Bug 233712 - REGRESSION(r286209) [GTK][WPE] crashes in offscreen canvas tests that try to create a GL context
Summary: REGRESSION(r286209) [GTK][WPE] crashes in offscreen canvas tests that try to ...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Canvas (show other bugs)
Version: WebKit Nightly Build
Hardware: PC Linux
: P2 Major
Assignee: Kimmo Kinnunen
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-12-01 10:40 PST by Arcady Goldmints-Orlov
Modified: 2021-12-02 06:13 PST (History)
13 users (show)

See Also:

Attachments
Patch (2.10 KB, patch)
2021-12-02 05:02 PST, Kimmo Kinnunen 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Arcady Goldmints-Orlov 2021-12-01 10:40:55 PST 
The change in r286209 has caused a number of crashes in offscreen canvas tests on GTK and WPE (which only run on GTK and WPE):
  http/wpt/offscreen-canvas/getContext-webgl.html [ Crash ]
  http/wpt/offscreen-canvas/transferToImageBitmap-webgl.html [ Crash ]
  imported/w3c/web-platform-tests/html/canvas/offscreen/manual/the-offscreen-canvas/offscreencanvas.getcontext.html [ Crash ]
  imported/w3c/web-platform-tests/html/canvas/offscreen/manual/the-offscreen-canvas/offscreencanvas.getcontext.worker.html [ Crash ]
  imported/w3c/web-platform-tests/html/canvas/offscreen/manual/the-offscreen-canvas/offscreencanvas.resize.html [ Crash ]
  imported/w3c/web-platform-tests/html/canvas/offscreen/manual/the-offscreen-canvas/offscreencanvas.transfer.to.imagebitmap.html [ Crash ]
  imported/w3c/web-platform-tests/html/canvas/offscreen/manual/the-offscreen-canvas/offscreencanvas.transfer.to.imagebitmap.w.html [ Crash ]
  imported/w3c/web-platform-tests/html/canvas/offscreen/manual/the-offscreen-canvas/offscreencanvas.transferrable.html [ Crash ]
  imported/w3c/web-platform-tests/html/canvas/offscreen/manual/the-offscreen-canvas/offscreencanvas.transferrable.w.html [ Crash ]

With a backtrace like the following:
#0  0x00007f806d263347 in WebCore::WebGLRenderingContextBase::create(WebCore::CanvasBase&, WebCore::GraphicsContextGLAttributes&, WebCore::GraphicsContextGLWebGLVersion) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.1.so.0
#1  0x00007f806d1e9ccc in WebCore::OffscreenCanvas::createContextWebGL(WebCore::OffscreenCanvas::RenderingContextType, WebCore::GraphicsContextGLAttributes&&) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.1.so.0
#2  0x00007f806d1ea02e in WebCore::OffscreenCanvas::getContext(JSC::JSGlobalObject&, WebCore::OffscreenCanvas::RenderingContextType, WTF::Vector<JSC::Strong<JSC::Unknown, (JSC::ShouldStrongDestructorGrabLock)0>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.1.so.0
#3  0x00007f806c2e0447 in WebCore::jsOffscreenCanvasPrototypeFunction_getContext(JSC::JSGlobalObject*, JSC::CallFrame*) () at /app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.1.so.0
#4  0x00007f8021cff1d8 in  ()
#5  0x00007fff5faf3cb0 in  ()
#6  0x00007f80682dc20d in op_call_slow_return_location () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.1.so.0
#7  0x0000000000000000 in  ()

Not having debugged this in depth, my suspicion is that this change is not taking into account the offscreen case where hostWindow is null.
Comment 1 Kimmo Kinnunen 2021-12-02 05:02:59 PST 
Created attachment 445712 [details]
Patch
Comment 2 EWS 2021-12-02 06:11:58 PST 
Committed r286422 (244768@main): <https://commits.webkit.org/244768@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 445712 [details].
Comment 3 Radar WebKit Bug Importer 2021-12-02 06:13:23 PST 
<rdar://problem/85968413>