qf/quakeforge
0
0
Fork 0
mirror of https://git.code.sf.net/p/quake/quakeforge synced 2025-04-16 06:11:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

[vulkan] Deal with some ubsan complaints

Browse source 
One is potentially legit (depends on what really happens when allocating
0-length arrays on the stack), but the offset null pointer ones are
dubious as `a` should never be null when `size` is non-zero, and when
`size` is zero, everything gets corrected.
This commit is contained in:
Bill Currie 2024-09-24 11:31:36 +09:00
parent 9713e7764c
commit 83c65e6abd
3 changed files with 19 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
libs/video/renderer/vulkan/render_load.c
View file

@ -536,7 +536,7 @@ find_layout (const qfv_reference_t *ref, objstate_t *s)
for (uint32_t i = 0; i < li->num_sets; i++) {
sets[i] = find_descriptorSet (&li->sets[i], s);
}
VkPushConstantRange ranges[li->num_pushconstantranges];
VkPushConstantRange ranges[li->num_pushconstantranges + 1];
uint32_t offset = 0;
for (uint32_t i = 0; i < li->num_pushconstantranges; i++) {
offset = parse_pushconstantrange (&ranges[i],

12
libs/video/renderer/vulkan/vulkan_bsp.c
View file

@ -971,6 +971,13 @@ queue_faces (bsp_pass_t *pass, QFV_BspPass pass_ind,
}
size_t dq_size = pass->draw_queues[dq].size;
// ubsan complains about a non-zero offset applied to a null
// pointer when both size is 0 and a is null: quite right, but
// when a is null, size must be 0 or there will be bigger
// problems. When size is 0, the array gets initialized if it's
// not already (ie, if a is null) then the pointer is
// recalculated. Thus while not quite a false-positive, it's a
// non-issue
bsp_draw_t *draw = &pass->draw_queues[dq].a[dq_size - 1];
if (!pass->draw_queues[dq].size
|| draw->tex_id != i
@ -1336,7 +1343,10 @@ bsp_visit_world (const exprval_t **params, exprval_t *result, exprctx_t *ectx)
pass->position = r_refdef.frame.position;
pass->vis_frame = r_visstate.visframecount;
}
pass->brush = &r_refdef.worldmodel->brush;
pass->brush = nullptr;
if (r_refdef.worldmodel) {
pass->brush = &r_refdef.worldmodel->brush;
}
EntQueue_Clear (pass->entqueue);

8
libs/video/renderer/vulkan/vulkan_draw.c
View file

@ -1251,9 +1251,15 @@ Vulkan_Draw_Init (vulkan_ctx_t *ctx)
static inline descbatch_t *
get_desc_batch (drawframe_t *frame, int descid, uint32_t ind_count)
{
// ubsan complains about a non-zero offset applied to a null pointer when
// both size is 0 and a is null: quite right, but when a is null, size
// must be 0 or there will be bigger problems. When size is 0, the array
// gets initialized if it's not already (ie, if a is null) then the
// pointer is recalculated. Thus while not quite a false-positive, it's
// a non-issue
descbatch_t *batch = &frame->quad_batch.a[frame->quad_batch.size - 1];
if (!frame->quad_batch.size || batch->descid != descid
|| ((batch->count & (0xff << 24)) != (ind_count << 24))) {
|| ((batch->count & (0xffu << 24)) != (ind_count << 24))) {
DARRAY_APPEND(&frame->quad_batch, ((descbatch_t) { .descid = descid }));
batch = &frame->quad_batch.a[frame->quad_batch.size - 1];
batch->count = ind_count << 24;