[Mesa-dev] Fwd: New Defects reported by Coverity Scan for Mesa

Thu Jan 12 09:29:50 UTC 2017

On Wed, 2017-01-11 at 10:25 -0800, Matt Turner wrote:
> Coverity thinks there are some bad shifts introduced by commit c2acf97.
> 
> I think it thinks that first can be 64 because 64 is the greatest
> value that can be returned by ffsll(), but that's not actually
> possible? If that's correct, maybe an assert is in order.

Thanks for the report!

Actually, first can't be 64, because first is defined as
"ffsll(vs_inputs) - 1", so it must be always less than 64.

I'll add the assert().

    J.A.

> 
> ** CID 1398563:    (BAD_SHIFT)
> /src/mesa/drivers/dri/i965/brw_draw_upload.c: 493 in brw_prepare_vertices()
> /src/mesa/drivers/dri/i965/brw_draw_upload.c: 489 in brw_prepare_vertices()
> /src/mesa/drivers/dri/i965/brw_draw_upload.c: 491 in brw_prepare_vertices()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 1398563:    (BAD_SHIFT)
> /src/mesa/drivers/dri/i965/brw_draw_upload.c: 493 in brw_prepare_vertices()
> 487
> BITFIELD64_MASK(first)), 2);
> 488           struct brw_vertex_element *input = &brw->vb.inputs[index];
> 489           input->is_dual_slot = brw->gen >= 8 &&
> 490              (vs_prog_data->double_inputs_read &
> BITFIELD64_BIT(first)) != 0;
> 491           vs_inputs &= ~BITFIELD64_BIT(first);
> 492           if (input->is_dual_slot)
> > > >     CID 1398563:    (BAD_SHIFT)
> > > >     In expression "1UL << first + 1U", left shifting by more than 63 bits has undefined behavior.  The shift amount, "first + 1U", is 65.
> 
> 493              vs_inputs &= ~BITFIELD64_BIT(first + 1);
> 494           brw->vb.enabled[brw->vb.nr_enabled++] = input;
> 495        }
> 496
> 497        if (brw->vb.nr_enabled == 0)
> 498           return;
> /src/mesa/drivers/dri/i965/brw_draw_upload.c: 489 in brw_prepare_vertices()
> 483        while (vs_inputs) {
> 484           GLuint first = ffsll(vs_inputs) - 1;
> 485           GLuint index =
> 486              first -
> DIV_ROUND_UP(_mesa_bitcount_64(vs_prog_data->double_inputs_read &
> 487
> BITFIELD64_MASK(first)), 2);
> 488           struct brw_vertex_element *input = &brw->vb.inputs[index];
> > > >     CID 1398563:    (BAD_SHIFT)
> > > >     In expression "1UL << first", left shifting by more than 63 bits has undefined behavior.  The shift amount, "first", is 64.
> 
> 489           input->is_dual_slot = brw->gen >= 8 &&
> 490              (vs_prog_data->double_inputs_read &
> BITFIELD64_BIT(first)) != 0;
> 491           vs_inputs &= ~BITFIELD64_BIT(first);
> 492           if (input->is_dual_slot)
> 493              vs_inputs &= ~BITFIELD64_BIT(first + 1);
> 494           brw->vb.enabled[brw->vb.nr_enabled++] = input;
> /src/mesa/drivers/dri/i965/brw_draw_upload.c: 491 in brw_prepare_vertices()
> 485           GLuint index =
> 486              first -
> DIV_ROUND_UP(_mesa_bitcount_64(vs_prog_data->double_inputs_read &
> 487
> BITFIELD64_MASK(first)), 2);
> 488           struct brw_vertex_element *input = &brw->vb.inputs[index];
> 489           input->is_dual_slot = brw->gen >= 8 &&
> 490              (vs_prog_data->double_inputs_read &
> BITFIELD64_BIT(first)) != 0;
> > > >     CID 1398563:    (BAD_SHIFT)
> > > >     In expression "1UL << first", left shifting by more than 63 bits has undefined behavior.  The shift amount, "first", is 64.
> 
> 491           vs_inputs &= ~BITFIELD64_BIT(first);
> 492           if (input->is_dual_slot)
> 493              vs_inputs &= ~BITFIELD64_BIT(first + 1);
> 494           brw->vb.enabled[brw->vb.nr_enabled++] = input;
> 495        }
> 496
> 