90165 2012-06-28 05:50:28 -0700 [Qt][WK1] css3/filters/huge-region-composited.html makes css3/filters/huge-region.html crash 2014-02-03 03:21:32 -0800 1 1 1 Unclassified WebKit Tools / Tests 528+ (Nightly build) All All RESOLVED INVALID Qt, QtTriaged P1 Critical --- 79668 1 ossy webkit-unassigned noam ossy zherczeg oldest_to_newest 659444 0 ossy 2012-06-28 05:50:28 -0700 After https://bugs.webkit.org/show_bug.cgi?id=90164 fixed css3/filters/huge-region.html will started to crash It didn't crash before, because Accelerated Composition was disabled by a previous test. But with AC, it crashes if css3/filters/huge-region-composited.html runs before it. You can easily reproduce it independently of the status of bug90164, because AC is enabled by default, and these tests don't disable it: - Tools/Scripts/run-webkit-tests css3/filters/huge-region-composited.html css3/filters/huge-region.html 659451 1 ossy 2012-06-28 06:10:39 -0700 Here is the debug crash log: crash log for DumpRenderTree (pid 10171): STDOUT: <empty> STDERR: ASSERTION FAILED: m_ptr STDERR: ../../../../Source/WTF/wtf/OwnPtr.h(64) : typename WTF::RemovePointer<T>::Type* WTF::OwnPtr<T>::operator->() const [with T = WebCore::ImageBuffer] STDERR: 1 0x7fa2fa4f344a /home/oszi/WebKit/WebKitBuild/Debug/lib/libQtWebKit.so.4(_ZNK3WTF6OwnPtrIN7WebCore11ImageBufferEEptEv+0x3c) [0x7fa2fa4f344a] STDERR: 2 0x7fa2fb01c329 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQtWebKit.so.4(_ZN7WebCore18TextureMapperLayer18updateBackingStoreEPNS_13TextureMapperEPNS_26GraphicsLayerTextureMapperE+0x319) [0x7fa2fb01c329] STDERR: 3 0x7fa2fb01efaf /home/oszi/WebKit/WebKitBuild/Debug/lib/libQtWebKit.so.4(_ZN7WebCore18TextureMapperLayer20syncCompositingStateEPNS_26GraphicsLayerTextureMapperEPNS_13TextureMapperEi+0x14d) [0x7fa2fb01efaf] STDERR: 4 0x7fa2fb01f064 /home/oszi/WebKit/WebKitBuild/Debug/lib/libQtWebKit.so.4(_ZN7WebCore18TextureMapperLayer20syncCompositingStateEPNS_26GraphicsLayerTextureMapperEPNS_13TextureMapperEi+0x202) [0x7fa2fb01f064] 659453 2 noam 2012-06-28 06:12:10 -0700 It's ok to skip the test for now. 659456 3 ossy 2012-06-28 06:22:43 -0700 I skipped it to make the bots happier - http://trac.webkit.org/changeset/121427/trunk/LayoutTests/platform/qt/Skipped Please unskip it with the proper fix. 660034 4 noam 2012-06-28 18:28:22 -0700 (In reply to comment #3) > I skipped it to make the bots happier - http://trac.webkit.org/changeset/121427/trunk/LayoutTests/platform/qt/Skipped > > Please unskip it with the proper fix. Might be hard. I'd have to defer this for now, as there are not that many websites with huge filtered content. 681903 5 zherczeg 2012-07-30 05:21:43 -0700 I will check this 681960 6 zherczeg 2012-07-30 06:22:17 -0700 This is the problem: // Paint the entire dirty rect into an image buffer. This ensures we only paint once. OwnPtr<ImageBuffer> imageBuffer = ImageBuffer::create(dirtyRect.size()); GraphicsContext* context = imageBuffer->context(); It creates a 3050 x 506366 image. ImageBuffer::create can return with NULL. How shall we handle this case? 681966 7 noam 2012-07-30 06:29:38 -0700 (In reply to comment #6) > This is the problem: > > // Paint the entire dirty rect into an image buffer. This ensures we only paint once. > OwnPtr<ImageBuffer> imageBuffer = ImageBuffer::create(dirtyRect.size()); > GraphicsContext* context = imageBuffer->context(); > > It creates a 3050 x 506366 image. ImageBuffer::create can return with NULL. How shall we handle this case? We should leave this test skipped for WebKit1. It's fixed in WebKit2 with TiledBackingStore. Fixing this for WebKit1 requires tiled-backing-store per layer which would be quite an undertaking. 682842 8 ossy 2012-07-31 02:09:56 -0700 Good to know if it works on WK2. I'll move this test to WK1 skipped list. 682960 9 noam 2012-07-31 05:55:14 -0700 (In reply to comment #8) > Good to know if it works on WK2. I'll move this test to WK1 skipped list. One way to make it not crash in WebKit1 is return early if creating the ImageBuffer fails. Then we can keep it out of the skipped list, and simply have wrong pixel results. 975496 10 jturcotte 2014-02-03 03:21:32 -0800 === Bulk closing of Qt bugs === If you believe that this bug report is still relevant for a non-Qt port of webkit.org, please re-open it and remove [Qt] from the summary. If you believe that this is still an important QtWebKit bug, please fill a new report at https://bugreports.qt-project.org and add a link to this issue. See http://qt-project.org/wiki/ReportingBugsInQt for additional guidelines.