From d46aeb030fa76854d2e7e64a25849b887defe4da Mon Sep 17 00:00:00 2001 From: Yong He Date: Thu, 28 Dec 2017 06:53:19 -0500 Subject: Fix NameExprType returning deleted canonical type when it's in a generic parent. fixes #339 `NamedExpressionType::CreateCanonicalType()` may return a deleted pointer. The original implementation is as follows: ``` Type* NamedExpressionType::CreateCanonicalType() { return GetType(declRef)->GetCanonicalType(); } ``` If `GetType()` returns a newly constructed Type (this happens when the `typedef` is defined inside a generic parent, which triggers a non-trivial substitution), the temporary type will be deleted when the function returns. The fix is to store the temporary type as a field of NamedExpressionType (`innerType`). A relevant fix (though not the true cause of issue #339) is to have `Type::GetCanonicalType()` also hold a `RefPtr` to the constructed canonical type, when the canonical type is not `this`. This prevents a returned canonical type being assigned to a RefPtr, which makes it possible for that RefPtr to be the sole owner of the canonical type and deleteing the canonical type when that RefPtr is destroyed. --- source/slang/syntax-base-defs.h | 1 + source/slang/syntax.cpp | 6 +++- source/slang/type-defs.h | 3 +- tests/compute/typedef-member.slang | 38 +++++++++++++++++++++++++ tests/compute/typedef-member.slang.expected.txt | 4 +++ 5 files changed, 50 insertions(+), 2 deletions(-) create mode 100644 tests/compute/typedef-member.slang create mode 100644 tests/compute/typedef-member.slang.expected.txt diff --git a/source/slang/syntax-base-defs.h b/source/slang/syntax-base-defs.h index fdb2694a9..1853125a8 100644 --- a/source/slang/syntax-base-defs.h +++ b/source/slang/syntax-base-defs.h @@ -121,6 +121,7 @@ protected: virtual Type* CreateCanonicalType() = 0; Type* canonicalType = nullptr; + RefPtr canonicalTypeRefPtr; Session* session = nullptr; ) diff --git a/source/slang/syntax.cpp b/source/slang/syntax.cpp index 9ca2dc827..ca66e2110 100644 --- a/source/slang/syntax.cpp +++ b/source/slang/syntax.cpp @@ -189,6 +189,8 @@ void Type::accept(IValVisitor* visitor, void* extra) { // TODO(tfoley): worry about thread safety here? et->canonicalType = et->CreateCanonicalType(); + if (dynamic_cast(et->canonicalType) != this) + et->canonicalTypeRefPtr = et->canonicalType; SLANG_ASSERT(et->canonicalType); } return et->canonicalType; @@ -861,7 +863,9 @@ void Type::accept(IValVisitor* visitor, void* extra) Type* NamedExpressionType::CreateCanonicalType() { - return GetType(declRef)->GetCanonicalType(); + if (!innerType) + innerType = GetType(declRef); + return innerType->GetCanonicalType(); } int NamedExpressionType::GetHashCode() diff --git a/source/slang/type-defs.h b/source/slang/type-defs.h index d0b2ebac1..e7310768a 100644 --- a/source/slang/type-defs.h +++ b/source/slang/type-defs.h @@ -420,9 +420,10 @@ END_SYNTAX_CLASS() // A type alias of some kind (e.g., via `typedef`) SYNTAX_CLASS(NamedExpressionType, Type) - DECL_FIELD(DeclRef, declRef) +DECL_FIELD(DeclRef, declRef) RAW( + RefPtr innerType; NamedExpressionType() {} NamedExpressionType( diff --git a/tests/compute/typedef-member.slang b/tests/compute/typedef-member.slang new file mode 100644 index 000000000..dbf4dcdc1 --- /dev/null +++ b/tests/compute/typedef-member.slang @@ -0,0 +1,38 @@ +//TEST(compute):COMPARE_COMPUTE:-xslang -use-ir +//TEST_INPUT:ubuffer(data=[0 0 0 0], stride=4):dxbinding(0),glbinding(0),out + +// Confirm that a struct type defined in a generic parent works + +RWStructuredBuffer outputBuffer; + +struct SubType +{ + T x; +}; + +struct GenStruct +{ + typedef SubType SubTypeT; + T getVal(SubTypeT v) + { + return v.x; + } +}; + +float test(float val) +{ + GenStruct.SubTypeT sb; + sb.x = val; + GenStruct obj; + return obj.getVal(sb); +} + + +[numthreads(4, 1, 1)] +void computeMain(uint3 dispatchThreadID : SV_DispatchThreadID) +{ + uint tid = dispatchThreadID.x; + float inVal = float(tid); + float outVal = test(inVal); + outputBuffer[tid] = outVal.x; +} \ No newline at end of file diff --git a/tests/compute/typedef-member.slang.expected.txt b/tests/compute/typedef-member.slang.expected.txt new file mode 100644 index 000000000..98798bd61 --- /dev/null +++ b/tests/compute/typedef-member.slang.expected.txt @@ -0,0 +1,4 @@ +0 +3F800000 +40000000 +40400000 \ No newline at end of file -- cgit v1.2.3