Crash in TIntermConstantUnion::getUnionArrayPointer with this=null, called from yyparse

[GoogleCodeExporter]

This is https://bugzilla.mozilla.org/show_bug.cgi?id=698963

Reduced testcase attached.

Useful comment: https://bugzilla.mozilla.org/show_bug.cgi?id=698963#c3

> The problem is:
> 
> uniform mat4 foo; 
> foo[--vec4()[3]];

call stack: https://bug698963.bugzilla.mozilla.org/attachment.cgi?id=571224

#0  0x0000000104123631 in TIntermConstantUnion::getUnionArrayPointer (this=0x0) 
at intermediate.h:358
#1  0x000000010415c733 in yyparse (context=0x7fff5fbfaf70) at 
/Users/cdiehl/Mozilla/mz-central/gfx/angle/src/compiler/glslang_tab.cpp:2237
#2  0x000000010416c382 in glslang_parse (context=0x7fff5fbfaf70) at 
/Users/cdiehl/Mozilla/mz-central/gfx/angle/src/compiler/glslang_tab.cpp:4732
#3  0x000000010412ad7e in PaParseStrings (count=1, string=0x7fff5fbfb1d0, 
length=0x0, context=0x7fff5fbfaf70) at 
/Users/cdiehl/Mozilla/mz-central/gfx/angle/src/compiler/ParseHelper.cpp:1446
#4  0x00000001040fd5ca in TCompiler::compile (this=0x12092ac50, 
shaderStrings=0x7fff5fbfb1d0, numStrings=1, compileOptions=5) at 
/Users/cdiehl/Mozilla/mz-central/gfx/angle/src/compiler/Compiler.cpp:149
#5  0x0000000104138dc6 in ShCompile (handle=0x12092ac50, 
shaderStrings=0x7fff5fbfb1d0, numStrings=1, compileOptions=4) at 
/Users/cdiehl/Mozilla/mz-central/gfx/angle/src/compiler/ShaderLang.cpp:169

Original issue reported on code.google.com by jacob.be...@gmail.com on 2 Nov 2011 at 8:22

• Merged into: #381

Attachments:

• testcase.html

[GoogleCodeExporter]

Original comment by jacob.be...@gmail.com on 2 Nov 2011 at 8:34

• Changed title: Crash in TIntermConstantUnion::getUnionArrayPointer with this=null, called from yyparse

[GoogleCodeExporter]

Original comment by kbr@chromium.org on 4 Nov 2011 at 12:43

[GoogleCodeExporter]

Original comment by z...@google.com on 27 Feb 2013 at 9:25

• Changed state: Duplicate