[Mesa-dev] [PATCH 0/9] Enable gcc's undefined behaviour sanitizer

Marek Olšák maraeo at gmail.com
Sat Apr 30 09:00:07 UTC 2016 

For 1-2, 5-9:

Reviewed-by: Marek Olšák <marek.olsak at amd.com>

Marek

On Sat, Apr 30, 2016 at 9:24 AM, Nicolai Hähnle <nhaehnle at gmail.com> wrote:
> Hi,
>
> this patch series enables the use of gcc's -fsanitize=undefined in Mesa and
> fixes the bulk of reported issues in basic examples like glxgears. However,
> many issues remain, and some of them in the GLSL compiler look like they could
> be real - see below for a sampling.
>
> By "enables the use" I mean that (a) it fixes a compiler error that only
> happens with ubsan enabled, at least on gcc 5.3.1 and (b) it fixes a bunch
> of undefined behaviour (bad casts) that causes ubsan runs to crash with a
> segfault in the implementation of dynamic_cast.
>
> The bulk of the other fixes in this series are benign "left-shift into sign
> bit" fixes. In particular, that's what the giant gallium/radeon patch (7/9,
> probably too big for the mailing list) is about - that patch was generated
> mechanically.
>
> If you want to try this out yourself, you need to add -fsanitize=undefined
> to CFLAGS, CXXFLAGS, and LDFLAGS. You need a fairly recent libtool as well
> (the one that comes with Ubuntu 16.04 works for me, but I had to re-autogen),
> otherwise the option will be "helpfully" removed from the linker flags and
> linking will fail.
>
> You can find the entire series at https://cgit.freedesktop.org/~nh/mesa/log/?h=ubsan
> Please review!
>
> Thanks,
> Nicolai
> --
> Here are a bunch of issues reported when running piglit's
> arb_shader_image_load_store-level - all of them are about objects being cast
> to the wrong type, and subsequent consequences:
>
> ../../../../mesa/src/compiler/glsl/ir_function.cpp:376:40: runtime error: downcast of address 0x0000026c3e00 which does not point to an object of type 'ir_variable'
> 0x0000026c3e00: note: object is of type 'ir_dereference_variable'
>  00 00 00 00  28 4a d9 c3 66 7f 00 00  28 93 cd 64 ff 7f 00 00  20 93 cd 64 ff 7f 00 00  02 00 00 00
>               ^~~~~~~~~~~~~~~~~~~~~~~
>               vptr for 'ir_dereference_variable'
> ../../../../mesa/src/compiler/glsl/ir_function.cpp:381:25: runtime error: member access within address 0x0000026c3e00 which does not point to an object of type 'ir_variable'
> 0x0000026c3e00: note: object is of type 'ir_dereference_variable'
>  00 00 00 00  28 4a d9 c3 66 7f 00 00  28 93 cd 64 ff 7f 00 00  20 93 cd 64 ff 7f 00 00  02 00 00 00
>               ^~~~~~~~~~~~~~~~~~~~~~~
>               vptr for 'ir_dereference_variable'
> ../../../../mesa/src/compiler/glsl/opt_dead_builtin_variables.cpp:38:32: runtime error: downcast of address 0x00000230eeb0 which does not point to an object of type 'ir_variable'
> 0x00000230eeb0: note: object is of type 'ir_function'
>  00 00 00 00  70 4c d9 c3 66 7f 00 00  48 e6 76 02 00 00 00 00  08 2b 77 02 00 00 00 00  0a 00 00 00
>               ^~~~~~~~~~~~~~~~~~~~~~~
>               vptr for 'ir_function'
> ../../../../mesa/src/compiler/glsl/ir_function.cpp:65:53: runtime error: downcast of address 0x00000230bf80 which does not point to an object of type 'ir_rvalue'
> 0x00000230bf80: note: object is of type 'ir_variable'
>  00 00 00 00  e0 47 d9 c3 66 7f 00 00  48 c0 30 02 00 00 00 00  28 c4 30 02 00 00 00 00  07 00 00 00
>               ^~~~~~~~~~~~~~~~~~~~~~~
>               vptr for 'ir_variable'
> ../../../../mesa/src/compiler/glsl/ir_function.cpp:67:34: runtime error: member access within address 0x00000230bf80 which does not point to an object of type 'ir_rvalue'
> 0x00000230bf80: note: object is of type 'ir_variable'
>  00 00 00 00  e0 47 d9 c3 66 7f 00 00  48 c0 30 02 00 00 00 00  28 c4 30 02 00 00 00 00  07 00 00 00
>               ^~~~~~~~~~~~~~~~~~~~~~~
>               vptr for 'ir_variable'
> ../../../../mesa/src/mesa/state_tracker/st_glsl_to_tgsi.cpp:3525:26: runtime error: downcast of address 0x0000022eaa40 which does not point to an object of type 'ir_dereference'
> 0x0000022eaa40: note: object is of type 'ir_swizzle'
>  00 00 00 00  20 48 d9 c3 66 7f 00 00  08 20 31 02 00 00 00 00  f8 1e 31 02 00 00 00 00  05 00 00 00
>               ^~~~~~~~~~~~~~~~~~~~~~~
>               vptr for 'ir_swizzle'
> ../../../../mesa/src/mesa/state_tracker/st_glsl_to_tgsi.cpp:3548:29: runtime error: downcast of address 0x0000045a7d00 which does not point to an object of type 'ir_dereference'
> 0x0000045a7d00: note: object is of type 'ir_constant'
>  00 00 00 00  f0 4c d9 c3 66 7f 00 00  28 86 59 04 00 00 00 00  18 85 59 04 00 00 00 00  03 00 00 00
>               ^~~~~~~~~~~~~~~~~~~~~~~
>               vptr for 'ir_constant'
> ../../../../mesa/src/mesa/state_tracker/st_glsl_to_tgsi.cpp:3554:29: runtime error: downcast of address 0x000004a47d10 which does not point to an object of type 'ir_dereference'
> 0x000004a47d10: note: object is of type 'ir_swizzle'
>  00 00 00 00  20 48 d9 c3 66 7f 00 00  58 bf 9c 04 00 00 00 00  08 60 a5 04 00 00 00 00  05 00 00 00
>               ^~~~~~~~~~~~~~~~~~~~~~~
>               vptr for 'ir_swizzle'
>
> --
>  src/compiler/glsl/ir.cpp                     |    5 +-
>  src/compiler/glsl/list.h                     |  122 +-
>  src/compiler/glsl/opt_dead_code_local.cpp    |    7 +-
>  src/compiler/glsl/opt_tree_grafting.cpp      |    5 +-
>  src/gallium/auxiliary/tgsi/tgsi_ureg.c       |    2 +-
>  src/gallium/auxiliary/util/u_pack_color.h    |    2 +-
>  src/gallium/auxiliary/util/u_pstipple.c      |    2 +-
>  src/gallium/drivers/r600/eg_sq.h             |  316 +-
>  src/gallium/drivers/r600/evergreend.h        | 1104 ++---
>  src/gallium/drivers/r600/r600_opcodes.h      |   12 +-
>  src/gallium/drivers/r600/r600_pipe.h         |    6 +-
>  src/gallium/drivers/r600/r600_sq.h           |  246 +-
>  src/gallium/drivers/r600/r600d.h             | 1804 +++----
>  src/gallium/drivers/r600/r700_sq.h           |  246 +-
>  .../drivers/radeon/r600_pipe_common.h        |    8 +-
>  src/gallium/drivers/radeon/r600d_common.h    |  108 +-
>  src/gallium/drivers/radeon/radeon_uvd.h      |    6 +-
>  src/gallium/drivers/radeonsi/si_state.c      |    6 +-
>  .../drivers/radeonsi/si_state_shaders.c      |    4 +-
>  src/gallium/drivers/radeonsi/sid.h           | 4122 ++++++++--------
>  .../drivers/softpipe/sp_quad_stipple.c       |    4 +-
>  src/mesa/main/mtypes.h                       |   60 +-
>  src/mesa/main/uniforms.c                     |    2 +-
>  src/mesa/state_tracker/st_mesa_to_tgsi.c     |    2 +-
>  src/mesa/state_tracker/st_program.c          |    4 +-
>  25 files changed, 4117 insertions(+), 4088 deletions(-)
>
> _______________________________________________
> mesa-dev mailing list
> mesa-dev at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/mesa-dev

More information about the mesa-dev mailing list