup. Good to know that caching is implemented Mesa-wide now.
> *EE: [! OGL LOG ] type: 0, local: 0, gpr: 28, inst: 134, bytes: 1432
> *EE: [! OGL LOG ] type: 1, local: 0, gpr: 7, inst: 41, bytes: 440
> *EE: [! OGL LOG ] type: 0, local: 0, gpr: 16, inst: 17, bytes: 184
> *EE: [! OGL LOG ] type: 1, local: 0, gpr: 6, inst: 14, bytes: 152
> *EE: [! OGL LOG ] 0:54(14): warning: `i' used uninitialized
> *EE: [! OGL LOG ] 0:58(39): warning: `i' used uninitialized
> *EE: [! OGL LOG ] 0:59(53): warning: `i' used uninitialized
> *EE: [! OGL LOG ] 0:61(30): warning: `i' used uninitialized
> *EE: [! OGL LOG ] 0:62(33): warning: `i' used uninitialized
> *EE: [! OGL LOG ] 0:54(30): warning: `i' used uninitialized
> *EE: [! OGL LOG ] type: 0, local: 0, gpr: 24, inst: 158, bytes: 1688
> *EE: [! OGL LOG ] type: 1, local: 0, gpr: 23, inst: 110, bytes: 1176
> *EE: [! OGL LOG ] type: 0, local: 0, gpr: 20, inst: 59, bytes: 632
> *EE: [! OGL LOG ] type: 1, local: 0, gpr: 6, inst: 14, bytes: 152
I don't know about how the GLSL spec handles this kind of undefined behavior,
and I agree with you that the implementation should not try to handhold shader
authors. What we need is an ecosystem that detects these issues earlier (i.e.
glslangValidator warnings) and responds robustly by detecting when the draw
call/batch/job is idle spinning/stuck by having some kind of reasonable timeout
and killing it with a descriptive message when things go out of hand, instead
of making the entire system unusable. And this is where I'm probably talking
about stuff I don't know about, but this could be probably enforced in the
DRI/DRM side of things instead of being driver-specific.
At the very least I *think* DXGI does something similar, but don't quote me on
that.
PS: As an early mitigation maybe the special case of
self-incrementing/decrementing counter variables could be zero-initialized as
fallback. You could think of this test case as fuzzing, DoS prevention. I bet
it doesn't bloat the production shaders that you guys use for regression
testing much.
Someone probably has to try this in a robust WebGL context and see what
happens.
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/mesa-dev/attachments/20180327/8b501067/attachment.html>
More information about the mesa-dev
mailing list