RESOLVED FIXED 105218
[ANGLE] Use of uninitialized memory in ArrayBoundsClamper 
https://bugs.webkit.org/show_bug.cgi?id=105218
Summary [ANGLE] Use of uninitialized memory in ArrayBoundsClamper
Max Vujovic
Reported 2012-12-17 14:56:50 PST
TIntermBinary::addIndexClamp is uninitialized when the compile flag SH_CLAMP_INDIRECT_ARRAY_BOUNDS is not set. Then, addIndexClamp is used in OutputGLSLBase. CSS Shaders needs to do a first validation pass without the SH_CLAMP_INDIRECT_ARRAY_BOUNDS flag and its effects. However, sometimes addIndexClamp is true, which inserts clamping code that causes the a shader to fail compilation at the WebGL level. Patch coming up.
Attachments
Patch (1.61 KB, patch)
2012-12-17 15:08 PST, Max Vujovic 		dino: review+
buildbot: commit-queue-
DetailsFormatted DiffDiff
Patch (1.61 KB, patch)
2012-12-18 09:29 PST, Max Vujovic 		webkit.review.bot: commit-queue-
DetailsFormatted DiffDiff
Patch (1.61 KB, patch)
2012-12-18 11:24 PST, Max Vujovic 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Max Vujovic
Comment 1 2012-12-17 15:08:17 PST
Created attachment 179808 [details] Patch Style bot never likes ANGLE changes, so please ignore her.
WebKit Review Bot
Comment 2 2012-12-17 15:09:47 PST
Attachment 179808 [details] did not pass style-queue: Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/ThirdParty/ANGLE/ChangeLog', u'Sour..." exit_code: 1 Source/ThirdParty/ANGLE/src/compiler/intermediate.h:392: Missing space inside { }. [whitespace/braces] [5] Total errors found: 1 in 2 files If any of these errors are false positives, please file a bug against check-webkit-style.
Dean Jackson
Comment 3 2012-12-17 15:27:38 PST
We should make sure this gets back to ANGLE. Unfortunately I cannot contribute to ANGLE under its current license, but any code changes in WebKit are available under a BSD license. So Max, maybe you could contribute this and the original array clamper?
Max Vujovic
Comment 4 2012-12-17 15:36:11 PST
Thanks for the review! (In reply to comment #3) > We should make sure this gets back to ANGLE. > > Unfortunately I cannot contribute to ANGLE under its current license, but any code changes in WebKit are available under a BSD license. So Max, maybe you could contribute this and the original array clamper? Yes, definitely. I can do that. If there's no hurry right now, I'll plan on doing it early January when I get back from holiday break.
Build Bot
Comment 5 2012-12-17 17:30:42 PST
Comment on attachment 179808 [details] Patch Attachment 179808 [details] did not pass mac-ews (mac): Output: http://queues.webkit.org/results/15371922 New failing tests: inspector/profiler/heap-snapshot.html
Max Vujovic
Comment 6 2012-12-18 09:29:13 PST
Created attachment 179960 [details] Patch EWS failure seems unrelated. Running it again to double check.
WebKit Review Bot
Comment 7 2012-12-18 09:32:48 PST
Attachment 179960 [details] did not pass style-queue: Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/ThirdParty/ANGLE/ChangeLog', u'Sour..." exit_code: 1 Source/ThirdParty/ANGLE/src/compiler/intermediate.h:392: Missing space inside { }. [whitespace/braces] [5] Total errors found: 1 in 2 files If any of these errors are false positives, please file a bug against check-webkit-style.
Max Vujovic
Comment 8 2012-12-18 11:13:43 PST
Comment on attachment 179960 [details] Patch Bots are green. Setting cq+.
WebKit Review Bot
Comment 9 2012-12-18 11:16:36 PST
Comment on attachment 179960 [details] Patch Rejecting attachment 179960 [details] from commit-queue. Failed to run "['/mnt/git/webkit-commit-queue/Tools/Scripts/webkit-patch', '--status-host=queues.webkit.org', '-..." exit_code: 1 /mnt/git/webkit-commit-queue/Source/ThirdParty/ANGLE/ChangeLog neither lists a valid reviewer nor contains the string "Unreviewed" or "Rubber stamp" (case insensitive). Full output: http://queues.webkit.org/results/15418181
Max Vujovic
Comment 10 2012-12-18 11:24:30 PST
Created attachment 179983 [details] Patch Add reviewer entry in ChangeLog.
WebKit Review Bot
Comment 11 2012-12-18 11:27:39 PST
Attachment 179983 [details] did not pass style-queue: Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/ThirdParty/ANGLE/ChangeLog', u'Sour..." exit_code: 1 Source/ThirdParty/ANGLE/src/compiler/intermediate.h:392: Missing space inside { }. [whitespace/braces] [5] Total errors found: 1 in 2 files If any of these errors are false positives, please file a bug against check-webkit-style.
WebKit Review Bot
Comment 12 2012-12-18 11:48:27 PST
Comment on attachment 179983 [details] Patch Clearing flags on attachment: 179983 Committed r138048: <http://trac.webkit.org/changeset/138048>
WebKit Review Bot
Comment 13 2012-12-18 11:48:31 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.