RESOLVED FIXED238953
This WebGL example crashes 
https://bugs.webkit.org/show_bug.cgi?id=238953
Summary This WebGL example crashes
Simon Fraser (smfr)
Reported 2022-04-07 12:24:11 PDT
https://gkjohnson.github.io/three-mesh-bvh/example/bundle/gpuPathTracing.html Crashes in ANGLE code.
Attachments
Patch (2.29 KB, patch)
2022-04-07 16:22 PDT, Kyle Piddington 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2022-04-07 12:24:34 PDT
<rdar://problem/91437430>
Simon Fraser (smfr)
Comment 2 2022-04-07 12:25:00 PDT
Termination Reason: Namespace SIGNAL, Code 11 Segmentation fault: 11 Terminating Process: exc handler [41876] VM Region Info: 0 is not in any region. Bytes before following region: 4351033344 REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL UNUSED SPACE AT START ---> __TEXT 103578000-10357c000 [ 16K] r-x/r-x SM=COW ...t.Development Application Specific Information: Bundle controller class: BrowserBundleController Enabled App Extensions: com.apple.ist.ds.appleconnect2.SafariExtension (APPLEBNISIGNED) (Version: 1743 - Display Version: 5.2) AppleConnect Safari Extension Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 libANGLE-shared.dylib 0x73a60ff31 sh::TIntermLoop::TIntermLoop(sh::TIntermLoop const&) + 29 1 libANGLE-shared.dylib 0x73a61ce79 sh::TIntermLoop::deepCopy() const + 59 2 libANGLE-shared.dylib 0x73a60d149 sh::TIntermBlock::TIntermBlock(sh::TIntermBlock const&) + 101 3 libANGLE-shared.dylib 0x73a61cb47 sh::TIntermBlock::deepCopy() const + 59 4 libANGLE-shared.dylib 0x73a637496 sh::(anonymous namespace)::MonomorphizeTraverser::visitAggregate(sh::Visit, sh::TIntermAggregate*) + 3074 5 libANGLE-shared.dylib 0x73a61bfb9 sh::TIntermTraverser::traverseAggregate(sh::TIntermAggregate*) + 53 6 libANGLE-shared.dylib 0x73a61bbed sh::TIntermTraverser::traverseUnary(sh::TIntermUnary*) + 75 7 libANGLE-shared.dylib 0x73a61b2b9 sh::TIntermNode::traverse(sh::TIntermTraverser*) + 137 8 libANGLE-shared.dylib 0x73a61bef2 sh::TIntermTraverser::traverseBlock(sh::TIntermBlock*) + 384 9 libANGLE-shared.dylib 0x73a61c9bf sh::TIntermTraverser::traverseLoop(sh::TIntermLoop*) + 169 10 libANGLE-shared.dylib 0x73a61bef2 sh::TIntermTraverser::traverseBlock(sh::TIntermBlock*) + 384 11 libANGLE-shared.dylib 0x73a61bd41 sh::TIntermTraverser::traverseFunctionDefinition(sh::TIntermFunctionDefinition*) + 167 12 libANGLE-shared.dylib 0x73a61bef2 sh::TIntermTraverser::traverseBlock(sh::TIntermBlock*) + 384 13 libANGLE-shared.dylib 0x73a63615d sh::MonomorphizeUnsupportedFunctions(sh::TCompiler*, sh::TIntermBlock*, sh::TSymbolTable*, unsigned long long) + 953 14 libANGLE-shared.dylib 0x73a73f567 sh::TranslatorMetalDirect::translateImpl(sh::TInfoSinkBase&, sh::TIntermBlock*, unsigned long long, sh::PerformanceDiagnostics*, sh::SpecConst*, sh::DriverUniformMetal*) + 387 15 libANGLE-shared.dylib 0x73a742a53 sh::TranslatorMetalDirect::translate(sh::TIntermBlock*, unsigned long long, sh::PerformanceDiagnostics*) + 175 16 libANGLE-shared.dylib 0x73a502689 sh::TCompiler::compile(char const* const*, unsigned long, unsigned long long) + 9269 17 libANGLE-shared.dylib 0x73a70279c rx::TranslateTask::operator()() + 318 18 libANGLE-shared.dylib 0x73a786604 angle::SingleThreadedWorkerPool::postWorkerTask(std::__1::shared_ptr<angle::Closure>) + 18 19 libANGLE-shared.dylib 0x73a787641 angle::WorkerThreadPool::PostWorkerTask(std::__1::shared_ptr<angle::WorkerThreadPool>, std::__1::shared_ptr<angle::Closure>) + 63 20 libANGLE-shared.dylib 0x73a702df5 rx::ShaderMtl::compile(gl::Context const*, gl::ShCompilerInstance*, unsigned long long) + 311 21 libANGLE-shared.dylib 0x73a6ff514 gl::Shader::compile(gl::Context const*) + 854 22 WebCore 0x743395fa8 WebCore::GraphicsContextGLANGLE::compileShader(unsigned int) + 120 23 WebCore 0x744811985 WebCore::WebGLRenderingContextBase::compileShader(WebCore::WebGLShader&) + 101 24 WebCore 0x743c27a50 WebCore::jsWebGL2RenderingContextPrototypeFunction_compileShader(JSC::JSGlobalObject*, JSC::CallFrame*) + 336 25 ??? 0x4ec48b20c038 ??? 26 JavaScriptCore 0x738e03a56 llint_entry + 118876 27 JavaScriptCore 0x738e03a56 llint_entry + 118876 28 JavaScriptCore 0x738e044a3 llint_entry + 121513 29 JavaScriptCore 0x738e03a56 llint_entry + 118876 30 JavaScriptCore 0x738e03a56 llint_entry + 118876 31 JavaScriptCore 0x738e03a56 llint_entry + 118876 32 JavaScriptCore 0x738e03a56 llint_entry + 118876 33 JavaScriptCore 0x738e03a56 llint_entry + 118876 34 ??? 0x4ec48b308540 ??? 35 ??? 0x4ec48b2f1dd7 ??? 36 JavaScriptCore 0x738e03a56 llint_entry + 118876 37 ??? 0x4ec48b2ffb4a ??? 38 JavaScriptCore 0x738de67f9 vmEntryToJavaScript + 216 39 JavaScriptCore 0x739457679 JSC::Interpreter::executeCall(JSC::JSGlobalObject*, JSC::JSObject*, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 521 40 JavaScriptCore 0x7396367b8 JSC::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 120 41 WebCore 0x7441bfe15 WebCore::JSCallbackData::invokeCallback(JSC::VM&, JSC::JSObject*, JSC::JSValue, JSC::MarkedArgumentBufferWithSize<8ul>&, WebCore::JSCallbackData::CallbackType, JSC::PropertyName, WTF::NakedPtr<JSC::Exception>&) + 325 42 WebCore 0x7432c0283 WebCore::JSRequestAnimationFrameCallback::handleEvent(double) + 371 43 WebCore 0x7445834be WebCore::ScriptedAnimationController::serviceRequestAnimationFrameCallbacks(WTF::Seconds) + 750 44 WebCore 0x744b16112 WebCore::Page::forEachDocumentFromMainFrame(WebCore::Frame const&, WTF::Function<void (WebCore::Document&)> const&) + 338 45 WebCore 0x744b10b8d WebCore::Page::updateRendering() + 909 46 WebKit 0x73b0de009 WebKit::TiledCoreAnimationDrawingArea::updateRendering(WebKit::TiledCoreAnimationDrawingArea::UpdateRenderingType) + 79 47 CoreFoundation 0x7ff804d43e80 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 23 48 CoreFoundation 0x7ff804d43d12 __CFRunLoopDoObservers + 543 49 CoreFoundation 0x7ff804d42810 CFRunLoopRunSpecific + 678 50 Foundation 0x7ff805b97b9a -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 216 51 Foundation 0x7ff805c226d7 -[NSRunLoop(NSRunLoop) run] + 76 52 libxpc.dylib 0x7ff8049c2816 _xpc_objc_main + 773 53 libxpc.dylib 0x7ff8049c2239 xpc_main + 99 54 WebKit 0x73ad7e11f WebKit::XPCServiceMain(int, char const**) + 276 55 dyld 0x10c95b50e start + 462
Brendan Duncan
Comment 3 2022-04-07 14:48:27 PDT
I filed an Angle bug for the shader compilation failure in this project at https://bugs.chromium.org/p/angleproject/issues/detail?id=7189
Kyle Piddington
Comment 4 2022-04-07 16:22:11 PDT
Created attachment 456984 [details] Patch
EWS Watchlist
Comment 5 2022-04-07 16:24:01 PDT
Note that there are important steps to take when updating ANGLE. See https://trac.webkit.org/wiki/UpdatingANGLE
EWS
Comment 6 2022-04-11 17:11:28 PDT
Committed r292743 (249527@main): <https://commits.webkit.org/249527@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 456984 [details].
Sam Sneddon [:gsnedders]
Comment 7 2022-05-16 15:41:47 PDT
Just to let everyone know, for those who care about Safari, the fix for this has shipped in Safari 15.5.
Kimmo Kinnunen
Comment 8 2022-08-01 23:38:23 PDT
ANGLE upstream fix in: https://bugs.chromium.org/p/angleproject/issues/detail?id=7518
Kimmo Kinnunen
Comment 9 2022-08-01 23:49:53 PDT
Last missing upstreaming hunk tracked here: https://bugs.chromium.org/p/angleproject/issues/detail?id=7542
Note You need to log in before you can comment on or make changes to this bug.