Bug 302711

Created attachment 477420 [details] HTML file demonstrating the crash (takes around 70 sec) Rendering with instancing vertex buffers crashes after ~70s when mesh access order varies per frame. Works fine with fixed order or storage buffers. # WebGPU Crash on iOS with Time-Varying Mesh Access Patterns ## Summary Safari on iOS crashes when rendering multiple meshes with **mesh access order that varies per frame** while using instancing vertex buffers for transforms. The crash is **time-dependent** (accumulates over ~70 seconds), **scales with mesh count and object count**, indicating a memory corruption or resource tracking bug in iOS WebGPU's Metal backend. **Does NOT crash on macOS Safari** - iOS-specific bug. ## Environment - **Device**: iPhone 15 Pro/16 Pro Max, iOS 26.0/26.1 - **Browser**: Safari (WebKit Metal backend) - **Cross-platform**: DOES not crash on Chrome/Edge/Firefox (Windows/Android/macOS) and Safari macOS ## Reproduction Steps ### Test Case: `iPhoneWGPUCrash.html` Standalone HTML file demonstrating the crash. Error after ~70 seconds: `"InvalidStateError: GPUCommandEncoder.finish: Unable to finish."` **Minimum crash conditions:** - 1000+ unique meshes, 10000+ object instances - Instancing vertex buffer for per-object transforms - **Mesh access order that changes every frame** (random shuffle OR random start offset) **Config:** `MESH_COUNT`, `GRID_SIZE`, `VARY_RQ_HEAD`, `DO_RQ_SHUFFLE` (see code comments) ### Key Findings **What triggers the crash:** - **Time-varying mesh access patterns** - order changes per frame (whether via `firstIndex` OR buffer binding) - Instancing vertex buffer for transforms - Scales with mesh count (min: 1000) and object count (min: 4096 on iPhone 15 Pro) - Time-dependent failure (~70s), not immediate validation error **What does NOT affect crash:** - Mesh complexity or vertex format - `baseVertex` parameter - Buffer layout (shared vs separate buffers) - Draw call count (batching improves FPS but doesn't prevent crash) ### Workarounds Tested | Workaround | Result | |------------|--------| | Bake vertex offsets, `baseVertex=0` | ❌ Crashes | | Separate buffers per mesh | ❌ Crashes | | Batch draws via instancing | ❌ Crashes | | Static transform buffers (no updates) | ❌ Crashes | | Indirect drawing (`drawIndexedIndirect`) | ❌ Crashes | | **Fixed mesh order per frame** (sequential OR constant random) | ✅ Works | | **Storage/constant buffer for transforms** (instead of instancing vertex buffer) | ✅ Works | **Root cause:** Instancing vertex buffer + time-varying mesh access order = crash. Fixed order (even if non-sequential) works fine. ## Impact on Real-World Applications This bug **blocks all standard 3D engine techniques** that vary rendering order per frame: - **Frustum Culling** - rendering only visible objects - **Depth Sorting** - transparent object ordering - **Material Batching** - grouping by material/shader - **LOD Systems** - dynamic mesh detail switching - **Dynamic Scenes** - adding/removing objects **Result:** iOS WebGPU is effectively unusable for production 3D applications. ## Business Impact **Blocking delivery to enterprise customers:** ConocoPhillips and AkerBP (major oil & gas companies) are waiting for our 3D engine product, which uses these exact rendering patterns. We cannot ship a product that crashes on iOS. **Storage buffer workaround limitations:** - Requires major architectural changes - Reduces rendering efficiency (alignment overhead, suboptimal memory access) - Limits hardware/browser compatibility (stricter size limits) ## Request Please investigate this memory corruption/resource tracking bug in iOS WebGPU's Metal backend. This is a **critical, reproducible issue** blocking legitimate 3D rendering techniques and enterprise product deliveries.