[Bug 71574] Long expressions in shaders crash Mesa

[bugzilla-daemon at freedesktop.org]

https://bugs.freedesktop.org/show_bug.cgi?id=71574

--- Comment #3 from Kevin Rogovin <kevin.rogovin at intel.com> ---
A minor note: the crash occurs in src/glsl/ast_to_hir.cpp and looks to be a
stack overflow. The cause is as follows:

 - The code that generates the AST is a bison generated parser. The parser uses
its own stack instead of an OS provided stack. That stack has a much larger
maximum size than an OS stack (since the parser can just realloc to whatever
size it needs). In particular the depth of the AST can be quite larger (for
example in this case on order of 30,000).

 - The code that generates the HIR from the AST uses recursion and thus uses an
OS provided stack. A deep AST will then trigger a stack overflow.

The wrong way to fix this is to increase the stack size so that this shader
does not trigger a crash. The correct way to fix the issue is during AST
generation in the parser code is to have a stack depth value for the nodes
(computed as the maximum of the stack depth of the child nodes). Then at HIR
generation from AST to check the stack depth of the root tree and to emit a
failure message if the value is too large, here too large being a value decided
upon by making sure the OS provided stack is big enough and in addition, if the
depth is great the shader is likely not going to be compilable in a reasonable
amount of time (if at all). My hunch of arbitrariness is to set the max depth
to be somewhere in the range of 1000 to 5000.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/intel-3d-bugs/attachments/20141231/d668d473/attachment.html>