Bug 48057

Summary: use of uninitialized variables by read_builtins()
Product: Mesa Reporter: James <jstrother9109>
Component: Mesa coreAssignee: mesa-dev
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: medium    
Version: 8.0   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:

Description James 2012-03-29 11:18:51 UTC 
With 8.0.2 I receive the following using valgrind:


==15511== Conditional jump or move depends on uninitialised value(s)
==15511==    at 0x52AC1CA: _mesa_glsl_parse_state::_mesa_glsl_parse_state(gl_context*, unsigned int, void*) (glsl_parser_extras.cpp:118)
==15511==    by 0x52DC68F: read_builtins(unsigned int, char const*, char const**, unsigned int) (builtin_function.cpp:44)
==15511==    by 0x52DC90F: _mesa_read_profile(_mesa_glsl_parse_state*, int, char const*, char const**, int) (builtin_function.cpp:16205)
==15511==    by 0x52DCABE: _mesa_glsl_initialize_functions(_mesa_glsl_parse_state*) (builtin_function.cpp:16251)
==15511==    by 0x529C2C3: match_function_by_name(exec_list*, char const*, YYLTYPE*, exec_list*, ir_call**, _mesa_glsl_parse_state*) (ast_function.cpp:314)
==15511==    by 0x529F9FC: ast_function_expression::hir(exec_list*, _mesa_glsl_parse_state*) (ast_function.cpp:1460)
==15511==    by 0x52A1CAC: ast_expression::hir(exec_list*, _mesa_glsl_parse_state*) (ast_to_hir.cpp:1033)
==15511==    by 0x52A4C8D: ast_expression_statement::hir(exec_list*, _mesa_glsl_parse_state*) (ast_to_hir.cpp:1813)
==15511==    by 0x52A4CFD: ast_compound_statement::hir(exec_list*, _mesa_glsl_parse_state*) (ast_to_hir.cpp:1829)
==15511==    by 0x52A7F00: ast_function_definition::hir(exec_list*, _mesa_glsl_parse_state*) (ast_to_hir.cpp:3312)
==15511==    by 0x529FF9E: _mesa_ast_to_hir(exec_list*, _mesa_glsl_parse_state*) (ast_to_hir.cpp:87)
==15511==    by 0x527CF58: _mesa_glsl_compile_shader (ir_to_mesa.cpp:3342)
==15511==  Uninitialised value was created by a stack allocation
==15511==    at 0x52DC5F1: read_builtins(unsigned int, char const*, char const**, unsigned int) (builtin_function.cpp:37)


The problem is fairly clear.  When fakeCtx is instantiated in read_builtins() it is left uninitialized except for a few select members. The constructor for _mesa_glsl_parse_state does not seem to have anticipated "fake contexts" and uses a number of other members.

I would suggest a patch, but it looks like a non-trivial fix. Seems like glsl_compiler wants to be standalone, even though all of the structures it uses have dependencies in mesa/main.
Comment 1 Dave Airlie 2012-03-29 11:27:13 UTC 
http://cgit.freedesktop.org/mesa/mesa/commit/?id=b78a77f979b21a84aecb6fa4f19a2ed51a48c306

is the fix in master needs to be picked
Comment 2 Andreas Boll 2012-11-29 10:50:23 UTC 
Cherry-picked to the 8.0 branch: db8cb2250335a93cad6e877e634116e5cd6b42fc

It will be available in Mesa 8.0.6.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.