Bug 198323 - [WinCairo] ASSERTION FAILED: info.bmBitsPixel == 32 in createCairoContextWithHDC
Summary: [WinCairo] ASSERTION FAILED: info.bmBitsPixel == 32 in createCairoContextWithHDC
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Platform (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Fujii Hironori
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2019-05-28 22:55 PDT by Fujii Hironori
Modified: 2019-09-04 23:58 PDT (History)
8 users (show)

See Also:

Attachments
request-animation-frame-prefix-crash-log.txt (112.08 KB, text/plain)
2019-05-29 00:06 PDT, Fujii Hironori 		no flags Details
Patch (5.14 KB, patch)
2019-06-27 00:07 PDT, Fujii Hironori 		no flags Details | Formatted Diff | Diff
Archive of layout-test-results from ews214 for win-future (13.40 MB, application/zip)
2019-06-27 02:10 PDT, EWS Watchlist 		no flags Details
Patch only for trying EWS (5.79 KB, patch)
2019-06-30 19:36 PDT, Fujii Hironori 		ews-watchlist: commit-queue-
Details | Formatted Diff | Diff
Archive of layout-test-results from ews107 for mac-highsierra-wk2 (2.71 MB, application/zip)
2019-06-30 20:52 PDT, EWS Watchlist 		no flags Details
Patch (5.17 KB, patch)
2019-07-02 20:49 PDT, Fujii Hironori 		no flags Details | Formatted Diff | Diff
Show Obsolete (4) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Fujii Hironori 2019-05-28 22:55:27 PDT 
[WinCairo] ASSERTION FAILED: info.bmBitsPixel == 32 in createCairoContextWithHDC

WinCairo port, Debug build, trunk@245847.

editing/execCommand/change-list-type.html
fast/animation/request-animation-frame-prefix.html

Callstack:

>     Frame[00]  Triage Symbol: [WTF!WTFCrash+0xe]
>     Frame[01]  Triage Symbol: [WebKit!WTFCrashWithInfo+0x20]
>     Frame[02]  Triage Symbol: [WebKit!WebCore::createCairoContextWithHDC+0xe8]
>     Frame[03]  Triage Symbol: [WebKit!WebCore::GraphicsContext::platformInit+0x53]
>     Frame[04]  Triage Symbol: [WebKit!WebCore::GraphicsContext::GraphicsContext+0x8e]
>     Frame[05]  Triage Symbol: [WebKit!WebView::paintIntoBackingStore+0x160]
>     Frame[06]  Triage Symbol: [WebKit!WebView::updateBackingStore+0x3fc]
>     Frame[07]  Triage Symbol: [WebKit!WebView::paint+0x3de]
>     Frame[08]  Ignore Symbol: [WebKit!WebView::WebViewWndProc+0x7e5]
>     Frame[09]  Triage Symbol: [USER32!UserCallWinProcCheckWow+0x266]
>     Frame[0a]  Triage Symbol: [USER32!CallWindowProcW+0x8b]
>     Frame[0b]  Ignore Symbol: [COMCTL32!CallNextSubclassProc+0x9a]
>     Frame[0c]  Ignore Symbol: [COMCTL32!TTSubclassProc+0xb8]
>     Frame[0d]  Ignore Symbol: [COMCTL32!CallNextSubclassProc+0x9a]
>     Frame[0e]  Ignore Symbol: [COMCTL32!MasterSubclassProc+0xa2]
>     Frame[0f]  Triage Symbol: [USER32!UserCallWinProcCheckWow+0x266]
>     Frame[10]  Triage Symbol: [USER32!SendMessageWorker+0x218]
>     Frame[11]  Triage Symbol: [USER32!SendMessageW+0xf8]
>     Frame[12]  Triage Symbol: [DumpRenderTreeLib!dump+0x9f]
>     Frame[13]  Triage Symbol: [DumpRenderTreeLib!TestRunner::notifyDone+0x4f]
>     Frame[14]  Triage Symbol: [DumpRenderTreeLib!notifyDoneCallback+0x4c]
>     Frame[15]  Triage Symbol: [JavaScriptCore!JSC::APICallbackFunction::call<JSC::JSCallbackFunction>+0x25a]
>     Frame[16]  Bad Symbol: []
>     Frame[17]  Bad Symbol: []
>     Frame[18]  Bad Symbol: []
>     Frame[19]  Bad Symbol: []
>     Frame[1a]  Triage Symbol: [JavaScriptCore!llint_entry+0x132fb]
>     Frame[1b]  Bad Symbol: []
>     Frame[1c]  Triage Symbol: [JavaScriptCore!llint_entry+0x132fb]


> python ./Tools/Scripts/run-webkit-tests --debug  --wincairo --no-new-test-results --dump-render-tree editing/execCommand/change-list-type.html fast/animation/request-animation-frame-prefix.html
Comment 1 Fujii Hironori 2019-05-28 23:29:44 PDT 
info.bmBitsPixel was 1.

> info.bmType	0x00000000	long
> info.bmWidth	0x00000001	long
> info.bmHeight	0x00000001	long
> info.bmWidthBytes	0x00000002	long
> info.bmPlanes	0x0001	unsigned short
> info.bmBitsPixel	0x0001	unsigned short
> info.bmBits	0x0000000000000000	void *
Comment 2 Fujii Hironori 2019-05-29 00:06:51 PDT 
Created attachment 370834 [details]
request-animation-frame-prefix-crash-log.txt
Comment 3 Fujii Hironori 2019-05-29 02:40:19 PDT 
SelectObject in WebView::paint failed, the return value (oldBitmap) was NULL.

> HGDIOBJ oldBitmap = ::SelectObject(bitmapDC.get(), m_backingStoreBitmap->get());

WebView::paint is called recursively.

The first call was from displayAndTrackRepaintsCallback.

> WebKit.dll!WebView::paint(HDC__ * dc, __int64 options) Line 1347	C++
> WebKit.dll!WebView::WebViewWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 2586	C++
> [External Code]	
> DumpRenderTreeLib.dll!displayWebView() Line 391	C++
> DumpRenderTreeLib.dll!TestRunner::displayAndTrackRepaints() Line 251	C++
> DumpRenderTreeLib.dll!displayAndTrackRepaintsCallback(const OpaqueJSContext * context, OpaqueJSValue * function, OpaqueJSValue * thisObject, unsigned __int64 argumentCount, const OpaqueJSValue * const * arguments, const OpaqueJSValue * * exception) Line 494	C++
> JavaScriptCore.dll!JSC::APICallbackFunction::call<JSC::JSCallbackFunction>(JSC::ExecState * exec) Line 63	C++
> [External Code]	

And the second call was from notifyDoneCallback.

> WebKit.dll!WebView::paint(HDC__ * dc, __int64 options) Line 1347	C++
> WebKit.dll!WebView::WebViewWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 2586	C++
> [External Code]	
> DumpRenderTreeLib.dll!dump() Line 692	C++
> DumpRenderTreeLib.dll!TestRunner::notifyDone() Line 311	C++
> DumpRenderTreeLib.dll!notifyDoneCallback(const OpaqueJSContext * context, OpaqueJSValue * function, OpaqueJSValue * thisObject, unsigned __int64 argumentCount, const OpaqueJSValue * const * arguments, const OpaqueJSValue * * exception) Line 606	C++
> JavaScriptCore.dll!JSC::APICallbackFunction::call<JSC::JSCallbackFunction>(JSC::ExecState * exec) Line 63	C++
> [External Code]

Unfortunately Visual Studio debugger doesn't show the complete callstack under JSC.
So, I mean these callstacks are consequtive. I combined them:

> WebKit.dll!WebView::paint(HDC__ * dc, __int64 options) Line 1347	C++
> WebKit.dll!WebView::WebViewWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 2586	C++
> [External Code]	
> DumpRenderTreeLib.dll!dump() Line 692	C++
> DumpRenderTreeLib.dll!TestRunner::notifyDone() Line 311	C++
> DumpRenderTreeLib.dll!notifyDoneCallback(const OpaqueJSContext * context, OpaqueJSValue * function, OpaqueJSValue * thisObject, unsigned __int64 argumentCount, const OpaqueJSValue * const * arguments, const OpaqueJSValue * * exception) Line 606	C++
> JavaScriptCore.dll!JSC::APICallbackFunction::call<JSC::JSCallbackFunction>(JSC::ExecState * exec) Line 63	C++
> [External Code]
> (...)
> WebKit.dll!WebView::paint(HDC__ * dc, __int64 options) Line 1347	C++
> WebKit.dll!WebView::WebViewWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 2586	C++
> [External Code]	
> DumpRenderTreeLib.dll!displayWebView() Line 391	C++
> DumpRenderTreeLib.dll!TestRunner::displayAndTrackRepaints() Line 251	C++
> DumpRenderTreeLib.dll!displayAndTrackRepaintsCallback(const OpaqueJSContext * context, OpaqueJSValue * function, OpaqueJSValue * thisObject, unsigned __int64 argumentCount, const OpaqueJSValue * const * arguments, const OpaqueJSValue * * exception) Line 494	C++
> JavaScriptCore.dll!JSC::APICallbackFunction::call<JSC::JSCallbackFunction>(JSC::ExecState * exec) Line 63	C++
> [External Code]
Comment 4 Fujii Hironori 2019-05-29 02:44:08 PDT 
(In reply to Fujii Hironori from comment #0)
> editing/execCommand/change-list-type.html
> fast/animation/request-animation-frame-prefix.html

Both tests call notifyDone in RequestAnimationFrame callback.
Comment 5 Fujii Hironori 2019-05-29 03:43:28 PDT 
RequestAnimationFrame callback is call back during WebView::paint.

> WebKit.dll!WTF::RefPtr<WebCore::RequestAnimationFrameCallback,WTF::DumbPtrTraits<WebCore::RequestAnimationFrameCallback> >::operator->() Line 79	C++
> WebKit.dll!WebCore::ScriptedAnimationController::serviceRequestAnimationFrameCallbacks(double timestamp) Line 216	C++
> WebKit.dll!WebCore::Document::serviceRequestAnimationFrameCallbacks(double timestamp) Line 6224	C++
> WebKit.dll!WebCore::Page::updateRendering() Line 1299	C++
> WebKit.dll!WebView::updateBackingStore(WebCore::FrameView * frameView, HDC__ * dc, bool backingStoreCompletelyDirty, WebView::WindowsToPaint windowsToPaint) Line 1177	C++
> WebKit.dll!WebView::paint(HDC__ * dc, __int64 options) Line 1353	C++
> WebKit.dll!WebView::WebViewWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 2586	C++
> [External Code]	
> DumpRenderTreeLib.dll!runTest(const std::basic_string<char,std::char_traits<char>,std::allocator<char> > & inputLine) Line 1255	C++
> DumpRenderTreeLib.dll!main(int argc, const char * * argv) Line 1612	C++
> DumpRenderTreeLib.dll!dllLauncherEntryPoint(int argc, const char * * argv) Line 1652	C++
> DumpRenderTree.exe!main(int argc, const char * * argv) Line 230	C++
> [External Code]
Comment 6 Fujii Hironori 2019-06-26 02:52:31 PDT 
By using LLint CLoop, I get the full callstack.

> WTF.dll!WTFCrash() Line 305	C++
> WebKit.dll!WTFCrashWithInfo(int __formal, const char * __formal, const char * __formal, int __formal) Line 569	C++
> WebKit.dll!WebCore::createCairoContextWithHDC(HDC__ * hdc, bool hasAlpha) Line 54	C++
> WebKit.dll!WebCore::GraphicsContext::platformInit(HDC__ * dc, bool hasAlpha) Line 79	C++
> WebKit.dll!WebCore::GraphicsContext::GraphicsContext(HDC__ * dc, bool hasAlpha) Line 72	C++
> WebKit.dll!WebView::paintIntoBackingStore(WebCore::FrameView * frameView, HDC__ * bitmapDC, const WebCore::IntRect & dirtyRectPixels, WebView::WindowsToPaint windowsToPaint) Line 1425	C++
> WebKit.dll!WebView::updateBackingStore(WebCore::FrameView * frameView, HDC__ * dc, bool backingStoreCompletelyDirty, WebView::WindowsToPaint windowsToPaint) Line 1189	C++
> WebKit.dll!WebView::paint(HDC__ * dc, __int64 options) Line 1353	C++
> WebKit.dll!WebView::WebViewWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 2586	C++
> [External Code]	
> DumpRenderTreeLib.dll!dump() Line 694	C++
> DumpRenderTreeLib.dll!TestRunner::notifyDone() Line 311	C++
> DumpRenderTreeLib.dll!notifyDoneCallback(const OpaqueJSContext * context, OpaqueJSValue * function, OpaqueJSValue * thisObject, unsigned __int64 argumentCount, const OpaqueJSValue * const * arguments, const OpaqueJSValue * * exception) Line 606	C++
> JavaScriptCore.dll!JSC::APICallbackFunction::call<JSC::JSCallbackFunction>(JSC::ExecState * exec) Line 63	C++
> JavaScriptCore.dll!JSC::NativeFunction::operator()(JSC::ExecState * exec) Line 50	C++
> JavaScriptCore.dll!JSC::LLInt::CLoop::execute(JSC::OpcodeID entryOpcodeID, void * executableAddress, JSC::VM * vm, JSC::ProtoCallFrame * protoCallFrame, bool isInitializationPass) Line 20746	C++
> JavaScriptCore.dll!vmEntryToJavaScript(void * executableAddress, JSC::VM * vm, JSC::ProtoCallFrame * protoCallFrame) Line 150	C++
> JavaScriptCore.dll!JSC::JITCode::execute(JSC::VM * vm, JSC::ProtoCallFrame * protoCallFrame) Line 38	C++
> JavaScriptCore.dll!JSC::Interpreter::executeCall(JSC::ExecState * callFrame, JSC::JSObject * function, JSC::CallType callType, const JSC::CallData & callData, JSC::JSValue thisValue, const JSC::ArgList & args) Line 904	C++
> JavaScriptCore.dll!JSC::call(JSC::ExecState * exec, JSC::JSValue functionObject, JSC::CallType callType, const JSC::CallData & callData, JSC::JSValue thisValue, const JSC::ArgList & args) Line 59	C++
> JavaScriptCore.dll!JSC::profiledCall(JSC::ExecState * exec, JSC::ProfilingReason reason, JSC::JSValue functionObject, JSC::CallType callType, const JSC::CallData & callData, JSC::JSValue thisValue, const JSC::ArgList & args) Line 80	C++
> JavaScriptCore.dll!JSC::JSMicrotask::run(JSC::ExecState * exec) Line 90	C++
> WebKit.dll!WebCore::JSExecState::runTask(JSC::ExecState * exec, JSC::Microtask & task) Line 93	C++
> WebKit.dll!WebCore::JSMicrotaskCallback::call() Line 47	C++
> WebKit.dll!WebCore::JSDOMWindowBase::queueTaskToEventLoop::__l2::<lambda>() Line 215	C++
> WebKit.dll!WTF::Detail::CallableWrapper<void <lambda>(void),void>::call() Line 52	C++
> WebKit.dll!WTF::Function<void __cdecl(void)>::operator()() Line 80	C++
> WebKit.dll!WebCore::ActiveDOMCallbackMicrotask::run() Line 46	C++
> WebKit.dll!WebCore::MicrotaskQueue::performMicrotaskCheckpoint() Line 98	C++
> WebKit.dll!WebCore::JSExecState::didLeaveScriptContext(JSC::ExecState * exec) Line 43	C++
> WebKit.dll!WebCore::JSExecState::~JSExecState() Line 146	C++
> WebKit.dll!WebCore::JSExecState::profiledCall(JSC::ExecState * exec, JSC::ProfilingReason reason, JSC::JSValue functionObject, JSC::CallType callType, const JSC::CallData & callData, JSC::JSValue thisValue, const JSC::ArgList & args, WTF::NakedPtr<JSC::Exception> & returnedException) Line 74	C++
> WebKit.dll!WebCore::JSCallbackData::invokeCallback(WebCore::JSDOMGlobalObject & globalObject, JSC::JSObject * callback, JSC::JSValue thisValue, JSC::MarkedArgumentBuffer & args, WebCore::JSCallbackData::CallbackType method, JSC::PropertyName functionName, WTF::NakedPtr<JSC::Exception> & returnedException) Line 83	C++
> WebKit.dll!WebCore::JSCallbackDataStrong::invokeCallback(JSC::JSValue thisValue, JSC::MarkedArgumentBuffer & args, WebCore::JSCallbackData::CallbackType callbackType, JSC::PropertyName functionName, WTF::NakedPtr<JSC::Exception> & returnedException) Line 89	C++
> WebKit.dll!WebCore::JSRequestAnimationFrameCallback::handleEvent(double highResTime) Line 70	C++
> WebKit.dll!WebCore::ScriptedAnimationController::serviceRequestAnimationFrameCallbacks(double timestamp) Line 217	C++
> WebKit.dll!WebCore::Document::serviceRequestAnimationFrameCallbacks(double timestamp) Line 6190	C++
> WebKit.dll!WebCore::Page::updateRendering() Line 1303	C++
> WebKit.dll!WebView::updateBackingStore(WebCore::FrameView * frameView, HDC__ * dc, bool backingStoreCompletelyDirty, WebView::WindowsToPaint windowsToPaint) Line 1177	C++
> WebKit.dll!WebView::paint(HDC__ * dc, __int64 options) Line 1353	C++
> WebKit.dll!WebView::WebViewWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 2586	C++
> [External Code]	
> DumpRenderTreeLib.dll!runTest(const std::basic_string<char,std::char_traits<char>,std::allocator<char> > & inputLine) Line 1256	C++
> DumpRenderTreeLib.dll!main(int argc, const char * * argv) Line 1617	C++
> DumpRenderTreeLib.dll!dllLauncherEntryPoint(int argc, const char * * argv) Line 1653	C++
> DumpRenderTree.exe!main(int argc, const char * * argv) Line 230	C++
> [External Code]	

WebView::paint was called recursively.
Comment 7 Fujii Hironori 2019-06-26 22:46:39 PDT 
Similar issue: Bug 17737 – ASSERTION FAILED: info.bmBitsPixel == 32
Comment 8 Fujii Hironori 2019-06-26 23:01:54 PDT 
webView::isPainting was add in r23462.
It has not used since r29415.
Comment 9 Fujii Hironori 2019-06-27 00:07:59 PDT 
Created attachment 373004 [details]
Patch
Comment 10 EWS Watchlist 2019-06-27 02:10:34 PDT 
Comment on attachment 373004 [details]
Patch

Attachment 373004 [details] did not pass win-ews (win):
Output: https://webkit-queues.webkit.org/results/12589699

New failing tests:
imported/blink/animations/display-inline-style-adjust.html
Comment 11 EWS Watchlist 2019-06-27 02:10:36 PDT 
Created attachment 373012 [details]
Archive of layout-test-results from ews214 for win-future

The attached test failures were seen while running run-webkit-tests on the win-ews.
Bot: ews214  Port: win-future  Platform: CYGWIN_NT-10.0-17763-3.0.5-338.x86_64-x86_64-64bit
Comment 12 Fujii Hironori 2019-06-30 19:36:23 PDT 
Created attachment 373201 [details]
Patch only for trying EWS
Comment 13 EWS Watchlist 2019-06-30 20:52:26 PDT 
Comment on attachment 373201 [details]
Patch only for trying EWS

Attachment 373201 [details] did not pass mac-wk2-ews (mac-wk2):
Output: https://webkit-queues.webkit.org/results/12623445

New failing tests:
svg/clip-path/clip-hidpi.svg
Comment 14 EWS Watchlist 2019-06-30 20:52:28 PDT 
Created attachment 373209 [details]
Archive of layout-test-results from ews107 for mac-highsierra-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews107  Port: mac-highsierra-wk2  Platform: Mac OS X 10.13.6
Comment 15 Fujii Hironori 2019-07-02 20:49:39 PDT 
Created attachment 373379 [details]
Patch
Comment 16 Per Arne Vollan 2019-07-03 08:47:50 PDT 
I think this patch looks very good. Looking at the previous EWS results, it seems the test 'imported/blink/animations/display-inline-style-adjust.html' is failing for AppleWin. Do we know why this is happening?
Comment 17 Fujii Hironori 2019-07-03 18:47:55 PDT 
Yup. I filed it in Bug 199311, and removed the test case in r247086.
Comment 18 Per Arne Vollan 2019-07-05 07:14:51 PDT 
Comment on attachment 373379 [details]
Patch

R=me.
Comment 19 Fujii Hironori 2019-07-08 18:08:34 PDT 
Comment on attachment 373379 [details]
Patch

Clearing flags on attachment: 373379

Committed r247245: <https://trac.webkit.org/changeset/247245>
Comment 20 Fujii Hironori 2019-07-08 18:08:38 PDT 
All reviewed patches have been landed.  Closing bug.
Comment 21 Radar WebKit Bug Importer 2019-07-08 18:14:05 PDT 
<rdar://problem/52808308>