Last Comment Bug 669813 - Assertion failed: (ch == '\0'), function ReadToken
: Assertion failed: (ch == '\0'), function ReadToken
Status: RESOLVED FIXED
: testcase
Product: Core
Classification: Components
Component: Canvas: WebGL (show other bugs)
: Trunk
: All All
: -- major (vote)
: ---
Assigned To: Jeff Gilbert [:jgilbert]
:
: Milan Sreckovic [:milan]
Mentors:
http://code.google.com/p/angleproject...
Depends on: 734657 742138
Blocks: 658170
  Show dependency treegraph
 
Reported: 2011-07-06 19:33 PDT by Christoph Diehl [:posidron]
Modified: 2012-05-07 17:55 PDT (History)
8 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---
-
wontfix
-
affected
-
affected
-
affected


Attachments
callstack (12.28 KB, text/plain)
2011-07-06 19:33 PDT, Christoph Diehl [:posidron]
no flags Details
testcase (2.85 KB, text/html)
2011-07-06 19:34 PDT, Christoph Diehl [:posidron]
no flags Details
testcase - reduced (1.72 KB, text/html)
2011-07-07 08:47 PDT, Christoph Diehl [:posidron]
no flags Details
Parse octal/hexadecimal literals properly. (2.47 KB, patch)
2012-04-03 19:24 PDT, Jeff Gilbert [:jgilbert]
no flags Details | Diff | Splinter Review

Description Christoph Diehl [:posidron] 2011-07-06 19:33:33 PDT
Created attachment 544397 [details]
callstack

This bug was discovered during a manual audit for bug: https://bugzilla.mozilla.org/show_bug.cgi?id=668366
Comment 1 Christoph Diehl [:posidron] 2011-07-06 19:34:03 PDT
Created attachment 544398 [details]
testcase
Comment 2 Christoph Diehl [:posidron] 2011-07-07 08:47:12 PDT
Created attachment 544503 [details]
testcase - reduced

reduced testcase. looks like something went wrong during the assignment of the int variable and not during the uniform indexing.
Comment 3 Daniel Veditz [:dveditz] 2011-07-13 16:41:53 PDT
Since I can't see the ANGLE bug I'm going to assume they are considering this a security vulnerability -> sg:critical until we know more.
Comment 4 daniel-bzmz 2011-07-13 17:06:12 PDT
This appears to be a simple bug in the preprocessor, which doesn't handle hexadecimal numbers correctly. As far as we can tell, it will only cause a compilation error and is not a security issue.
Comment 5 Daniel Veditz [:dveditz] 2011-07-14 13:18:51 PDT
Does that mean you'll unhide the angleproject bug linked here?
Comment 6 daniel-bzmz 2011-07-15 05:48:56 PDT
(In reply to comment #5)
> Does that mean you'll unhide the angleproject bug linked here?
Done
Comment 7 Benoit Jacob [:bjacob] (mostly away) 2011-07-24 21:37:26 PDT
remove sg:critical?
Comment 8 Jeff Gilbert [:jgilbert] 2012-04-03 17:51:56 PDT
This seems to just result in a link error on non-debug builds. It does crash on debug builds though.
Comment 9 Jeff Gilbert [:jgilbert] 2012-04-03 19:00:16 PDT
Basically, ANGLE interprets all integer literals as decimal. GLSL accepts octal and hexadecimal, and it seems like these should be required. Further, it appears that we must not be testing for these in the conformance tests.
Comment 10 Jeff Gilbert [:jgilbert] 2012-04-03 19:24:30 PDT
Created attachment 612064 [details] [diff] [review]
Parse octal/hexadecimal literals properly.

Prerequisite patch is the patch for too-large-tokens at bug 742138.
Comment 11 Kenneth Russell 2012-04-03 19:31:42 PDT
Please file a bug on http://angleproject.googlecode.com/ and attach this patch for review and comment. Someone knowledgeable about the parser in ANGLE's shader translator (alokp at chromium.org in particular) should review this patch.
Comment 12 Jeff Gilbert [:jgilbert] 2012-04-04 01:30:45 PDT
(In reply to Kenneth Russell from comment #11)
> Please file a bug on http://angleproject.googlecode.com/ and attach this
> patch for review and comment. Someone knowledgeable about the parser in
> ANGLE's shader translator (alokp at chromium.org in particular) should
> review this patch.

Both have respective ANGLE bugs, but I just need to figure out what format the patch should be in. bjacob is more familiar with this process, so I'll sync up with him tomorrow.
Comment 13 daniel-bzmz 2012-04-04 05:39:07 PDT
Either an SVN diff or git diff would be fine.
Comment 14 Jeff Gilbert [:jgilbert] 2012-04-04 16:43:10 PDT
(In reply to daniel-bzmz from comment #13)
> Either an SVN diff or git diff would be fine.

I posted git diffs, but would hg diffs work, for future reference?
Also, I'm not sure how to trigger review, so the diffs are merely attached for now.
Comment 15 Benoit Jacob [:bjacob] (mostly away) 2012-04-05 10:17:40 PDT
Note that hg knows how to generate git diffs:

  hg diff -g
  hg export -g
Comment 16 Benoit Jacob [:bjacob] (mostly away) 2012-04-07 08:07:51 PDT
Comment on attachment 612064 [details] [diff] [review]
Parse octal/hexadecimal literals properly.

Waiting for review by real ANGLE devs.
Comment 17 Benoit Jacob [:bjacob] (mostly away) 2012-04-16 09:09:49 PDT
Fixed by update to ANGLE r1042 (bug 734657) which includes the fix for http://code.google.com/p/angleproject/issues/detail?id=178

Note You need to log in before you can comment on or make changes to this bug.