search

shairai / angleproject

Automatically exported from code.google.com/p/angleproject
Other
0 stars 0 forks source link

ESSL compiler crash on Galaxy S II, null deref in TOutputGLSLBase::writeConstantUnion #231

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
This is https://bugzilla.mozilla.org/show_bug.cgi?id=687554

This is a Firefox Mobile / Android crash.

It's initially been reported in the ro.me demo against ANGLE r740.

Since then it's been confirmed in http://media.tojicode.com/q3bsp/ against 
ANGLE r774

It seems to only happen on Galaxy S II (Exynos 4210 chipset w/ Mali-400 MP GPU)

Crash report:
https://crash-stats.mozilla.com/report/index/bp-ca064039-fb96-4e22-89f0-5ef80211
1007

It's a null deref; stack:

0   libmozutils.so  arena_dalloc    memory/jemalloc/jemalloc.c:4317
1   libmozutils.so  __wrap_free     memory/jemalloc/jemalloc.c:6271
2   libmozalloc.so  moz_free    memory/mozalloc/mozalloc.cpp:98
3   libxul.so   std::__node_alloc::deallocate   mozalloc.h:253
4   libxul.so   std::priv::_String_base<char, std::allocator<char> 
>::_M_deallocate_block  _string_base.h:102
5   libxul.so   std::basic_string<char, std::char_traits<char>, 
std::allocator<char> >::_M_append   _string_base.h:160
6   libxul.so   TOutputGLSLBase::writeConstantUnion     _string_base.h:156
7   libxul.so   TOutputGLSLBase::visitConstantUnion 
    gfx/angle/src/compiler/OutputGLSLBase.cpp:208
8   libxul.so   TIntermConstantUnion::traverse 
    gfx/angle/src/compiler/IntermTraverse.cpp:34
9   libxul.so   TIntermBinary::traverse 
    gfx/angle/src/compiler/IntermTraverse.cpp:82
10  libxul.so   TIntermAggregate::traverse 
    gfx/angle/src/compiler/IntermTraverse.cpp:163
11  libxul.so   TIntermBinary::traverse 
    gfx/angle/src/compiler/intermediate.h:547
12  libxul.so   TOutputGLSLBase::visitAggregate 
    gfx/angle/src/compiler/OutputGLSLBase.cpp:456
13  libxul.so   TIntermAggregate::traverse 
    gfx/angle/src/compiler/IntermTraverse.cpp:135
14  libxul.so   TOutputGLSLBase::visitCodeBlock 
    gfx/angle/src/compiler/OutputGLSLBase.cpp:713
15  libxul.so   TOutputGLSLBase::visitAggregate 
    gfx/angle/src/compiler/intermediate.h:547
16  libxul.so   TIntermAggregate::traverse 
    gfx/angle/src/compiler/IntermTraverse.cpp:135
17  libxul.so   TOutputGLSLBase::visitAggregate 
    gfx/angle/src/compiler/OutputGLSLBase.cpp:456
18  libxul.so   TIntermAggregate::traverse 
    gfx/angle/src/compiler/IntermTraverse.cpp:135
19  libxul.so   TranslatorESSL::translate 
    gfx/angle/src/compiler/OutputGLSLBase.h:17
20  libxul.so   TCompiler::compile  gfx/angle/src/compiler/Compiler.cpp:182
21  libxul.so   ShCompile   gfx/angle/src/compiler/ShaderLang.cpp:169
22  libxul.so   mozilla::WebGLContext::CompileShader 
    content/canvas/src/WebGLContextGL.cpp:4043
23  libxul.so   nsIDOMWebGLRenderingContext_CompileShader 
    obj-firefox/js/src/xpconnect/src/dom_quickstubs.cpp:29960

Original issue reported on code.google.com by jacob.be...@gmail.com on 16 Oct 2011 at 5:52

GoogleCodeExporter commented 9 years ago 
This issue, and all other allocator-mismatch issues we reported, were all our 
fault (not properly wrapping malloc when we try to use jemalloc). Sorry for the 
noise.

Original comment by jacob.be...@gmail.com on 26 Oct 2012 at 7:55