dawn-cmake/test/tint/bug/chromium
Ben Clayton c33d10ae79 tint/resolver: Fix bad pointer deref (UAF)
Passing a dereferenced value from Hashmap::Find() directly into Hashmap::Add() is a potential cause of UAF, as the insertion may reallocate the map, invalidating the input reference.

I'll try to think of ways to make this foot-gun harder to do, but this CL fixes the immediate bug found by fuzzers.

Bug: chromium:1383755
Change-Id: I4f8b2fcb0745b008a47ef9947c330afb9ac4e78f
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/110020
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: James Price <jrprice@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
2022-11-13 18:26:25 +00:00
..
1221120.wgsl tint: Deprecated module-scope 'let' for 'const' 2022-06-29 00:55:36 +00:00
1221120.wgsl.expected.dxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1221120.wgsl.expected.fxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1221120.wgsl.expected.glsl tint: Deprecated module-scope 'let' for 'const' 2022-06-29 00:55:36 +00:00
1221120.wgsl.expected.msl tint: Deprecated module-scope 'let' for 'const' 2022-06-29 00:55:36 +00:00
1221120.wgsl.expected.spvasm tint: Deprecated module-scope 'let' for 'const' 2022-06-29 00:55:36 +00:00
1221120.wgsl.expected.wgsl tint: Deprecated module-scope 'let' for 'const' 2022-06-29 00:55:36 +00:00
1236161.wgsl
1236161.wgsl.expected.dxc.hlsl tint: Implement modf and frexp built-ins for f16 types 2022-08-05 15:11:44 +00:00
1236161.wgsl.expected.fxc.hlsl tint: Implement modf and frexp built-ins for f16 types 2022-08-05 15:11:44 +00:00
1236161.wgsl.expected.glsl tint/cmd: Add `--rename-all` flag 2022-11-01 16:12:23 +00:00
1236161.wgsl.expected.msl tint: Implement modf and frexp built-ins for f16 types 2022-08-05 15:11:44 +00:00
1236161.wgsl.expected.spvasm
1236161.wgsl.expected.wgsl
1251009.wgsl Update src/tint unittests to new @stage format. 2022-06-07 13:55:34 +00:00
1251009.wgsl.expected.dxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1251009.wgsl.expected.fxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1251009.wgsl.expected.glsl tint/writer/glsl: Inline constant expressions 2022-06-01 01:11:59 +00:00
1251009.wgsl.expected.msl tint/writer/msl: Inline constant expressions 2022-06-01 10:08:29 +00:00
1251009.wgsl.expected.spvasm
1251009.wgsl.expected.wgsl Update src/tint unittests to new @stage format. 2022-06-07 13:55:34 +00:00
1273230.wgsl Update src/tint unittests to new @stage format. 2022-06-07 13:55:34 +00:00
1273230.wgsl.expected.dxc.hlsl tint/transform: Implement div / mod polyfill 2022-11-09 22:04:11 +00:00
1273230.wgsl.expected.fxc.hlsl tint/transform: Implement div / mod polyfill 2022-11-09 22:04:11 +00:00
1273230.wgsl.expected.glsl Tint/transform: make AddBlockAttribute always do wrapping if possible 2022-11-02 02:25:38 +00:00
1273230.wgsl.expected.msl tint/transform: Implement div / mod polyfill 2022-11-09 22:04:11 +00:00
1273230.wgsl.expected.spvasm tint/transform: Implement div / mod polyfill 2022-11-09 22:04:11 +00:00
1273230.wgsl.expected.wgsl Update src/tint unittests to new @stage format. 2022-06-07 13:55:34 +00:00
1273451.wgsl
1273451.wgsl.expected.dxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1273451.wgsl.expected.fxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1273451.wgsl.expected.glsl
1273451.wgsl.expected.msl When emitting a MSL struct initializer emit the struct name. 2022-08-11 02:28:01 +00:00
1273451.wgsl.expected.spvasm
1273451.wgsl.expected.wgsl
1290107.wgsl Update src/tint unittests to new @stage format. 2022-06-07 13:55:34 +00:00
1290107.wgsl.expected.dxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1290107.wgsl.expected.fxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1290107.wgsl.expected.glsl GLSL: Change Add[Spirv]BlockAttribute to support GLSL 2022-09-02 19:19:10 +00:00
1290107.wgsl.expected.msl tint/writer/msl: Generate an array<T,N> helper 2022-06-24 17:01:59 +00:00
1290107.wgsl.expected.spvasm
1290107.wgsl.expected.wgsl Update src/tint unittests to new @stage format. 2022-06-07 13:55:34 +00:00
1341475.wgsl tint: transform::RemovePhonies: skip builtins with no side effects 2022-08-01 17:21:54 +00:00
1341475.wgsl.expected.dxc.hlsl tint: transform::RemovePhonies: skip builtins with no side effects 2022-08-01 17:21:54 +00:00
1341475.wgsl.expected.fxc.hlsl tint: transform::RemovePhonies: skip builtins with no side effects 2022-08-01 17:21:54 +00:00
1341475.wgsl.expected.glsl tint: transform::RemovePhonies: skip builtins with no side effects 2022-08-01 17:21:54 +00:00
1341475.wgsl.expected.msl tint: transform::RemovePhonies: skip builtins with no side effects 2022-08-01 17:21:54 +00:00
1341475.wgsl.expected.spvasm tint/resolver: Evaluate const-expr swizzles 2022-07-07 17:49:02 +00:00
1341475.wgsl.expected.wgsl tint: transform::RemovePhonies: skip builtins with no side effects 2022-08-01 17:21:54 +00:00
1343242.wgsl tint: Implement const eval of unary complement 2022-07-15 23:54:10 +00:00
1343242.wgsl.expected.dxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1343242.wgsl.expected.fxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1343242.wgsl.expected.glsl tint: Implement const eval of unary complement 2022-07-15 23:54:10 +00:00
1343242.wgsl.expected.msl tint: Implement const eval of unary complement 2022-07-15 23:54:10 +00:00
1343242.wgsl.expected.spvasm tint: Implement const eval of unary complement 2022-07-15 23:54:10 +00:00
1343242.wgsl.expected.wgsl tint: Implement const eval of unary complement 2022-07-15 23:54:10 +00:00
1345468.wgsl tint/resolver: Materialize objects when indexed with non-const index 2022-07-21 15:25:35 +00:00
1345468.wgsl.expected.dxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1345468.wgsl.expected.fxc.hlsl tint/test-runner: Split expectations for FXC and DXC 2022-07-22 17:43:27 +00:00
1345468.wgsl.expected.glsl tint/resolver: Materialize objects when indexed with non-const index 2022-07-21 15:25:35 +00:00
1345468.wgsl.expected.msl tint/resolver: Materialize objects when indexed with non-const index 2022-07-21 15:25:35 +00:00
1345468.wgsl.expected.spvasm tint/resolver: Materialize objects when indexed with non-const index 2022-07-21 15:25:35 +00:00
1345468.wgsl.expected.wgsl tint/resolver: Materialize objects when indexed with non-const index 2022-07-21 15:25:35 +00:00
1350147.wgsl tint: fix builtin calls and binary ops with abstract args of different type 2022-08-10 20:01:17 +00:00
1350147.wgsl.expected.dxc.hlsl tint: fix builtin calls and binary ops with abstract args of different type 2022-08-10 20:01:17 +00:00
1350147.wgsl.expected.fxc.hlsl tint: fix builtin calls and binary ops with abstract args of different type 2022-08-10 20:01:17 +00:00
1350147.wgsl.expected.glsl tint: fix builtin calls and binary ops with abstract args of different type 2022-08-10 20:01:17 +00:00
1350147.wgsl.expected.msl tint: fix builtin calls and binary ops with abstract args of different type 2022-08-10 20:01:17 +00:00
1350147.wgsl.expected.spvasm tint: fix builtin calls and binary ops with abstract args of different type 2022-08-10 20:01:17 +00:00
1350147.wgsl.expected.wgsl wgsl: Print abstract-floats with full precision. 2022-10-12 19:13:38 +00:00
1360925.wgsl tint: Fix transform errors when calling arrayLength() as a statement 2022-09-09 20:42:29 +00:00
1360925.wgsl.expected.dxc.hlsl tint: Fix transform errors when calling arrayLength() as a statement 2022-09-09 20:42:29 +00:00
1360925.wgsl.expected.fxc.hlsl tint: Fix transform errors when calling arrayLength() as a statement 2022-09-09 20:42:29 +00:00
1360925.wgsl.expected.glsl tint: Fix transform errors when calling arrayLength() as a statement 2022-09-09 20:42:29 +00:00
1360925.wgsl.expected.msl tint: Fix transform errors when calling arrayLength() as a statement 2022-09-09 20:42:29 +00:00
1360925.wgsl.expected.spvasm tint: Fix transform errors when calling arrayLength() as a statement 2022-09-09 20:42:29 +00:00
1360925.wgsl.expected.wgsl tint: Fix transform errors when calling arrayLength() as a statement 2022-09-09 20:42:29 +00:00
1367602_function_space_initializer_valid_count.wgsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_initializer_valid_count.wgsl.expected.dxc.hlsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_initializer_valid_count.wgsl.expected.fxc.hlsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_initializer_valid_count.wgsl.expected.glsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_initializer_valid_count.wgsl.expected.msl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_initializer_valid_count.wgsl.expected.spvasm Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_initializer_valid_count.wgsl.expected.wgsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_no_initializer_valid_count.wgsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_no_initializer_valid_count.wgsl.expected.dxc.hlsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_no_initializer_valid_count.wgsl.expected.fxc.hlsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_no_initializer_valid_count.wgsl.expected.glsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_no_initializer_valid_count.wgsl.expected.msl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_no_initializer_valid_count.wgsl.expected.spvasm Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_function_space_no_initializer_valid_count.wgsl.expected.wgsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_initializer_valid_count.wgsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_initializer_valid_count.wgsl.expected.dxc.hlsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_initializer_valid_count.wgsl.expected.fxc.hlsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_initializer_valid_count.wgsl.expected.glsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_initializer_valid_count.wgsl.expected.msl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_initializer_valid_count.wgsl.expected.spvasm Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_initializer_valid_count.wgsl.expected.wgsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_no_initializer_valid_count.wgsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_no_initializer_valid_count.wgsl.expected.dxc.hlsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_no_initializer_valid_count.wgsl.expected.fxc.hlsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_no_initializer_valid_count.wgsl.expected.glsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_no_initializer_valid_count.wgsl.expected.msl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_no_initializer_valid_count.wgsl.expected.spvasm Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_private_space_no_initializer_valid_count.wgsl.expected.wgsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_storage_space.wgsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_storage_space.wgsl.expected.dxc.hlsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_storage_space.wgsl.expected.fxc.hlsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_storage_space.wgsl.expected.glsl Tint/transform: make AddBlockAttribute always do wrapping if possible 2022-11-02 02:25:38 +00:00
1367602_storage_space.wgsl.expected.msl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1367602_storage_space.wgsl.expected.spvasm Tint/transform: make AddBlockAttribute always do wrapping if possible 2022-11-02 02:25:38 +00:00
1367602_storage_space.wgsl.expected.wgsl Tint/E2E: Fix testcases for bug/chromium/1367602 2022-10-14 02:50:38 +00:00
1372963.wgsl tint: Fix C++ UB when shifting abstract 0 left by >= 64 2022-10-18 20:17:55 +00:00
1372963.wgsl.expected.dxc.hlsl tint: Fix C++ UB when shifting abstract 0 left by >= 64 2022-10-18 20:17:55 +00:00
1372963.wgsl.expected.fxc.hlsl tint: Fix C++ UB when shifting abstract 0 left by >= 64 2022-10-18 20:17:55 +00:00
1372963.wgsl.expected.glsl tint: Fix C++ UB when shifting abstract 0 left by >= 64 2022-10-18 20:17:55 +00:00
1372963.wgsl.expected.msl tint: Fix C++ UB when shifting abstract 0 left by >= 64 2022-10-18 20:17:55 +00:00
1372963.wgsl.expected.spvasm tint: Fix C++ UB when shifting abstract 0 left by >= 64 2022-10-18 20:17:55 +00:00
1372963.wgsl.expected.wgsl Update lexer to not include `-` in numbers. 2022-10-26 15:20:47 +00:00
1381883.wgsl tint/resolver: Resolve dependencies of parameter attributes 2022-11-07 13:15:21 +00:00
1381883.wgsl.expected.dxc.hlsl tint/resolver: Resolve dependencies of parameter attributes 2022-11-07 13:15:21 +00:00
1381883.wgsl.expected.fxc.hlsl tint/resolver: Resolve dependencies of parameter attributes 2022-11-07 13:15:21 +00:00
1381883.wgsl.expected.glsl tint/resolver: Resolve dependencies of parameter attributes 2022-11-07 13:15:21 +00:00
1381883.wgsl.expected.msl tint/resolver: Resolve dependencies of parameter attributes 2022-11-07 13:15:21 +00:00
1381883.wgsl.expected.spvasm tint/resolver: Resolve dependencies of parameter attributes 2022-11-07 13:15:21 +00:00
1381883.wgsl.expected.wgsl tint/resolver: Resolve dependencies of parameter attributes 2022-11-07 13:15:21 +00:00
1383755.wgsl tint/resolver: Fix bad pointer deref (UAF) 2022-11-13 18:26:25 +00:00
1383755.wgsl.expected.dxc.hlsl tint/resolver: Fix bad pointer deref (UAF) 2022-11-13 18:26:25 +00:00
1383755.wgsl.expected.fxc.hlsl tint/resolver: Fix bad pointer deref (UAF) 2022-11-13 18:26:25 +00:00
1383755.wgsl.expected.glsl tint/resolver: Fix bad pointer deref (UAF) 2022-11-13 18:26:25 +00:00
1383755.wgsl.expected.msl tint/resolver: Fix bad pointer deref (UAF) 2022-11-13 18:26:25 +00:00
1383755.wgsl.expected.spvasm tint/resolver: Fix bad pointer deref (UAF) 2022-11-13 18:26:25 +00:00
1383755.wgsl.expected.wgsl tint/resolver: Fix bad pointer deref (UAF) 2022-11-13 18:26:25 +00:00