Created attachment 440593 [details] com.apple.WebKit.WebContent_2021-10-08-124039_Mac.crash Hi, Safari 15 is now crashing the tab when creating a WebGL canvas context. This is now blocking all users of Safari 15 from using our, and our customers, web apps. Unfortunately no console logs are available, but here is what the system console says - full log attached: Process: com.apple.WebKit.WebContent [87508] Path: /Library/Apple/*/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent Identifier: com.apple.WebKit.WebContent Version: 16612 (16612.1.29.41.4) Build Info: WebKit-7612001029041004~8 (612A78a) Code Type: X86-64 (Native) Parent Process: ??? [1] Responsible: Safari [87045] User ID: 501 Date/Time: 2021-10-08 12:40:34.829 +0100 OS Version: macOS 11.6 (20G165) Report Version: 12 Bridge OS Version: 3.0 (14Y908) Anonymous UUID: EE8A9404-E3A7-470C-9EC2-1B968DC00E20 Sleep/Wake UUID: B189040B-3AF0-490F-B83B-9312801AD26E Time Awake Since Boot: 400000 seconds Time Since Wake: 13000 seconds System Integrity Protection: enabled Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000000 Exception Note: EXC_CORPSE_NOTIFY Termination Signal: Segmentation fault: 11 Termination Reason: Namespace SIGNAL, Code 0xb Terminating Process: exc handler [87508] VM Regions Near 0: --> __TEXT 1070ca000-1070ce000 [ 16K] r-x/r-x SM=COW /Library/Apple/*/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent Application Specific Information: Bundle controller class: BrowserBundleController Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x00000005b8cd793c WebCore::GraphicsContextGLOpenGL::reshapeDisplayBufferBacking() + 188 1 com.apple.WebCore 0x00000005b82dd243 WebCore::GraphicsContextGLOpenGL::reshapeFBOs(WebCore::IntSize const&) + 451 2 com.apple.WebCore 0x00000005b82df2c3 WebCore::GraphicsContextGLOpenGL::reshape(int, int) + 547 3 com.apple.WebCore 0x00000005b96cdfe4 WebCore::WebGLRenderingContextBase::initializeNewContext() + 2324 4 com.apple.WebCore 0x00000005b96d9312 WebCore::WebGLRenderingContextBase::create(WebCore::CanvasBase&, WebCore::GraphicsContextGLAttributes&, WebCore::GraphicsContextGLWebGLVersion) + 2882 5 com.apple.WebCore 0x00000005b959325a WebCore::HTMLCanvasElement::createContextWebGL(WebCore::GraphicsContextGLWebGLVersion, WebCore::GraphicsContextGLAttributes&&) + 330 6 com.apple.WebCore 0x00000005b9592e92 WebCore::HTMLCanvasElement::getContext(JSC::JSGlobalObject&, WTF::String const&, WTF::Vector<JSC::Strong<JSC::Unknown, (JSC::ShouldStrongDestructorGrabLock)0>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&) + 1186 7 com.apple.WebCore 0x00000005b8640b6b WebCore::jsHTMLCanvasElementPrototypeFunction_getContext(JSC::JSGlobalObject*, JSC::CallFrame*) + 411 8 ??? 0x00004632a1a011d8 0 + 77183273931224 9 com.apple.JavaScriptCore 0x00000005bc49ac4e llint_entry + 112071 10 com.apple.JavaScriptCore 0x00000005bc49b939 llint_entry + 115378 11 com.apple.JavaScriptCore 0x00000005bc49ac4e llint_entry + 112071 12 com.apple.JavaScriptCore 0x00000005bc49ac4e llint_entry + 112071 13 com.apple.JavaScriptCore 0x00000005bc49abc9 llint_entry + 111938 14 com.apple.JavaScriptCore 0x00000005bc49abc9 llint_entry + 111938 15 com.apple.JavaScriptCore 0x00000005bc49abc9 llint_entry + 111938 16 com.apple.JavaScriptCore 0x00000005bc49ac4e llint_entry + 112071 17 com.apple.JavaScriptCore 0x00000005bc49ac4e llint_entry + 112071 18 com.apple.JavaScriptCore 0x00000005bc47f486 vmEntryToJavaScript + 216
This can be reproduced reliably on the websites listed on this GitHub issue thread: https://github.com/mrdoob/three.js/issues/22582 Some examples: - https://www.aquarium.ru/en - https://billie.withyoutube.com - https://voiceofracism.co.nz - https://augmentedperception.github.io/deepviewvideo/
Thanks for the report. This has since been fixed and will be shipped in the upcoming releases. *** This bug has been marked as a duplicate of bug 229309 ***
The workaround is to not request WebXR context.
Hi Kimmo, I'm not able to see that ticket, but our product is using WebGL, not WebXR. Do you mean that we should not use WebGL or WebXR at all? In any case, we and our customers would appreciate an update about when the fix, in whatever form it may take, will be shipped? Thanks.
Will: these samples
...oops, accidentally saved incomplete comment. Will: these samples are specifying the WebGL context creation attribute: xrCompatible: true and there was a bug in Safari's handling of this attribute. Hoping this is already better tested on WebKit's EWS bots.
> In any case, we and our customers would appreciate an update about when the fix, in whatever form it may take, will be shipped? Apple does not comment on future releases. This does, however, appear identical to bug 229309 from the stack; see what Ken said for some detail there.
Sam, I cannot see the content of that bug.
I don't have access to Bug 229309 (anymore?) either. :)
<rdar://problem/84297576>
Would you be able to provide the version number of Safari where this is resolved? I can still replicate this on the latest Safari Technical Preview on https://my.panomoments.com/u/dustinkerstein/m/havana-intersection
FYI, I just upgraded the three.js library on https://my.panomoments.com to r122 and this issue went away (though this unfortunately breaks the WebVR implementation - but I can live with that for now). Just wanted to let you know as you won't be able to replicate with that link above.
This no longer appears to be an issue in the latest beta of Safari (13th October 2021), but knowing when that will be GA and released would still be useful.