Bug 222156

Summary:

A number of offscreencanvas tests are asserting isMainThread trying to access strictCSSParserContext

Product:

WebKit

Reporter:

Lauro Moura <lmoura>

Component:

Canvas

Assignee:

Fujii Hironori <Hironori.Fujii>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

bugs-noreply, cgarcia, clord, dino, esprehn+autocc, ews-watchlist, glenn, gyuyoung.kim, Hironori.Fujii, macpherson, menard, sam, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

See Also:

https://bugs.webkit.org/show_bug.cgi?id=221881

Attachments:

Description	Flags
Patch	cgarcia: review+

Description Lauro Moura 2021-02-18 20:18:33 PST

imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.invalidstring.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.invalidtype.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsl-1.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsl-2.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsl-3.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsl-4.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsl-5.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsl-6.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsl-7.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsl-8.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsl-9.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsla-1.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsla-2.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsla-3.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsla-4.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsla-5.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsla-6.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsla-7.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsla-8.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-hsla-9.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-rgb-1.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-rgb-2.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-rgb-3.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-rgb-4.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-rgb-5.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-rgb-6.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/fill-and-stroke-styles/2d.fillStyle.parse.css-color-4-rgba-1.worker.html
imported/w3c/web-platform-tests/html/canvas/offscreen/shadows/2d.shadow.attributes.shadowColor.invalid.worker.html

Looks like some JS code is trying to access strictCSSParserContext() from outside the main thread.

Last good revision: r272858.
First bad revision: r272891.

Sample trace:

Thread 1 (Thread 0x7fa495ffb700 (LWP 45157)):
#0  WTFCrash() () at ../../Source/WTF/wtf/Assertions.cpp:295
#1  0x00007fa64628210d in CRASH_WITH_INFO(...) () at DerivedSources/ForwardingHeaders/wtf/Assertions.h:713
#2  0x00007fa647c45d98 in WTF::MainThreadAccessTraits::assertAccess() () at DerivedSources/ForwardingHeaders/wtf/NeverDestroyed.h:55
#3  0x00007fa6493fb635 in WTF::NeverDestroyed<WebCore::CSSParserContext, WTF::MainThreadAccessTraits>::storagePointer() const (this=0x7fa652f60c80 <WebCore::strictCSSParserContext()::strictContext>) at DerivedSources/ForwardingHeaders/wtf/NeverDestroyed.h:91
#4  0x00007fa6493f88de in WTF::NeverDestroyed<WebCore::CSSParserContext, WTF::MainThreadAccessTraits>::operator WebCore::CSSParserContext&() (this=0x7fa652f60c80 <WebCore::strictCSSParserContext()::strictContext>) at DerivedSources/ForwardingHeaders/wtf/NeverDestroyed.h:76
#5  0x00007fa6493e5ea7 in WebCore::strictCSSParserContext() () at ../../Source/WebCore/css/parser/CSSParserContext.cpp:41
#6  0x00007fa6493e4ade in WebCore::CSSParser::parseColorWorkerSafe(WTF::String const&) (string=...) at ../../Source/WebCore/css/parser/CSSParser.cpp:120
#7  0x00007fa649a2ec6e in WebCore::parseColor(WTF::String const&, WebCore::CanvasBase&) (colorString=..., canvasBase=...) at ../../Source/WebCore/html/canvas/CanvasStyle.cpp:60
#8  0x00007fa649a2f099 in WebCore::CanvasStyle::createFromString(WTF::String const&, WebCore::CanvasBase&) (colorString=..., canvasBase=...) at ../../Source/WebCore/html/canvas/CanvasStyle.cpp:122
#9  0x00007fa649a25c6d in WebCore::CanvasRenderingContext2DBase::setFillColor(WTF::String const&, WTF::Optional<float>) (this=0x7fa5c3a8c110, color=..., alpha=...) at ../../Source/WebCore/html/canvas/CanvasRenderingContext2DBase.cpp:957
#10 0x00007fa649a2afb0 in operator()(WTF::String const&) const (__closure=0x7fa495ff93d0, string=...) at ../../Source/WebCore/html/canvas/CanvasRenderingContext2DBase.cpp:1882
#11 0x00007fa649a31781 in WTF::__visitor_table<WTF::Visitor<WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::String&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> >&)> >, WTF::String, WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >, WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> > >::__trampoline_func<WTF::String>(WTF::Visitor<WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::String&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> >&)> > &, WTF::__visitor_table<WTF::Visitor<WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::String&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> >&)> >, WTF::String, WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >, WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> > >::__variant_type &) (__visitor=..., __v=...) at DerivedSources/ForwardingHeaders/wtf/Variant.h:1870
#12 0x00007fa649a30a30 in WTF::visit<WTF::Visitor<WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::String&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> >&)> >, WTF::String, WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >, WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> > >(WTF::Visitor<WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::String&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> >&)> > &&, WTF::Variant<WTF::String, WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >, WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> > > &) (__visitor=..., __v=...) at DerivedSources/ForwardingHeaders/wtf/Variant.h:1886
#13 0x00007fa649a30204 in WTF::switchOn<WTF::Variant<WTF::String, WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >, WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> > >&, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::String&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >&)>, WebCore::CanvasRenderingContext2DBase::setFillStyle(WebCore::CanvasRenderingContext2DBase::StyleVariant&&)::<lambda(const WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> >&)> >(WTF::Variant<WTF::String, WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >, WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> > > &) (v=...) at DerivedSources/ForwardingHeaders/wtf/Variant.h:2051
#14 0x00007fa649a2b113 in WebCore::CanvasRenderingContext2DBase::setFillStyle(WTF::Variant<WTF::String, WTF::RefPtr<WebCore::CanvasGradient, WTF::RawPtrTraits<WebCore::CanvasGradient>, WTF::DefaultRefDerefTraits<WebCore::CanvasGradient> >, WTF::RefPtr<WebCore::CanvasPattern, WTF::RawPtrTraits<WebCore::CanvasPattern>, WTF::DefaultRefDerefTraits<WebCore::CanvasPattern> > >&&) (this=0x7fa5c3a8c110, style=...) at ../../Source/WebCore/html/canvas/CanvasRenderingContext2DBase.cpp:1881
#15 0x00007fa6482ea714 in operator()() const (__closure=0x7fa495ff94f0) at DerivedSources/WebCore/JSOffscreenCanvasRenderingContext2D.cpp:499
#16 0x00007fa6482ff45a in WebCore::AttributeSetter::call<WebCore::setJSOffscreenCanvasRenderingContext2D_fillStyleSetter(JSC::JSGlobalObject&, WebCore::JSOffscreenCanvasRenderingContext2D&, JSC::JSValue)::<lambda()> >(JSC::JSGlobalObject &, JSC::ThrowScope &, struct {...} &&) (functor=...) at ../../Source/WebCore/bindings/js/JSDOMAttribute.h:93
#17 0x00007fa6482ea844 in WebCore::setJSOffscreenCanvasRenderingContext2D_fillStyleSetter(JSC::JSGlobalObject&, WebCore::JSOffscreenCanvasRenderingContext2D&, JSC::JSValue) (lexicalGlobalObject=..., thisObject=..., value=...) at DerivedSources/WebCore/JSOffscreenCanvasRenderingContext2D.cpp:498
#18 0x00007fa6482ff577 in WebCore::IDLAttribute<WebCore::JSOffscreenCanvasRenderingContext2D>::set<WebCore::setJSOffscreenCanvasRenderingContext2D_fillStyleSetter>(JSC::JSGlobalObject&, JSC::EncodedJSValue, JSC::EncodedJSValue, char const*) (lexicalGlobalObject=..., thisValue=140348953544632, encodedValue=140349627230768, attributeName=0x7fa64d433a4a "fillStyle") at ../../Source/WebCore/bindings/js/JSDOMAttribute.h:50
#19 0x00007fa6482ea8ac in WebCore::setJSOffscreenCanvasRenderingContext2D_fillStyle(JSC::JSGlobalObject*, JSC::EncodedJSValue, JSC::EncodedJSValue) (lexicalGlobalObject=0x7fa588843068, thisValue=140348953544632, encodedValue=140349627230768) at DerivedSources/WebCore/JSOffscreenCanvasRenderingContext2D.cpp:506
#20 0x00007fa63682d594 in JSC::callCustomSetter(JSC::JSGlobalObject*, bool (*)(JSC::JSGlobalObject*, long, long), bool, JSC::JSObject*, JSC::JSValue, JSC::JSValue) (globalObject=0x7fa588843068, setter=0x7fa6482ea87d <WebCore::setJSOffscreenCanvasRenderingContext2D_fillStyle(JSC::JSGlobalObject*, JSC::EncodedJSValue, JSC::EncodedJSValue)>, isAccessor=true, slotBase=0x7fa5ba2301a0, thisValue=..., value=...) at ../../Source/JavaScriptCore/runtime/CustomGetterSetter.cpp:43
#21 0x00007fa6369b3549 in JSC::JSObject::putInlineSlow(JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) (this=0x7fa5898547b8, globalObject=0x7fa588843068, propertyName=..., value=..., slot=...) at ../../Source/JavaScriptCore/runtime/JSObject.cpp:847
#22 0x00007fa648df5ee3 in JSC::JSObject::putInlineForJSObject(JSC::JSCell*, JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) (cell=0x7fa5898547b8, globalObject=0x7fa588843068, propertyName=..., value=..., slot=...) at DerivedSources/ForwardingHeaders/JavaScriptCore/JSObjectInlines.h:277
#23 0x00007fa648df55c4 in JSC::JSCell::putInline(JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) (this=0x7fa5898547b8, globalObject=0x7fa588843068, propertyName=..., value=..., slot=...) at DerivedSources/ForwardingHeaders/JavaScriptCore/JSCellInlines.h:441
#24 0x00007fa635e87df3 in JSC::JSValue::putInline(JSC::JSGlobalObject*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) (this=0x7fa495ff9928, globalObject=0x7fa588843068, propertyName=..., value=..., slot=...) at ../../Source/JavaScriptCore/runtime/JSCJSValueInlines.h:1060
#25 0x00007fa63660176e in JSC::LLInt::llint_slow_path_put_by_id(JSC::CallFrame*, JSC::Instruction const*) (callFrame=0x7fa495ff9b30, pc=0x7fa58981fefc) at ../../Source/JavaScriptCore/llint/LLIntSlowPaths.cpp:907
#26 0x00007fa6354a75de in llint_op_put_by_id () at /app/webkit/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm:97

Comment 1 Lauro Moura 2021-02-18 20:33:24 PST

Gardened in r273124.

About the mentioned revisions, they are the last good and first bad on the bots.

A candidate in the range seems to be r272870/bug221881 "Prepare for adding relative color support". Cc'ing Sam.

Comment 2 Fujii Hironori 2021-02-18 23:44:48 PST

Created attachment 420929 [details]
Patch

Comment 3 Carlos Garcia Campos 2021-02-19 00:50:36 PST

Comment on attachment 420929 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=420929&action=review

> Source/WebCore/css/parser/CSSParser.cpp:120
> -    return CSSPropertyParserHelpers::consumeColorWorkerSafe(range, strictCSSParserContext());
> +    return CSSPropertyParserHelpers::consumeColorWorkerSafe(range, CSSParserContext(HTMLStandardMode));

Why is this GLib specific?

Comment 4 Chris Lord 2021-02-19 02:47:32 PST

Comment on attachment 420929 [details]
Patch

FWIW, this looks good to me.

Comment 5 Chris Lord 2021-02-19 02:48:06 PST

(In reply to Carlos Garcia Campos from comment #3)
> Comment on attachment 420929 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=420929&action=review
> 
> > Source/WebCore/css/parser/CSSParser.cpp:120
> > -    return CSSPropertyParserHelpers::consumeColorWorkerSafe(range, strictCSSParserContext());
> > +    return CSSPropertyParserHelpers::consumeColorWorkerSafe(range, CSSParserContext(HTMLStandardMode));
> 
> Why is this GLib specific?

OffscreenCanvas is only enabled on GLib, this function is only used there.

Comment 6 Fujii Hironori 2021-02-19 12:10:00 PST

Committed r273156 (234351@main): <https://commits.webkit.org/234351@main>

Comment 7 Radar WebKit Bug Importer 2021-02-19 12:10:16 PST

<rdar://problem/74532293>