241429 2022-06-08 12:15:27 -0700 REGRESSION(r295372): [Win, WinCairo] 30 tests crash when creating ImageData 2022-06-08 17:20:14 -0700 1 1 1 Unclassified WebKit Layout and Rendering WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED https://bugs.webkit.org/show_bug.cgi?id=240810 InRadar P2 Normal --- 1 sabouhallawa sabouhallawa bfulgham fujii simon.fraser webkit-bug-importer zalan oldest_to_newest 1874778 0 sabouhallawa 2022-06-08 12:15:27 -0700 This is an example for the failed tests from the Windows bots https://ews-build.webkit.org/#/builders/10/builds/137204. And these are the crash logs from the WinCairo bots https://build.webkit.org/results/WinCairo-64-bit-WKL-Release-Tests/251390@main%20(6948)/. EXCEPTION_RECORD: (.exr -1) .exr -1 ExceptionAddress: 00007ffd74e5405b (WebKit!WebCore::ImageData::{ctor}+0x0000000000000006) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 0000000000000000 Parameter[1]: 0000000000000010 Attempt to read from address 0000000000000010 . 0 Id: 1c84.10f0 Suspend: 1 Teb: 000000bd`d6b44000 Unfrozen # Child-SP RetAddr Call Site 00 (Inline Function) --------`-------- WebKit!WebCore::ImageData::{ctor}+0x6 [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\Source\WebCore\html\ImageData.cpp @ 148] 01 000000bd`d6cfc770 00007ffd`74e84da1 WebKit!WebCore::ImageData::create(class WTF::Ref<WebCore::ByteArrayPixelBuffer,WTF::RawPtrTraits<WebCore::ByteArrayPixelBuffer> > * pixelBuffer = 0x000000bd`d6cfc800)+0x7b [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\Source\WebCore\html\ImageData.cpp @ 56] 02 000000bd`d6cfc7d0 00007ffd`74360dc9 WebKit!WebCore::CanvasRenderingContext2DBase::getImageData(int sx = <Value unavailable error>, int sy = <Value unavailable error>, int sw = 0n1, int sh = 0n1, class std::optional<WebCore::ImageDataSettings> * settings = 0x000000bd`d6cfc910)+0x251 [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\Source\WebCore\html\canvas\CanvasRenderingContext2DBase.cpp @ 2199] 03 000000bd`d6cfc890 00007ffd`74360a9a WebKit!WebCore::jsCanvasRenderingContext2DPrototypeFunction_getImageDataBody(class JSC::JSGlobalObject * lexicalGlobalObject = 0x00000282`f68c8758, class JSC::CallFrame * callFrame = <Value unavailable error>, class WebCore::JSCanvasRenderingContext2D * castedThis = 0x00000282`f75cc278)+0x309 [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\WebKitBuild\Release\WebCore\DerivedSources\JSCanvasRenderingContext2D.cpp @ 2348] 04 (Inline Function) --------`-------- WebKit!WebCore::IDLOperation<WebCore::JSCanvasRenderingContext2D>::call+0x41 [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\Source\WebCore\bindings\js\JSDOMOperation.h @ 63] 05 000000bd`d6cfca30 00000282`b64e11be WebKit!WebCore::jsCanvasRenderingContext2DPrototypeFunction_getImageData(class JSC::JSGlobalObject * lexicalGlobalObject = 0x00000282`f68c8758, class JSC::CallFrame * callFrame = 0x000000bd`d6cfca90)+0x5a [C:\BW\WinCairo-64-bit-WKL-Release-Build\build\WebKitBuild\Release\WebCore\DerivedSources\JSCanvasRenderingContext2D.cpp @ 2354] 06 000000bd`d6cfca70 00000282`b64e1180 0x00000282`b64e11be 07 000000bd`d6cfca78 00000000`00000000 0x00000282`b64e1180 1874804 1 sabouhallawa 2022-06-08 13:59:37 -0700 Pull request: https://github.com/WebKit/WebKit/pull/1391 1874812 2 fujii 2022-06-08 14:18:47 -0700 WTFMove(pixelBuffer) was evaluated before evaluating pixelBuffer->size(). 1874852 3 ews-feeder 2022-06-08 17:19:11 -0700 Committed r295402 (251408@main): <https://commits.webkit.org/251408@main> Reviewed commits have been landed. Closing PR #1391 and removing active labels. 1874853 4 webkit-bug-importer 2022-06-08 17:20:14 -0700 <rdar://problem/94677774>