[Mesa-dev] Bug in 48157b904a9 found by Coverity
Damien Lespiau
damien.lespiau at intel.com
Wed Nov 19 09:28:00 PST 2014
On Wed, Nov 19, 2014 at 12:13:41PM -0500, Ilia Mirkin wrote:
> Hey guys,
>
> Just got around to looking at the Coverity email about newly
> introduced bugs, and this seems like a legit issue. Based on the
> context of the code, I'm guessing you meant to do (input_index - 16)
> << 1.
Oh my. The proposed fix looks good, mind crafting a patch?
--
Damien
>
> Cheers,
>
> -ilia
>
> ** CID 1251308: Bad bit shift operation (BAD_SHIFT)
> /src/mesa/drivers/dri/i965/gen8_sf_state.c: 99 in upload_sbe()
>
> ________________________________________________________________________________________________________
> *** CID 1251308: Bad bit shift operation (BAD_SHIFT)
> /src/mesa/drivers/dri/i965/gen8_sf_state.c: 99 in upload_sbe()
> 93 if (!(brw->fragment_program->Base.InputsRead &
> BITFIELD64_BIT(attr)))
> 94 continue;
> 95
> 96 if (input_index < 16)
> 97 dw4 |= (GEN9_SBE_ACTIVE_COMPONENT_XYZW <<
> (input_index << 1));
> 98 else
> >>> CID 1251308: Bad bit shift operation (BAD_SHIFT)
> >>> In expression "3 << (input_index << 1)", left shifting by more than 31 bits has undefined behavior. The shift amount, "input_index << 1", is 32.
> 99 dw5 |= (GEN9_SBE_ACTIVE_COMPONENT_XYZW <<
> (input_index << 1));
> 100
> 101 ++input_index;
> 102 }
> 103 }
> 104 BEGIN_BATCH(sbe_cmd_length);
More information about the mesa-dev
mailing list