Bug 238953 - This WebGL example crashes
Summary: This WebGL example crashes
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebGL (show other bugs)
Version: Safari Technology Preview
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Kyle Piddington
URL: https://gkjohnson.github.io/three-mes...
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2022-04-07 12:24 PDT by Simon Fraser (smfr)
Modified: 2022-08-01 23:49 PDT (History)
9 users (show)

See Also:

Attachments
Patch (2.29 KB, patch)
2022-04-07 16:22 PDT, Kyle Piddington 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Fraser (smfr) 2022-04-07 12:24:11 PDT 
https://gkjohnson.github.io/three-mesh-bvh/example/bundle/gpuPathTracing.html

Crashes in ANGLE code.
Comment 1 Radar WebKit Bug Importer 2022-04-07 12:24:34 PDT 
<rdar://problem/91437430>
Comment 2 Simon Fraser (smfr) 2022-04-07 12:25:00 PDT 
Termination Reason:    Namespace SIGNAL, Code 11 Segmentation fault: 11
Terminating Process:   exc handler [41876]

VM Region Info: 0 is not in any region.  Bytes before following region: 4351033344
      REGION TYPE                    START - END         [ VSIZE] PRT/MAX SHRMOD  REGION DETAIL
      UNUSED SPACE AT START
--->  
      __TEXT                      103578000-10357c000    [   16K] r-x/r-x SM=COW  ...t.Development

Application Specific Information:
Bundle controller class:
BrowserBundleController
Enabled App Extensions:
com.apple.ist.ds.appleconnect2.SafariExtension (APPLEBNISIGNED) (Version: 1743 - Display Version: 5.2) AppleConnect Safari Extension


Thread 0 Crashed::  Dispatch queue: com.apple.main-thread
0   libANGLE-shared.dylib         	       0x73a60ff31 sh::TIntermLoop::TIntermLoop(sh::TIntermLoop const&) + 29
1   libANGLE-shared.dylib         	       0x73a61ce79 sh::TIntermLoop::deepCopy() const + 59
2   libANGLE-shared.dylib         	       0x73a60d149 sh::TIntermBlock::TIntermBlock(sh::TIntermBlock const&) + 101
3   libANGLE-shared.dylib         	       0x73a61cb47 sh::TIntermBlock::deepCopy() const + 59
4   libANGLE-shared.dylib         	       0x73a637496 sh::(anonymous namespace)::MonomorphizeTraverser::visitAggregate(sh::Visit, sh::TIntermAggregate*) + 3074
5   libANGLE-shared.dylib         	       0x73a61bfb9 sh::TIntermTraverser::traverseAggregate(sh::TIntermAggregate*) + 53
6   libANGLE-shared.dylib         	       0x73a61bbed sh::TIntermTraverser::traverseUnary(sh::TIntermUnary*) + 75
7   libANGLE-shared.dylib         	       0x73a61b2b9 sh::TIntermNode::traverse(sh::TIntermTraverser*) + 137
8   libANGLE-shared.dylib         	       0x73a61bef2 sh::TIntermTraverser::traverseBlock(sh::TIntermBlock*) + 384
9   libANGLE-shared.dylib         	       0x73a61c9bf sh::TIntermTraverser::traverseLoop(sh::TIntermLoop*) + 169
10  libANGLE-shared.dylib         	       0x73a61bef2 sh::TIntermTraverser::traverseBlock(sh::TIntermBlock*) + 384
11  libANGLE-shared.dylib         	       0x73a61bd41 sh::TIntermTraverser::traverseFunctionDefinition(sh::TIntermFunctionDefinition*) + 167
12  libANGLE-shared.dylib         	       0x73a61bef2 sh::TIntermTraverser::traverseBlock(sh::TIntermBlock*) + 384
13  libANGLE-shared.dylib         	       0x73a63615d sh::MonomorphizeUnsupportedFunctions(sh::TCompiler*, sh::TIntermBlock*, sh::TSymbolTable*, unsigned long long) + 953
14  libANGLE-shared.dylib         	       0x73a73f567 sh::TranslatorMetalDirect::translateImpl(sh::TInfoSinkBase&, sh::TIntermBlock*, unsigned long long, sh::PerformanceDiagnostics*, sh::SpecConst*, sh::DriverUniformMetal*) + 387
15  libANGLE-shared.dylib         	       0x73a742a53 sh::TranslatorMetalDirect::translate(sh::TIntermBlock*, unsigned long long, sh::PerformanceDiagnostics*) + 175
16  libANGLE-shared.dylib         	       0x73a502689 sh::TCompiler::compile(char const* const*, unsigned long, unsigned long long) + 9269
17  libANGLE-shared.dylib         	       0x73a70279c rx::TranslateTask::operator()() + 318
18  libANGLE-shared.dylib         	       0x73a786604 angle::SingleThreadedWorkerPool::postWorkerTask(std::__1::shared_ptr<angle::Closure>) + 18
19  libANGLE-shared.dylib         	       0x73a787641 angle::WorkerThreadPool::PostWorkerTask(std::__1::shared_ptr<angle::WorkerThreadPool>, std::__1::shared_ptr<angle::Closure>) + 63
20  libANGLE-shared.dylib         	       0x73a702df5 rx::ShaderMtl::compile(gl::Context const*, gl::ShCompilerInstance*, unsigned long long) + 311
21  libANGLE-shared.dylib         	       0x73a6ff514 gl::Shader::compile(gl::Context const*) + 854
22  WebCore                       	       0x743395fa8 WebCore::GraphicsContextGLANGLE::compileShader(unsigned int) + 120
23  WebCore                       	       0x744811985 WebCore::WebGLRenderingContextBase::compileShader(WebCore::WebGLShader&) + 101
24  WebCore                       	       0x743c27a50 WebCore::jsWebGL2RenderingContextPrototypeFunction_compileShader(JSC::JSGlobalObject*, JSC::CallFrame*) + 336
25  ???                           	    0x4ec48b20c038 ???
26  JavaScriptCore                	       0x738e03a56 llint_entry + 118876
27  JavaScriptCore                	       0x738e03a56 llint_entry + 118876
28  JavaScriptCore                	       0x738e044a3 llint_entry + 121513
29  JavaScriptCore                	       0x738e03a56 llint_entry + 118876
30  JavaScriptCore                	       0x738e03a56 llint_entry + 118876
31  JavaScriptCore                	       0x738e03a56 llint_entry + 118876
32  JavaScriptCore                	       0x738e03a56 llint_entry + 118876
33  JavaScriptCore                	       0x738e03a56 llint_entry + 118876
34  ???                           	    0x4ec48b308540 ???
35  ???                           	    0x4ec48b2f1dd7 ???
36  JavaScriptCore                	       0x738e03a56 llint_entry + 118876
37  ???                           	    0x4ec48b2ffb4a ???
38  JavaScriptCore                	       0x738de67f9 vmEntryToJavaScript + 216
39  JavaScriptCore                	       0x739457679 JSC::Interpreter::executeCall(JSC::JSGlobalObject*, JSC::JSObject*, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 521
40  JavaScriptCore                	       0x7396367b8 JSC::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 120
41  WebCore                       	       0x7441bfe15 WebCore::JSCallbackData::invokeCallback(JSC::VM&, JSC::JSObject*, JSC::JSValue, JSC::MarkedArgumentBufferWithSize<8ul>&, WebCore::JSCallbackData::CallbackType, JSC::PropertyName, WTF::NakedPtr<JSC::Exception>&) + 325
42  WebCore                       	       0x7432c0283 WebCore::JSRequestAnimationFrameCallback::handleEvent(double) + 371
43  WebCore                       	       0x7445834be WebCore::ScriptedAnimationController::serviceRequestAnimationFrameCallbacks(WTF::Seconds) + 750
44  WebCore                       	       0x744b16112 WebCore::Page::forEachDocumentFromMainFrame(WebCore::Frame const&, WTF::Function<void (WebCore::Document&)> const&) + 338
45  WebCore                       	       0x744b10b8d WebCore::Page::updateRendering() + 909
46  WebKit                        	       0x73b0de009 WebKit::TiledCoreAnimationDrawingArea::updateRendering(WebKit::TiledCoreAnimationDrawingArea::UpdateRenderingType) + 79
47  CoreFoundation                	    0x7ff804d43e80 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 23
48  CoreFoundation                	    0x7ff804d43d12 __CFRunLoopDoObservers + 543
49  CoreFoundation                	    0x7ff804d42810 CFRunLoopRunSpecific + 678
50  Foundation                    	    0x7ff805b97b9a -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 216
51  Foundation                    	    0x7ff805c226d7 -[NSRunLoop(NSRunLoop) run] + 76
52  libxpc.dylib                  	    0x7ff8049c2816 _xpc_objc_main + 773
53  libxpc.dylib                  	    0x7ff8049c2239 xpc_main + 99
54  WebKit                        	       0x73ad7e11f WebKit::XPCServiceMain(int, char const**) + 276
55  dyld                          	       0x10c95b50e start + 462
Comment 3 Brendan Duncan 2022-04-07 14:48:27 PDT 
I filed an Angle bug for the shader compilation failure in this project at https://bugs.chromium.org/p/angleproject/issues/detail?id=7189
Comment 4 Kyle Piddington 2022-04-07 16:22:11 PDT 
Created attachment 456984 [details]
Patch
Comment 5 EWS Watchlist 2022-04-07 16:24:01 PDT 
Note that there are important steps to take when updating ANGLE. See https://trac.webkit.org/wiki/UpdatingANGLE
Comment 6 EWS 2022-04-11 17:11:28 PDT 
Committed r292743 (249527@main): <https://commits.webkit.org/249527@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 456984 [details].
Comment 7 Sam Sneddon [:gsnedders] 2022-05-16 15:41:47 PDT 
Just to let everyone know, for those who care about Safari, the fix for this has shipped in Safari 15.5.
Comment 8 Kimmo Kinnunen 2022-08-01 23:38:23 PDT 
ANGLE upstream fix in:
https://bugs.chromium.org/p/angleproject/issues/detail?id=7518
Comment 9 Kimmo Kinnunen 2022-08-01 23:49:53 PDT 
Last missing upstreaming hunk tracked here:
https://bugs.chromium.org/p/angleproject/issues/detail?id=7542