Fixed a few spots where SkSL optimizer was not respecting side effects

This was affecting expressions such as 0 * float4(<expr>), which would be collapsed down to float4(0) - in some cases even if <expr> had side effects. This is obviously incorrect no matter what, but to make matters worse it could lead to a use-after-free when we eliminated an assignment which we were tracking as the current definition of a variable. Bug: skia:7467 Change-Id: I91ba154c57dad9cadf36b6062bec3211557248e0 Reviewed-on: https://skia-review.googlesource.com/98704 Reviewed-by: Greg Daniel <egdaniel@google.com> Commit-Queue: Ethan Nicholas <ethannicholas@google.com>
author: Ethan Nicholas <ethannicholas@google.com> 2018-01-23 10:31:56 -0500
committer: Skia Commit-Bot <skia-commit-bot@chromium.org> 2018-01-23 18:18:37 +0000
commit: 08dae924f63cd00153ec365074ad498dbb8ab5ab (patch)
tree: 053787481fddf423577c028a83240b6905afc4a4 /src
parent: d8327a8c8bad870112b574c4533270370f5c1ccf (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/src/sksl/SkSLCompiler.cpp b/src/sksl/SkSLCompiler.cpp
index 17a205ced5..7589da98ee 100644
--- a/src/sksl/SkSLCompiler.cpp
+++ b/src/sksl/SkSLCompiler.cpp
@@ -713,7 +713,8 @@ void Compiler::simplifyExpression(DefinitionMap& definitions,
                     }
                     else if (is_constant(*bin->fLeft, 0)) {
                         if (bin->fLeft->fType.kind() == Type::kScalar_Kind &&
-                            bin->fRight->fType.kind() == Type::kVector_Kind) {
+                            bin->fRight->fType.kind() == Type::kVector_Kind &&
+                            !bin->fRight->hasSideEffects()) {
                             // 0 * float4(x) -> float4(0)
                             vectorize_left(&b, iter, outUpdated, outNeedsRescan);
                         } else {
@@ -739,7 +740,8 @@ void Compiler::simplifyExpression(DefinitionMap& definitions,
                     }
                     else if (is_constant(*bin->fRight, 0)) {
                         if (bin->fLeft->fType.kind() == Type::kVector_Kind &&
-                            bin->fRight->fType.kind() == Type::kScalar_Kind) {
+                            bin->fRight->fType.kind() == Type::kScalar_Kind &&
+                            !bin->fLeft->hasSideEffects()) {
                             // float4(x) * 0 -> float4(0)
                             vectorize_right(&b, iter, outUpdated, outNeedsRescan);
                         } else {
@@ -805,7 +807,8 @@ void Compiler::simplifyExpression(DefinitionMap& definitions,
                         }
                     } else if (is_constant(*bin->fLeft, 0)) {
                         if (bin->fLeft->fType.kind() == Type::kScalar_Kind &&
-                            bin->fRight->fType.kind() == Type::kVector_Kind) {
+                            bin->fRight->fType.kind() == Type::kVector_Kind &&
+                            !bin->fRight->hasSideEffects()) {
                             // 0 / float4(x) -> float4(0)
                             vectorize_left(&b, iter, outUpdated, outNeedsRescan);
                         } else {
author	Ethan Nicholas <ethannicholas@google.com>	2018-01-23 10:31:56 -0500
committer	Skia Commit-Bot <skia-commit-bot@chromium.org>	2018-01-23 18:18:37 +0000
commit	08dae924f63cd00153ec365074ad498dbb8ab5ab (patch)
tree	053787481fddf423577c028a83240b6905afc4a4 /src
parent	d8327a8c8bad870112b574c4533270370f5c1ccf (diff)