RESOLVED FIXED 215209
[GTK][WPE] Debug crashes in backdrop filter tests 
https://bugs.webkit.org/show_bug.cgi?id=215209
Summary [GTK][WPE] Debug crashes in backdrop filter tests
Lauro Moura
Reported 2020-08-05 20:49:30 PDT
Created attachment 406071 [details] Backtrace After r264968 enabled backdrop-filter support, several tests are asserting in debug mode, both GTK and WPE: css3/filters/backdrop/backdrop-filter-does-not-size-properly-absolute.html css3/filters/backdrop/backdrop-filter-does-not-size-properly-border-and-padding.html css3/filters/backdrop/backdrop-filter-with-cliprect.html css3/filters/backdrop/backdrop-filter-with-mask.html css3/filters/backdrop/backdrop-with-visibility-hidden-changing.html css3/filters/backdrop/backdrop-with-visibility-hidden.html css3/filters/backdrop/resource-use-add-more-layers.html css3/filters/backdrop/resource-use-excessive.html css3/filters/backdrop/resource-use-ok.html css3/filters/backdrop/resource-use-remove-some-layers.html All but two of them fail with a similar backtrace (full backtrace attached): Thread 1 (Thread 0x7f590c3da2c0 (LWP 12435)): #0 0x00007f5915256a2a in WTFCrash() () at ../../Source/WTF/wtf/Assertions.cpp:295 #1 0x00007f59236af332 in CRASH_WITH_INFO(...) () at DerivedSources/ForwardingHeaders/wtf/Assertions.h:713 #2 0x00007f592781c721 in WebCore::RenderLayerCompositor::scheduleRenderingUpdate() (this=0x7f5874629500) at ../../Source/WebCore/rendering/RenderLayerCompositor.cpp:521 #3 0x00007f592781ab4a in WebCore::RenderLayerBacking::notifyFlushRequired(WebCore::GraphicsLayer const*) (this=0x7f58b019b7e0) at ../../Source/WebCore/rendering/RenderLayerBacking.cpp:3638 #4 0x00007f5924e30c5d in WebCore::CoordinatedGraphicsLayer::notifyFlushRequired() (this=0x7f58b1e92800) at ../../Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:69 #5 0x00007f5924e30cf2 in WebCore::CoordinatedGraphicsLayer::didChangeFilters() (this=0x7f58b1e92800) at ../../Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:87 #6 0x00007f5924e32399 in WebCore::CoordinatedGraphicsLayer::setFilters(WebCore::FilterOperations const&) (this=0x7f58b1e92800, newFilters=...) at ../../Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:512 #7 0x00007f5924e337b7 in WebCore::CoordinatedGraphicsLayer::<lambda(Nicosia::CompositionLayer::LayerState&)>::operator()(Nicosia::CompositionLayer::LayerState &) const (__closure=0x7ffcd5812d40, state=...) at ../../Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:947 #8 0x00007f5924e369bf in Nicosia::CompositionLayer::updateState<WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly()::<lambda(Nicosia::CompositionLayer::LayerState&)> >(const WebCore::CoordinatedGraphicsLayer::<lambda(Nicosia::CompositionLayer::LayerState&)> &) (this=0x7f58c9481d00, functor=...) at ../../Source/WebCore/platform/graphics/nicosia/NicosiaPlatformLayer.h:207 #9 0x00007f5924e34526 in WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly() (this=0x7f58b1e0f000) at ../../Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:895 #10 0x00007f5924e32c9d in WebCore::CoordinatedGraphicsLayer::flushCompositingState(WebCore::FloatRect const&) (this=0x7f58b1e0f000, rect=...) at ../../Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:685 #11 0x00007f5924e32d3e in WebCore::CoordinatedGraphicsLayer::flushCompositingState(WebCore::FloatRect const&) (this=0x7f58b1e49800, rect=...) at ../../Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:691 #12 0x00007f5924e32d3e in WebCore::CoordinatedGraphicsLayer::flushCompositingState(WebCore::FloatRect const&) (this=0x7f58b209c000, rect=...) at ../../Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:691 #13 0x00007f5924e32d3e in WebCore::CoordinatedGraphicsLayer::flushCompositingState(WebCore::FloatRect const&) (this=0x7f58b208d000, rect=...) at ../../Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:691 #14 0x00007f5924e32d3e in WebCore::CoordinatedGraphicsLayer::flushCompositingState(WebCore::FloatRect const&) (this=0x7f58b208d800, rect=...) at ../../Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:691 #15 0x00007f5924e32d3e in WebCore::CoordinatedGraphicsLayer::flushCompositingState(WebCore::FloatRect const&) (this=0x7f58b20aa800, rect=...) at ../../Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:691 #16 0x00007f592781cb20 in WebCore::RenderLayerCompositor::flushPendingLayerChanges(bool) (this=0x7f5874629500, isFlushRoot=true) at ../../Source/WebCore/rendering/RenderLayerCompositor.cpp:569 #17 0x00007f592782497d in WebCore::RenderLayerCompositor::layerTreeAsText(unsigned int) (this=0x7f5874629500, flags=32) at ../../Source/WebCore/rendering/RenderLayerCompositor.cpp:2181 #18 0x00007f59270ac8dc in WebCore::Frame::layerTreeAsText(unsigned int) const (this=0x7f590ba80000, flags=32) at ../../Source/WebCore/page/Frame.cpp:909 #19 0x00007f58c883fff2 in WebCore::Internals::layerTreeAsText(WebCore::Document&, unsigned short) const (this=0x7f58b2088b40, document=..., flags=16) at ../../Source/WebCore/testing/Internals.cpp:2837 #20 0x00007f58c873b2f7 in WebCore::jsInternalsPrototypeFunctionLayerTreeAsTextBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::IDLOperation<WebCore::JSInternals>::ClassParameter) (lexicalGlobalObject=0x7f58543a3080, callFrame=0x7ffcd5813300, castedThis=0x7f5854334000) at DerivedSources/WebCore/JSInternals.cpp:7193 #21 0x00007f58c877b100 in WebCore::IDLOperation<WebCore::JSInternals>::call<WebCore::jsInternalsPrototypeFunctionLayerTreeAsTextBody>(JSC::JSGlobalObject&, JSC::CallFrame&, char const*) (lexicalGlobalObject=..., callFrame=..., operationName=0x7f58c897233f "layerTreeAsText") at ../../Source/WebCore/bindings/js/JSDOMOperation.h:53 #22 0x00007f58c873b39a in WebCore::jsInternalsPrototypeFunctionLayerTreeAsText(JSC::JSGlobalObject*, JSC::CallFrame*) (lexicalGlobalObject=0x7f58543a3080, callFrame=0x7ffcd5813300) at DerivedSources/WebCore/JSInternals.cpp:7198 #23 0x00007f58cb787178 in () #24 0x00007ffcd5813390 in () #25 0x00007f59139e8886 in llint_op_call () at /app/webkit/Source/JavaScriptCore/llint/LowLevelInterpreter.asm:1047 #26 0x0000000000000000 in () The first exception is css3/filters/backdrop/backdrop-with-visibility-hidden.html, which crash in CGL::setContentsVisible(bool) instead of setFilters. The second exception is css3/filters/backdrop/backdrop-filter-does-not-size-properly-absolute.html failing due an unhandled value (AnimatedPropertyWebKitBackdropFilter?) in Animation::applyInternal. I tried reproducing locally but this test only ended with the backtrace above.
Attachments
Backtrace (77.54 KB, text/plain)
2020-08-05 20:49 PDT, Lauro Moura 		no flags
Details
Patch (11.35 KB, patch)
2020-08-20 06:42 PDT, Carlos Garcia Campos 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Carlos Garcia Campos
Comment 1 2020-08-17 07:32:09 PDT
I'm investigating this, I think this can only happen in layout tests, because RenderLayerCompositor::flushPendingLayerChanges() is called from RenderLayerCompositor::layerTreeAsText(). When not dumping layer tree, RenderLayerCompositor::flushPendingLayerChanges() is always called when CompositingCoordinator is flushing changes, so CoordinatedGraphicsLayer::notifyFlushRequired() returns early on if (m_coordinator->isFlushingLayerChanges()).
Carlos Garcia Campos
Comment 2 2020-08-20 06:42:46 PDT
Created attachment 406927 [details] Patch
EWS
Comment 3 2020-08-20 23:46:08 PDT
Committed r266000: <https://trac.webkit.org/changeset/266000> All reviewed patches have been landed. Closing bug and clearing flags on attachment 406927 [details].
Radar WebKit Bug Importer
Comment 4 2020-08-20 23:47:33 PDT
<rdar://problem/67534820>
Note You need to log in before you can comment on or make changes to this bug.