Closed Bug 597946 Opened 10 years ago Closed 9 years ago
GL - GL driver crashes when fragment shader contains bad #ifdef and ANGLE is used
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0b7pre) Gecko/20100919 Firefox/4.0b7pre Build Identifier: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0b7pre) Gecko/20100919 Firefox/4.0b7pre Browser freezes when JS program tries to compile a bad fragment shader like this: --------------- #ifdef GL_ES ---------------This code misses a closing #endif. Reproducible: Always Steps to Reproduce: 1. Enable WebGL 2. Open http://gyu.que.jp/private/badshader.html Actual Results: Browser freezes. Expected Results: An alert window is displayed.
This is really funny: - with the ANGLE shader validator/translator turned on (default), I confirm the crash. It's the graphics driver that's crashing, not Firefox. This means that the ANGLE translator is doing 2 bad things: failing to validate the shader, AND generating a bad shader as output. - with the ANGLE shader validator/translator turned off, here I get the expected result ... which means that my NVIDIA driver is doing a fine job by itself. Forwarding this bug to the ANGLE project. Thanks for a great test case.
Summary: WebGL - Browser freezes when fragment shader contains bad #ifdef → WebGL - GL driver crashes when fragment shader contains bad #ifdef and ANGLE is used
Status: UNCONFIRMED → NEW
Ever confirmed: true
Bug still exists as of today. Still waiting on upstream bug (comment 2) to be fixed.
OS: Mac OS X → All
Hardware: x86 → All
This is the same patch that I attached to angle bug 40 upstream. A second patch is coming for the Mozilla bits. This fixes the bug for me: the test case no longer freezes, and gives the expected shader compilation errors.
Attachment #497023 - Flags: review?(vladimir)
Notice wrt the 'mozilla cosmetics' bug that it exposes a Bugzilla patch viewer bug. Use raw text view.
Comment on attachment 497023 [details] [diff] [review] fix angle preprocessor: was freezing on bad ifdef maybe something like while (token && token != '\n'), assuming that scan returns null on no more tokens? I guess it doesn't matter, it's a compilation error no matter what, so doesn't matter if later errors are busted/ignored.
Attachment #497023 - Flags: review?(vladimir) → review+
Comment on attachment 497024 [details] [diff] [review] mozilla cosmetics No need for review on these bits, just check them in with the right patch.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.