[Webkit-unassigned] [Bug 268798] New: Crash in TIntermAggregate::getConstantValue() when mArguments is an empty std::vector
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Feb 5 20:01:09 PST 2024
https://bugs.webkit.org/show_bug.cgi?id=268798
Bug ID: 268798
Summary: Crash in TIntermAggregate::getConstantValue() when
mArguments is an empty std::vector
Product: WebKit
Version: Other
Hardware: Unspecified
OS: Unspecified
Status: NEW
Keywords: InRadar
Severity: Normal
Priority: P2
Component: ANGLE
Assignee: webkit-unassigned at lists.webkit.org
Reporter: ddkilzer at webkit.org
CC: dino at apple.com, kbr at google.com, kkinnunen at apple.com
Crash in TIntermAggregate::getConstantValue() when mArguments is an empty std::vector.
The `TIntermAggregate::getConstantValue()` method can be called when `mArguments` is an empty `std::vector`.
There is a Debug assertion to catch this, but on Release builds, calling `std::vector::front()` on an empty vector results in a libc++ assertion.
<rdar://122237051>
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240206/015df2a9/attachment.htm>
More information about the webkit-unassigned
mailing list