Skip to content

Segmentation fault when applying spirv-opt to a shader that performs and out-of-bounds access #2609

Closed
Closed
Segmentation fault when applying spirv-opt to a shader that performs and out-of-bounds access#2609
Assignees
dnovillo
Labels
fuzzer-found-issueA note that an issue was found using a fuzzer tool (e.g. GraphicsFuzz)
@afd

Description

@afd
afd
opened on May 21, 2019

I expect this is closely related to #2608 but am filing it in addition as the symptoms are different.

This archive contains the files required to reproduce the problem.

To reproduce, do:

spirv-opt -O small.spv -o temp.spv

I get a segmentation fault in spvtools::opt::Instruction::result_id().

The .frag file exhibits and out-of-bounds access: a is an int[1], and a[i] attempts to index v at 1.

As in #2608, I am unsure what the semantics of out-of-bounds accesses are in SPIR-V, but I note that an OpAccessChain, rather than an OpInBoundsAccessChain, is used; I would assume that the existence of OpInBoundsAccessChain means that OpAccessChain is supposed to account for the out-of-bounds case.

Found via GraphicsFuzz.

Metadata

Metadata

Assignees

Labels

fuzzer-found-issueA note that an issue was found using a fuzzer tool (e.g. GraphicsFuzz)

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions